Home » 2009 » June » 11 » Microsoft VBScript runtime error '800a000d' Type mismatch: 'cint' /UblogReload/index.asp
2:53 PM
Microsoft VBScript runtime error '800a000d' Type mismatch: 'cint' /UblogReload/index.asp
Well, this attack will never work because Wapiti is trying to include the
file boot.ini which is (as far as I know but I'm not a windows expert)
always on drive c:

The errormessage shows that the INETPUB Directory is on drive E: so
a simple directory traversal attack won't work (at least for this file).

--cut--
This runtime error, 800A000D occurs when you execute a VBScript. My
suggestion is that there is a VBScript statement that does not understand a
keyword you are using in your script. Alternatively, you may not be running
the script as an ordinary user and not as an Administrator.
--cut--
Source: http://www.computerperformance.co.uk/Logon/code/code_800A000D.htm

If you have access to the system you are testing, search for a file
on drive e: (maybe a txt or asp file which is part of the application) and
modify the wapiti URL.

Or (better) look at the soucecode of toplinks-archive-courses-spas.asp

Hope that helps...

Martin

-----Ursprüngliche Nachricht-----
Von: davemitch (at) mailinator (dot) com [email concealed] [mailto:davemitch (at) mailinator (dot) com [email concealed]]
Gesendet: Freitag, 7. März 2008 05:40
An: webappsec (at) securityfocus (dot) com [email concealed]
Betreff: post vulnerability scenario

hi list,
on using wapiti (a vulnerability scanner for web applications) on an
internal website, the output is a list of attack URLs like the one below

hxxp://***.****.***.***/pages/abstract.asp?paperid=..%2F..%2F..%2F..%2F.
.%2F
..%2F..%2F..%2F..%2F..%2Fboot.ini

On pasting the URL in a browser, the error message is like this

________________________________________________________________________
____
_______________________________
Microsoft VBScript runtime error '800a000d'

Type mismatch: '[string: "¿'"("]'

E:\INETPUB\VHOSTS\****.***.***\HTTPDOCS\WEBROOT\PAGES\../includes/toplin
ks-a
rchive-courses-spas.asp, line 1
________________________________________________________________________
____
_________________________________

What needs to be done next to exploit the vulnerability detected by wapiti ?
any suggestions or ideas are welcome.

thankx

------------------------------------------------------------------------
-
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web
application security assessments should be considered a crucial phase in the
development of any web application. What methodology should be followed?
What tools can accelerate the assessment process? Download this Whitepaper
today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F

------------------------------------------------------------------------
-

------------------------------------------------------------------------
-
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F

------------------------------------------------------------------------
Views: 8890 | Added by: Siegh_Wahrhreit | Tags: cracking, Microsoft VBScript runtime error '8, VBScript | Rating: 5.0/1
Total comments: 1
0
1 axrlugxv   [Entry]
pxzogymi

Name *:
Email *:
Code *: