10 lines
No EOL
432 B
Text
10 lines
No EOL
432 B
Text
source: http://www.securityfocus.com/bid/299/info
|
|
|
|
The full physical path name for the IIS web server root directory may be obtained by attempting to view a non-existent .IDC file. The web server will return an error message that lists the absolute pathname of the "missing" .IDC file.
|
|
|
|
"http://www.someURL.com/hackme.idc"
|
|
|
|
will return:
|
|
|
|
Error Performing Query
|
|
Error processing file 'c:\inetpub\scripts\samples\hackme.idc' |