Penetration Testing mailing list archives
Re: MDAC/ IIS / Shell Code Goodies
From: olle <olle () nxs se>
Date: Mon, 29 Jul 2002 10:34:51 +0200
On Sun, Jul 28, 2002 at 06:06:53PM +0800, McKenzie Family wrote:
(This seems to be an oldy but goody not affected by MS patches) Senario: (1) Win NT / IIS 4 (2) http://server/msadc/samples/adctest.asp found from whisker. Connection: DSN=AdvWorks Query: Select * from Products where ProductType='|shell("<<<INSERT>>>")|'From other peoples experience whats a good shell code to pipe into the fieldto test if its vulnerable.. Ive tried a few of the echo, rdisk, and copy of repair\sam._ to intedpub\wwwroot and then tried dloadin git from the web, but so far no response .... I take it that means that the version of MDAC has been upgraded and therefor not vulnerable even though the sample page still exist?
Adctest is just a clientside frontend for basic RDS functionality. What you are describing is exactly what the good old msadc.pl does. Read up on RDS, I recommend going to http://www.wiretrip.net/rfp/ /olle ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Pen-Testing contracts Johan Denoyer (Jul 17)
- RE: Pen-Testing contracts Password Crackers, Inc. (Jul 17)
- MDAC/ IIS / Shell Code Goodies McKenzie Family (Jul 28)
- Re: MDAC/ IIS / Shell Code Goodies olle (Jul 29)
- MDAC/ IIS / Shell Code Goodies McKenzie Family (Jul 28)
- Re: Pen-Testing contracts Bojan Zdrnja (Jul 18)
- RE: Pen-Testing contracts Password Crackers, Inc. (Jul 17)