PCI compliance issue: directory traversal

1 posts, 0 answers
  1. Vikas
    Vikas avatar
    2 posts
    Member since:
    Apr 2016

    Posted 03 Jun Link to this post

    PCI scan shows following issue using securitymetrics.com: please suggest

     

    Synopsis:
    Arbitrary files may be modified on the remote host.
    Impact:
    The remote web server hosts CGI scripts that fail to adequately sanitize request strings and are affected by directory traversal or local file inclusion vulnerabilities. By leveraging this issue, an attacker may be able to modify arbitrary files on the web server or execute commands. Due to the way this flaw is tested, this script is prone to false positives. See also : http://en.wikipedia.org/wiki/Directory_traversal http://cwe.mitre.org/data/definitions/22.html http://projects.webappsec.org/Path-Traversal http://projects.webappsec.org/Null-Byte-Injection http://www.nessus.org/u?addbae30
    Resolution:
    Restrict access to the vulnerable application. Contact the vendor for a patch or upgrade.
    Data Received:
    Using the GET HTTP method, SecurityMetrics found that : + The following resources may be vulnerable to directory traversal (write access) : + The 'ctl00_WindowContact_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_RadWindowManager_Cl ientState=&ctl00_RadStyleSheetManager_TSSM=&ctl00_RadScriptManager_TSM=& ctl00_ContentPlaceHolder_WindowEventLocation_ClientState=&ctl00$compId=1 445&ctl00$affCompId=1445&ctl00$ContentPlaceHolder$hfUniqueId=05272016165 839604&ctl00$ContentPlaceHolder$default_header$hfUniqueId=05272016165839 604&ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople=Check%20dates&compa nyid=1445&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=&__VIEWSTATE=&__VI EWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165839604&ctl00$webUr l=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState=&ctl00_Content PlaceHolder_RadWindowManager1_ClientState=&ctl00_ContentPlaceHolder_Wind owEventDates_ClientState=&ctl00_ContentPlaceHolder_WindowEventDetails_Cl ientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_WindowTerms_Clie ntState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=&ctl0 0_WindowContact_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_RadWindowManager_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadStyleSheetManager_TSSM=&ctl00_RadScriptManager_TSM=&ctl 00_ContentPlaceHolder_WindowEventLocation_ClientState=&ctl00$compId=1445& ctl00$affCompId=1445&ctl00$ContentPlaceHolder$hfUniqueId=05272016165839 604&ctl00$ContentPlaceHolder$default_header$hfUniqueId=05272016165839604& ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople=Check%20dates&companyi d=1445&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=&__VIEWSTATE=&__VIEWS TATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165839604&ctl00$webUrl=& ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState=&ctl00_ContentPla ceHolder_RadWindowManager1_ClientState=&ctl00_ContentPlaceHolder_WindowE ventDates_ClientState=&ctl00_ContentPlaceHolder_WindowEventDetails_Clien tState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_WindowTerms_ClientS tate=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_R adWindowManager_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_RadStyleSheetManager_TSSM' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadScriptManager_TSM=& ctl00_ContentPlaceHolder_WindowEventLocation_ClientState=&ctl00$compId=1 445&ctl00$affCompId=1445&ctl00$ContentPlaceHolder$hfUniqueId=05272016165 839604&ctl00$ContentPlaceHolder$default_header$hfUniqueId=05272016165839 604&ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople=Check%20dates&compa nyid=1445&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=&__VIEWSTATE=&__VI EWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165839604&ctl00$webUr l=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState=&ctl00_Content PlaceHolder_RadWindowManager1_ClientState=&ctl00_ContentPlaceHolder_Wind owEventDates_ClientState=&ctl00_ContentPlaceHolder_WindowEventDetails_Cl ientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_WindowTerms_Clie ntState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=&ctl0 0_RadStyleSheetManager_TSSM=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_RadScriptManager_TSM' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_ContentPlaceHolder_WindowEventLocation_ClientState=&ctl00$com pId=1445&ctl00$affCompId=1445&ctl00$ContentPlaceHolder$hfUniqueId=052720 16165839604&ctl00$ContentPlaceHolder$default_header$hfUniqueId=052720161 65839604&ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople=Check%20dates& companyid=1445&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=&__VIEWSTATE=& __VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165839604&ctl00$ webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState=&ctl00_Co ntentPlaceHolder_RadWindowManager1_ClientState=&ctl00_ContentPlaceHolder _WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_WindowEventDetai ls_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_WindowTerms _ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=& ctl00_RadScriptManager_TSM=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_ContentPlaceHolder_WindowEventLocation_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00$compId=1445&ctl00$affCompId=1445& ctl00$ContentPlaceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlace Holder$default_header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHol der$btnUpdateNumberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT =&__EVENTTARGET=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334& ctl00$hfUniqueId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHold er_BookingTimeWindow_ClientState=&ctl00_ContentPlaceHolder_RadWindowMana ger1_ClientState=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=& ctl00_ContentPlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPr ivacyPolicy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTick etInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_ContentPlaceHolder_Wind owEventLocation_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00$compId' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$affCompId=1445&ctl00$ContentPlaceHolder$hfUniqu eId=05272016165839604&ctl00$ContentPlaceHolder$default_header$hfUniqueId =05272016165839604&ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople=Chec k%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=&__ VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165839 604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState =&ctl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_ContentP laceHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_Window EventDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_W indowTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_Cl ientState=&ctl00$compId=1445../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00$affCompId' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$ContentPlaceHolder$hfUniqueId =05272016165839604&ctl00$ContentPlaceHolder$default_header$hfUniqueId=05 272016165839604&ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople=Check%2 0dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=&__VIE WSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165839604& ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState=&c tl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_ContentPlac eHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_WindowEve ntDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_Wind owTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_Clien tState=&ctl00$affCompId=1445../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00$ContentPlaceHolder$hfUniqueId' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$default_header$hfUniqueId=05272016165839604&ctl00$ContentPlac eHolder$btnUpdateNumberOfPeople=Check%20dates&companyid=1445&__EVENTARGU MENT=&__EVENTTARGET=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B 0334&ctl00$hfUniqueId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlace Holder_BookingTimeWindow_ClientState=&ctl00_ContentPlaceHolder_RadWindow Manager1_ClientState=&ctl00_ContentPlaceHolder_WindowEventDates_ClientSt ate=&ctl00_ContentPlaceHolder_WindowEventDetails_ClientState=&ctl00_Wind owPrivacyPolicy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_Window TicketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00$ContentPlaceHolder$ hfUniqueId=05272016165839604../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00$ContentPlaceHolder$default_header$hfUniqueId' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpda teNumberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTA RGET=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUn iqueId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingT imeWindow_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_Client State=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_Cont entPlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy _ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTicketInfo_Clie ntState=&ctl00_rwm_ClientState=&ctl00$ContentPlaceHolder$default_header$ hfUniqueId=05272016165839604../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00$ContentPlaceHolder$btnUpdateNumberOfPeople' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&companyid=1445&__EVENTARGUMENT=&__E VENTTARGET=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl0 0$hfUniqueId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_Bo okingTimeWindow_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ ClientState=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl0 0_ContentPlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPrivacy Policy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTicketInf o_ClientState=&ctl00_rwm_ClientState=&ctl00$ContentPlaceHolder$btnUpdate NumberOfPeople=Check%20dates../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'companyid' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&__EVENTARGUMENT=&__EVENTTARGET=&__LASTFOCUS=& __VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165 839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientSt ate=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_Conte ntPlaceHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_Win dowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl0 0_WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm _ClientState=&companyid=1445../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The '__EVENTARGUMENT' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTTARGET=&__LASTFOCUS=&_ _VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=0527201616583 9604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientStat e=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_Content PlaceHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_Windo wEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_ WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_C lientState=&__EVENTARGUMENT=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The '__EVENTTARGET' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__LASTFOCUS=& __VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=05272016165 839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientSt ate=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_Conte ntPlaceHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_Win dowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl0 0_WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm _ClientState=&__EVENTTARGET=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The '__LASTFOCUS' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqueId=052720161 65839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_Client State=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_Con tentPlaceHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_W indowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ct l00_WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_r wm_ClientState=&__LASTFOCUS=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The '__VIEWSTATEGENERATOR' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&ctl00$hfUniqueId=05272016165839604&ctl00$we bUrl=&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState=&ctl00_Cont entPlaceHolder_RadWindowManager1_ClientState=&ctl00_ContentPlaceHolder_W indowEventDates_ClientState=&ctl00_ContentPlaceHolder_WindowEventDetails _ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl00_WindowTerms_C lientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=&_ _VIEWSTATEGENERATOR=CA0B0334../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00$webUrl' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00_ContentPlaceHolder_BookingTimeWindow_ClientS tate=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientState=&ctl00_Cont entPlaceHolder_WindowEventDates_ClientState=&ctl00_ContentPlaceHolder_Wi ndowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_ClientState=&ctl 00_WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rw m_ClientState=&ctl00$webUrl=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_ContentPlaceHolder_BookingTimeWindow_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_RadWindowMa nager1_ClientState=&ctl00_ContentPlaceHolder_WindowEventDates_ClientStat e=&ctl00_ContentPlaceHolder_WindowEventDetails_ClientState=&ctl00_Window PrivacyPolicy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTi cketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_ContentPlaceHolder_Bo okingTimeWindow_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_ContentPlaceHolder_RadWindowManager1_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_WindowEventDates_ClientStat e=&ctl00_ContentPlaceHolder_WindowEventDetails_ClientState=&ctl00_Window PrivacyPolicy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTi cketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_ContentPlaceHolder_Ra dWindowManager1_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_ContentPlaceHolder_WindowEventDates_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDetails_ClientState=&ctl00_Windo wPrivacyPolicy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowT icketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_ContentPlaceHolder_W indowEventDates_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_ContentPlaceHolder_WindowEventDetails_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_WindowP rivacyPolicy_ClientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTic ketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_ContentPlaceHolder_Win dowEventDetails_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_WindowPrivacyPolicy_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_Content PlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowTerms_ClientStat e=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=&ctl00_Wind owPrivacyPolicy_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_WindowTerms_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_Content PlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_Cl ientState=&ctl00_WindowTicketInfo_ClientState=&ctl00_rwm_ClientState=&ct l00_WindowTerms_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_WindowTicketInfo_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_Content PlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_Cl ientState=&ctl00_WindowTerms_ClientState=&ctl00_rwm_ClientState=&ctl00_W indowTicketInfo_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ + The 'ctl00_rwm_ClientState' parameter of the /default.aspx CGI : /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_Content PlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_Cl ientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientS tate=&ctl00_rwm_ClientState=../../../../../../../../../../windows/system 32/config/sam -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ /default.aspx?ctl00_wtmDataPolicy_ClientState=&ctl00_WindowContact_Clien tState=&ctl00_RadWindowManager_ClientState=&ctl00_RadStyleSheetManager_T SSM=&ctl00_RadScriptManager_TSM=&ctl00_ContentPlaceHolder_WindowEventLoc ation_ClientState=&ctl00$compId=1445&ctl00$affCompId=1445&ctl00$ContentP laceHolder$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$default _header$hfUniqueId=05272016165839604&ctl00$ContentPlaceHolder$btnUpdateN umberOfPeople=Check%20dates&companyid=1445&__EVENTARGUMENT=&__EVENTTARGE T=&__LASTFOCUS=&__VIEWSTATE=&__VIEWSTATEGENERATOR=CA0B0334&ctl00$hfUniqu eId=05272016165839604&ctl00$webUrl=&ctl00_ContentPlaceHolder_BookingTime Window_ClientState=&ctl00_ContentPlaceHolder_RadWindowManager1_ClientSta te=&ctl00_ContentPlaceHolder_WindowEventDates_ClientState=&ctl00_Content PlaceHolder_WindowEventDetails_ClientState=&ctl00_WindowPrivacyPolicy_Cl ientState=&ctl00_WindowTerms_ClientState=&ctl00_WindowTicketInfo_ClientS tate=&ctl00_rwm_ClientState=../../../../../../../../../../windows/system 32/config/sam {2} -------- output -------- HTTP/1.1 302 Found -------- vs -------- HTTP/1.1 200 OK ------------------------ 

Back to Top