Determine script name behind a mod_rewrite

Qouted from here :

0x32353031 said...

determining the script name is pretty easy.
just a lil trick to use:; echo -ne "POST /blog/category/webappsec/books/ HTTP/1.1\nHost: $H\nConnection: close\nContent-length: x\n\n" | nc $H 80 | less

note the content-length field's value... its invalid :P

This will produce a simple HTTP/1.1 413 Request Entity Too Large, with a common 413 error message/html followed by the site's code.

take a closer look...

HTTP/1.1 413 Request Entity Too Large
Date: Mon, 20 Sep 2010 14:56:41 GMT
Server: Apache
Connection: close
Content-Type: text/html; charset=iso-8859-1

html head
title 413 Request Entity Too Large /title
head body
h1 Request Entity Too Large /h1
The requested resource br / /blog/index.php br /

...etc html blah blah

rewite revealed, its pointin to /blog/index.php
apache bug/"feature", works most of the time.
thats all :)


Super nice hack.



Popular posts from this blog

Check SecStore KeyPhrase of Java Stack

Python: thread.error: can't start new thread