Penetration Testing mailing list archives
Re: Pen on IIS with webroot not on C
From: Nicolas Gregoire <ngregoire () exaprobe com>
Date: 12 Mar 2003 23:47:15 +0100
On Wed, 2003-03-12 at 10:54, A. Caruso wrote:
Most of the tools depend on the default install of IIS with webroot on c:. I've moved webroot to d: on my toybox and haven't been able to jump back to c: to get a shell (cmd). Does anyone know of a mechanism to "jump" file systems.
From unicoder.pl :
my @cdirs = qw (/scripts/ /msadc/ /iisadmpwd/ /_vti_bin/ /exchange/ /cgi-bin/ /pbserver/ /); So, we're here looking for some common directories, often located on the C: and whith the "exec" flag. And you need to find a directory located on a filesystem with interesting binaires, like cmd.exe You can't swap from disk to disk, because you're exploiting a "directory transversal sploit", and there's no root directory (aka /) in the Windows world. Regards, -- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoire () exaprobe com ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Pen on IIS with webroot not on C A. Caruso (Mar 12)
- Re: Pen on IIS with webroot not on C Javier Fernandez-Sanguino (Mar 13)
- Re: Pen on IIS with webroot not on C Nicolas Gregoire (Mar 13)
- <Possible follow-ups>
- Re: Pen on IIS with webroot not on C Chris McNab (Mar 13)