Metasploit mailing list archives
MS03-051
From: Glinares at PCOnsite.com (Greg Linares)
Date: Wed, 6 Sep 2006 10:52:24 -0700
Oh, I just misread his request, I thought he asked for a non-metasploit version of the exploit Oh well, yeah that iis_fp30reg_chunked exploit has its limitations, I think it just runs code in the context of IUSR_BROWSER, although there is a plethora of pipe-hijacking\privlidge escalation code that could be ran in conjuction with it. -----Original Message----- From: H D Moore [mailto:hdm at metasploit.com] Sent: Wednesday, September 06, 2006 10:42 AM To: framework at metasploit.com Subject: Re: [framework] MS03-051 The exploit has been part of the Framework for a couple years. You can find it listed as iis_fp30reg_chunked.pm. Let me know if run into any trouble exploiting it. Funny that nobody actually looked :-) http://metasploit.com/projects/Framework/exploits.html#iis_fp30reg_chunk ed -HD On Wednesday 06 September 2006 07:31, jack ciabatta wrote:
I know, isn't a recent bug, but anyone have a no-ufficial metasploit module? It could be very useful. (http://www.securiteam.com/exploits/6A00J1P8UQ.html)
Current thread:
- MS03-051 jack ciabatta (Sep 06)