carnal0wnage [Shared Reader]

Tuesday, May 29, 2012

From LOW to PWNED [12] Trace.axd

Post [12] Trace.axd


"Trace.axd is an Http Handler for .Net  that can be used to view the trace details for an application. This file resides in the application’s root directory. A request to this file through a browser displays the trace log of the last n requests in time-order, where n is an integer determined by the value set by requestLimit=”[n]” in the application’s configuration file."
http://www.ucertify.com/article/what-is-traceaxd.html

It is a separate file to store tracing messages. If you have pageOutput set to true, your webpage will acquire a large table at the bottom. That will list lots of information—the trace information. trace.axd allows you to see traces on a separate page, which is always named trace.axd.
http://www.dotnetperls.com/trace

LOW? Actually a Medium.




What can I do with it?

  • Read ALL variables and data from HTTP requests
  • POST requests rock! ?

Discovery?

  • Metasploit
  • Vuln Scanners
Metasploit

Example

Main trace.axd page

Viewing a request

Post request with creds

-CG


1 comment:

Aditya said...

Its interesting always to find information from trace files. Also the misconfiguration in web servers allow the tester to access content over https when it is not allowed over http. Just wrote something about it by taking an example of trace.axd file.

http://zeroknock.blogspot.com/2012/05/traversing-traceaxd-and-miconfiguration.html