Martin, On Wed, Jan 19, 2011 at 2:04 PM, Martin Tartarelli <martin.tartare...@gmail.com> wrote: > Note that.. > > <prod_domain> is variable > (is used by referencing the environment) > > <domain>, <prod_domain>, <desa_domain>, others
Just to be 100% sure of what I'm going to put in the code, if for example the domain is www.google.com we should try to find the following: /wldomains/prod_domain/config/jdbc/www.google.com.xml /wldomains/prod_domain/config/jdbc/google.com.xml /wldomains/prod_domain/config/jdbc/google.xml /wldomains/prod_domain/config/jdbc/prod_www.google.com.xml /wldomains/prod_domain/config/jdbc/prod_google.com.xml /wldomains/prod_domain/config/jdbc/prod_google.xml /wldomains/prod_domain/config/jdbc/dev_www.google.com.xml /wldomains/prod_domain/config/jdbc/dev_google.com.xml /wldomains/prod_domain/config/jdbc/dev_google.xml /wldomains/prod_domain/config/jdbc/test_www.google.com.xml /wldomains/prod_domain/config/jdbc/test_google.com.xml /wldomains/prod_domain/config/jdbc/test_google.xml Please note that I translated "desa" to "dev" but I'm not sure if that's fine. > Cheers > > 2011/1/19 Martin Tartarelli <martin.tartare...@gmail.com>: >> Add other useful files... >> >> #Oracle BEA Weblogic >> /wldomains/prod_domain/config/jdbc/<jdbcname>.xml >> >> Each file (jdbc) contains: >> - IP Addres Database >> - Port Database >> - Database Name >> - User >> - Password (Plain Text or 3DES) >> >> Cheers >> >> 2010/12/18 Andres Riancho <andres.rian...@gmail.com>: >>> Martin, >>> >>> Ahh! And I forgot to say thanks! :) >>> >>> All contributions like these are welcome, we need all the >>> information we can get to increase our payload's coverage! >>> >>> Regards, >>> >>> On Fri, Dec 17, 2010 at 12:54 PM, Martin Tartarelli >>> <martin.tartare...@gmail.com> wrote: >>>> Reading on another list about using w3af payload would like to share >>>> some files I have in mind and perhaps can be used. >>>> >>>> #/payloads/svn_config_files.py >>>> >>>> /etc/apache2/dav_svn.passwd >>>> /etc/apache2/dav_svn.password >>>> /etc/apache2/httpd.conf >>>> /etc/apache2/svn.conf (is a common link to >>>> /etc/apache2/conf.d/subversion.conf) >>>> >>>> >>>> #Tomcat >>>> >>>> /opt/tomcat/conf/logging.properties >>>> /opt/tomcat/conf/server.xml >>>> /opt/tomcat/conf/tomcat-users.xml (user,pass and roles) >>>> >>>> >>>> #Oracle BEA Weblogic >>>> >>>> /wldomains/nodemanager/nodemanager.domains >>>> /wldomains/nodemanager/wluserkeyfile.secure >>>> /wldomains/nodemanager/wluserconfigfile.secure >>>> /wldomains/nodemanager/nodemanager.properties >>>> >>>> >>>> Cheers >>>> >>>> -- >>>> Martin Tartarelli >>>> Linux User #476492 >>>> http://owasp.org/index.php/Argentina >>>> -- >>>> >>>> ------------------------------------------------------------------------------ >>>> Lotusphere 2011 >>>> Register now for Lotusphere 2011 and learn how >>>> to connect the dots, take your collaborative environment >>>> to the next level, and enter the era of Social Business. >>>> http://p.sf.net/sfu/lotusphere-d2d >>>> _______________________________________________ >>>> W3af-develop mailing list >>>> W3af-develop@lists.sourceforge.net >>>> https://lists.sourceforge.net/lists/listinfo/w3af-develop >>>> >>> >>> >>> >>> -- >>> Andrés Riancho >>> Director of Web Security at Rapid7 LLC >>> Founder at Bonsai Information Security >>> Project Leader at w3af >>> >> >> >> >> -- >> Martin Tartarelli >> Linux User #476492 >> http://owasp.org/index.php/Argentina >> -- >> > > > > -- > Martin Tartarelli > Linux User #476492 > http://owasp.org/index.php/Argentina > -- > -- Andrés Riancho Director of Web Security at Rapid7 LLC Founder at Bonsai Information Security Project Leader at w3af ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ W3af-develop mailing list W3af-develop@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/w3af-develop
