Penetration Testing mailing list archives
Re: [PEN-TEST] CmdAsp.asp
From: "O'Kelly, Aidan" <okelly () XNET IE>
Date: Thu, 1 Feb 2001 09:25:16 -0000
It is an exploit, it gets you Administrator privs. There was an exploit released that uploaded the asp using the unicode bug and bound a command shell to a port, http://www.eeye.com/html/advisories/IISHack1.5.zip
Current thread:
- Re: [PEN-TEST] CmdAsp.asp O'Kelly, Aidan (Feb 01)