|
|||||||
 |
|
|
LinkBack | Thread Tools | Search this Thread | Rate Thread | Display Modes |
09-30-2003, 09:54 PM
|
#1 |
|
Member (3 bit)
Join Date: Sep 2003
Posts: 4
|
Hacking
Hi,
I've been studying internet security on websites. I am helping out in the development of security for a website. There is a "Corporate Entrance" page, and in the javascript for the password box, the code goes to the password you type in .html in the address bar. So, the corporate entrance page could be acceseed by typing: www.website.com/password.html. Isn't this fairly poor security? If an attacker could get a Parent Diretory of the site or a list of the pages on the site, he or she could access the page; am I right? Is it possible to get a listing of the pages on any website, like going to www.site.com/images or something like that, but of all the pages on a site? It is not a Unix server so an attacker could not just telent and run ls. By the way, the site is www...........com and if you can break into the corporate entrance and tell me how that would help. Thanks so much! Last edited by Statica; 10-01-2003 at 06:19 AM. |
|
|
10-01-2003, 06:18 AM
|
#2 |
|
Premium Member
Join Date: Jun 1999
Posts: 9,231
|
x-posted. Please view the answer from -
http://forum.pcmech.com/showthread.p...709#post536709 |
|
|
|
| Bookmarks |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
Linear Mode
