On Fri Feb 16 2007 at 16:26, George A. Theall wrote: > It probably is a browser issue -- some exploits are sensitive to the > format of the request, and browsers can encode the URLs before sending > them.
IIRC, it is not really a matter of "encoding", but rather the browser simplifying the request by striping useles /../ > To be sure, you could test by telnet'ing into the web server and > issuing the command by hand. Telnet might fail in some cases. Netcat is better: echo -e 'GET ..\\..\\..\\..\\..\\..\\windows\\win.ini HTTP/1.1\r\nHost: IP\r\n\r\n' | nc IP 80 -- http://www.bigfoot.com/~arboi http://ma75.blogspot.com/ PGP key ID : 0x0BBABA91 - 0x1320924F0BBABA91 Fingerprint: 1048 B09B EEAF 20AA F645 2E1A 1320 924F 0BBA BA91 _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
