On 15 April 2011 00:25, Steve Syfuhs <ssyfuhs (at) objectsharp (dot) com [email concealed]> wrote:
> What are the read/write permissions on your page versus the permissions on the working pages?
>
Don't know, the FTP server wasn't showing permissions and it was while
on site so I can't look back now.
Robin
> -- Sent from my Windows Phone 7 --
>
> -----Original Message-----
> From: Robin Wood
> Sent: Thursday, April 14, 2011 7:23 PM
> To: Calderon, Juan Carlos (GE, Corporate, consultant)
> Cc: webappsec (at) securityfocus (dot) com [email concealed]
> Subject: Re: .asp giving 404
>
>
> On 13 April 2011 14:37, Calderon, Juan Carlos (GE, Corporate,
> consultant) <juan.calderon (at) ge (dot) com [email concealed]> wrote:
>> 3 things on top of my mind
>>
>> 1. Your page is doing a "unaware" redirection to a non existing page, so
>> it is loaded, but then it redirects you (or transfer you, they are
>> different in ASP) and you get the 404 error massage
>
> I tried a page that purely did a response.write and that failed.
>
>> 2. Antivirus is detecting and removing the shell or putting it on
>> quarantine (not likely if it is a web page)
>
> as above, that wouldn't have been blocked
>
>> 3. IIS server is hardened and classic asp pages are "served" by 404.dll
>> a dll created by MS to prevent access to pages of certain type.
>>
>
> The existing .asp pages worked fine.
>
> From memory I think it has to do with either ownership or permissions
> on the files but I can't remember enough about it.
>
> Robin
>
>> Hope it helps,
>> Juan C Calderon
>>
>> -----Original Message-----
>> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
>> On Behalf Of Robin Wood
>> Sent: Tuesday, April 12, 2011 12:00 PM
>> To: webappsec (at) securityfocus (dot) com [email concealed]
>> Subject: .asp giving 404
>>
>> On a recent test I got FTP write access to a web server which had an ASP
>> based site on it. I uploaded an ASP shell and tried to browse to it but
>> got a 404. I uploaded it to a directory that had directory listing
>> enabled and confirmed the file was there but again browsing to it gave a
>> 404.
>>
>> I uploaded a text file and image and could browse to both of those fine.
>>
>> I also tried downloading an existing page and modifying that then
>> re-uploading it but didn't have permission to overwrite the file.
>>
>> I vaguely remember something to do with file permissions having to be
>> set correctly for ASP to run from years ago when I did some dev work in
>> it but can't remember. Can someone tell me what was likely to have been
>> going on and if there is any way around it given the access I had?
>>
>> Robin
>>
>>
>>
>> This list is sponsored by Cenzic
>> --------------------------------------
>> Let Us Hack You. Before Hackers Do!
>> It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> Request Yours Now!
>> http://www.cenzic.com/2009HClaunch_Securityfocus
>> --------------------------------------
>>
>>
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
> What are the read/write permissions on your page versus the permissions on the working pages?
>
Don't know, the FTP server wasn't showing permissions and it was while
on site so I can't look back now.
Robin
> -- Sent from my Windows Phone 7 --
>
> -----Original Message-----
> From: Robin Wood
> Sent: Thursday, April 14, 2011 7:23 PM
> To: Calderon, Juan Carlos (GE, Corporate, consultant)
> Cc: webappsec (at) securityfocus (dot) com [email concealed]
> Subject: Re: .asp giving 404
>
>
> On 13 April 2011 14:37, Calderon, Juan Carlos (GE, Corporate,
> consultant) <juan.calderon (at) ge (dot) com [email concealed]> wrote:
>> 3 things on top of my mind
>>
>> 1. Your page is doing a "unaware" redirection to a non existing page, so
>> it is loaded, but then it redirects you (or transfer you, they are
>> different in ASP) and you get the 404 error massage
>
> I tried a page that purely did a response.write and that failed.
>
>> 2. Antivirus is detecting and removing the shell or putting it on
>> quarantine (not likely if it is a web page)
>
> as above, that wouldn't have been blocked
>
>> 3. IIS server is hardened and classic asp pages are "served" by 404.dll
>> a dll created by MS to prevent access to pages of certain type.
>>
>
> The existing .asp pages worked fine.
>
> From memory I think it has to do with either ownership or permissions
> on the files but I can't remember enough about it.
>
> Robin
>
>> Hope it helps,
>> Juan C Calderon
>>
>> -----Original Message-----
>> From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]]
>> On Behalf Of Robin Wood
>> Sent: Tuesday, April 12, 2011 12:00 PM
>> To: webappsec (at) securityfocus (dot) com [email concealed]
>> Subject: .asp giving 404
>>
>> On a recent test I got FTP write access to a web server which had an ASP
>> based site on it. I uploaded an ASP shell and tried to browse to it but
>> got a 404. I uploaded it to a directory that had directory listing
>> enabled and confirmed the file was there but again browsing to it gave a
>> 404.
>>
>> I uploaded a text file and image and could browse to both of those fine.
>>
>> I also tried downloading an existing page and modifying that then
>> re-uploading it but didn't have permission to overwrite the file.
>>
>> I vaguely remember something to do with file permissions having to be
>> set correctly for ASP to run from years ago when I did some dev work in
>> it but can't remember. Can someone tell me what was likely to have been
>> going on and if there is any way around it given the access I had?
>>
>> Robin
>>
>>
>>
>> This list is sponsored by Cenzic
>> --------------------------------------
>> Let Us Hack You. Before Hackers Do!
>> It's Finally Here - The Cenzic Website HealthCheck. FREE.
>> Request Yours Now!
>> http://www.cenzic.com/2009HClaunch_Securityfocus
>> --------------------------------------
>>
>>
>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>
>
This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------
[ reply ]