Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] CmdAsp.asp

From: "O'Kelly, Aidan" <okelly () XNET IE>
Date: Thu, 1 Feb 2001 09:25:16 -0000
It is an exploit, it gets you Administrator privs. There was an exploit
released that uploaded the asp using the unicode bug and bound a command
shell to a port, http://www.eeye.com/html/advisories/IISHack1.5.zip
Previous By Date Next
Previous By Thread Next

Current thread: