Re: cmdasp.asp & unicode

["CT" <ct () arnet com ar>]

:) You are a spanish guy... I wrote some for this bug ( unicode/decode/code
red II ) in spanish, how to exploit them and fix it:
www.heinekenteam.com/cursos/iis
Best regards

CyRaNo
Carpe Noctem

----- Original Message -----
From: "César González" <cesar () eureka-sistemas com>
To: "Penetration Testers" <PEN-TEST () SECURITYFOCUS COM>
Sent: Thursday, August 16, 2001 8:28 AM
Subject: cmdasp.asp & unicode


> Hello all,
>
> First of all, Thankx H.D. Moore for the reply to my last post
("Imformation
> about mkilog.exe") and sorry about my poor english ;).
> I am finishing a pen-test to a company and my customer said to me to try
to
> grab te data of the database.  The machine who runs the databas soft, runs
> IIS too, and it ts vulnerable to an UNICODE exploit. I have uploaded the
> cmdasp.asp script but it seems to fail in some operations like deleting
> files.  For example : I upload cmdasp.asp to c:\inetpub\scripts\ with the
> tftp trick but when i try to delete the file itself i got permision
denied.
> The user under the script runs is  IUSR_SIVAC. (sivac is the database and
the
> name of the computer in the windows network)
> My questions are : ¿Why cant i delete the files i have uploaded to
> c:\inetpub\scripts? The user SIVAC should be allowed... if i can write in
the
> directory i should be allowed to delete too, isnt it?. ¿Could I force to
> change the user under the cmd.asp.asp runs?
>
> Thanks in advance.
>
> César González Revilla
> Eureka Sistemas S.L.
> C/ San Fernando 16 bajo
> 39010 Santander


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/