Michel Arboi wrote:
On Wed Jun 22 2005 at 21:45, Max Andersen wrote:GET /%5c/ HTTP/1.1Wrong. You need to give a Host field.
ok, I'll use netcat instead, with the code you suggest.
Anyone got an idea on why Nessus reports a positive?1. You are right as far as the %00 is concerned: something is missing. 2. Although the code is not clear, the plugin checks that there is no directory index with a normal / request (some servers have no index.html page). So it should not do a FP. Rather than using Telnet, try something like this: echo -e 'GET /%00/ HTTP/1.1\r\nHost: yourhost\r\n\r\n' | nc youhost 80
Here's the output from your command: HTTP/1.1 400 Bad Request Content-Length: 0 Server: Allegro-Software-RomPager/3.10
I'll add some debug messages (-> nessusd.dump) to this plugin, just in case.
I just started a scan with only port 3052 and weblogic plugin enabled, and the only thing in nessusd.dump is :
error: 'kern.maxfiles' is an unknown key And the report shows the same output as before.Thx. I will try to sniff the network traffic, and mail it to you directly if that's ok? (and to George Theall, also?).
Sincerely Max Andersen
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
