|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Another interesting Cart32 command
From: cassius
HUSHMAIL.COMDate: Wed May 03 2000 - 03:39:26 CDT
- Next message: Justin Tripp: "Security Bulletins Digest (fwd)"
- Previous message: Thomas Biege: "Re: SuSE 6.3 Gnomelib buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Another interesting Cart32 command
example: http://example.com/cgi-bin/cart32.exe/expdate
This causes an error and displays a debugging page with server variables,
the
contents of the Cart32 administration directory and sometimes, the contents
of cgi-bin.
This makes it easy to spot misconfigured Cart32 installs (customer databases
installed to the cgi-bin directory.)
You could fix this one in a hexeditor by changing the /EXPDATE string to
something random.
/fx7#d+ <--- free pseudo-random string
-Cassius
IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.
- Next message: Justin Tripp: "Security Bulletins Digest (fwd)"
- Previous message: Thomas Biege: "Re: SuSE 6.3 Gnomelib buffer overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]