[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] FYI Only - Interesting Dot Net configuration item

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] FYI Only - Interesting Dot Net configuration item
From: H D Moore <fdlist@xxxxxxxxxxxxxxxxxx>
Date: Tue, 8 Jun 2004 15:12:00 -0500

Hi Dan,

That is hilarious, check out the two ASP.Net presentations below :)

http://www.digitaldefense.net/labs/presentations/Breaking.ASP.NET/
http://metasploit.com/confs/index.html

-HD

On Tuesday 08 June 2004 12:53, DAN MORRILL wrote:
> Trace dot axd is a tracing function that can be controlled in the
> web.config file. 

> Web.config file holds configuration data for dot net for the web
> server. 

> all source files (.CS or .VB) can provide information about how the web
> application is set up,

> Just thought I would pass this along as I have not seen anything like
> this posted on the network at all. 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] FYI Only - Interesting Dot Net configuration item
  - From: DAN MORRILL

Prev by Date: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Discovered!
Next by Date: Re: [Full-Disclosure] Possible First Crypto Virus Definitely Disc overed!
Previous by thread: [Full-Disclosure] FYI Only - Interesting Dot Net configuration item
Next by thread: [Full-Disclosure] unauthorized deletion of IPsec SAs in isakmpd, still
Index(es):
- Date
- Thread