|Main Archive Page > Month Archives > websecurity archives|
HI.. I am trying to do a pen test to my friend's web server. I did the OPTIONS * HTTP/1.0, and get the reply back. The server allows PUT, DELETE etc.
So I'm trying to add a file remotely using this command
PUT /test.html HTTP/1.1
Host : target_hostname
Content-Length : 10
When i hit enter several times.. I got the 403 forbidden request. I know this happens because the directory is not writable for me.
The questions are :
1. Actually how to test properly if the directory is writable or not?
2. How to properly issue the command PUT? I've use several tools like http://www.webdav.org/cadaver/ on fedora and winie.
3. Is it possible to add a file remotely using this PUT method?