Penetration Testing mailing list archives
/_vti_bin/_vti_aut/admin question
From: "Gary O'leary-Steele" <GaryO () sec-1 com>
Date: Tue, 18 Sep 2001 10:54:16 +0100
Hi, I am performing an audit against a web server with iis 5.0 with front page installed. I can get read access to /_vti_bin/_vti_aut/admin.dll & admin.exe. I have tried to publish pages using FrontPage with no success. Can anyone advise of ways to utilise these executables to gain access? Kind Regards Gary O'leary-Steele Technical Consultant Email: GaryO () sec-1 com Web Site: www.sec-1.com ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------- The contents of this Email may be privileged and are confidential. It may not be disclosed to or used by anyone other than the addressee(s), nor copied in any way. If received in error, please advise the sender, then delete from your system. The opinions expressed within this email represent those of the individual and not necessarily those of Sec-1 ltd. Should you wish to use Email as a mode of communication, Sec-1 ltd are unable to guarantee the security of Email content outside of our own computer systems. ---------------------------------------------------------------------------- ------------------------------------ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- /_vti_bin/_vti_aut/admin question Gary O'leary-Steele (Sep 18)