On Fri, Jan 23, 2004 at 03:46:08PM -0700, Brecrost Jones wrote: > I'm sorry if this is not the right place for this question, but I'm curious > (and a little concerned) about how the office_files.nasl plugin works. If > I have directory listings turned off on my webserver, how is this plugin > able to find arbitrarily named .doc, .xls, .pdf, etc. files? > > I know security by obscurity is a bad idea, but I'm curious how this plugin > can find my lksjlksjdflksjlk.pdf file?
What kind of web server are you running, and where is the file stored ? (ie: under which directory). Nessus's web crawler includes some commands to force a directory listing, and that sometimes work. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
