1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

I've run into an area where i shouldn't have access..

Discussion in 'Plesk for Linux - 8.x and Older' started by admin123, Jun 4, 2005.

  1. admin123

    admin123 Guest

    0
     
    http://www.********.com/admin/

    I typed the above in by accident and was able to get into the above directory which doesn't even exist and this is what it lists:

    [DIR] Parent Directory -
    [TXT] admin.css 29-Jul-2004 05:13 2.0K
    [ ] banner.jsp 29-Jul-2004 05:13 2.1K
    [ ] blank.jsp 29-Jul-2004 05:13 526
    [ ] buttons.jsp 29-Jul-2004 05:13 441
    [DIR] connector/ 30-May-2005 08:10 -
    [DIR] context/ 30-May-2005 08:10 -
    [DIR] defaultcontext/ 30-May-2005 08:10 -
    [ ] dumpRegistry.jsp 29-Jul-2004 05:13 1.0K
    [ ] dumpServer.jsp 29-Jul-2004 05:13 796
    [ ] error.jsp 29-Jul-2004 05:13 716
    [TXT] footer.jsp 19-Mar-2004 06:49 0
    [ ] header.jsp 29-Jul-2004 05:13 309
    [DIR] host/ 30-May-2005 08:10 -
    [DIR] images/ 30-May-2005 08:10 -
    [ ] index.jsp 29-Jul-2004 05:13 1.0K
    [DIR] logger/ 30-May-2005 08:10 -
    [ ] login.jsp 29-Jul-2004 05:13 2.6K
    [DIR] realm/ 30-May-2005 08:10 -
    [DIR] resources/ 30-May-2005 08:10 -
    [ ] saved.jsp 29-Jul-2004 05:13 968
    [DIR] server/ 30-May-2005 08:10 -
    [DIR] service/ 30-May-2005 08:10 -
    [TXT] tree-control-test.css 29-Jul-2004 05:13 325
    [ ] tree-control-test.jsp 29-Jul-2004 05:13 824
    [DIR] users/ 30-May-2005 08:10 -
    [DIR] valve/


    ...And when I click on "Parent Directory" link, it takes me here:

    This is the placeholder for domain *******.com. If you see this page after uploading site content you probably have not replaced the index.html file.

    This page has been automatically generated by Plesk.

    ....Anybody got a clue where this directory came from, where it is and why i can have direct access to it like this.

    thanks
     
  2. jamesyeeoc

    jamesyeeoc Guest

    0
     
    Looks like the Tomcat admin stuff. Do a locate command

    locate tree-control-test.jsp

    and on a default Plesk 7.5.3 you should only have a single occurence of the file in

    /var/tomcat4/server/webapps/admin/ folder

    But normally on a default Plesk server that shouldn't happen. Did you maybe do a separate tomcat (or JSP) related install?? Maybe Jakarta?

    Plesk does install Tomcat 4 / Jakarta for use in the control panel, but other than linking it to port 8443, the only other way to bring up the admin page/folder would be to browse:

    http://domain.tld:8080
    http://domain.tld:8080/admin

    AFAIK anyways...
     
Loading...