Penetration Testing mailing list archives
[PEN-TEST] Unicode Command Execution
From: Parth Galen <parth_galen () lycos com>
Date: Tue, 14 Nov 2000 11:06:48 -0500
The one problem I am having with this exploit is envoking cmd.exe when the IIS web root is on a different drive. If IIS is installed on D:, how do you launch cmd.exe (anything) when it is on C: ? I have been playing the msadc's approach, but not getting it to work... Any ideas? Get FREE Email/Voicemail with 15MB at Lycos Communications at http://comm.lycos.com
Current thread:
- [PEN-TEST] Unicode Command Execution Parth Galen (Nov 15)
- Re: [PEN-TEST] Unicode Command Execution Roberto Poblete (Nov 16)