RE: Pen Test help

["Juda Barnes" <judab () pent900 com>]

I allready used that I am unable to get win32_reverse or win32_bind

With the two exploits nsiislog_post   and webdav_ntdll

Any other ideas ? 

-----Original Message-----
From: er t [mailto:er587 () hotmail com] 
Sent: Friday, July 15, 2005 5:48 PM
To: securityfocus () mymail pent900 com; pen-test () securityfocus com
Subject: RE: Pen Test help

Try Metasploit

NSIISLOG.DLL  -
http://www.metasploit.com/projects/Framework/exploits.html#iis_nsiislog_post
WebDav Remote exploit  MS03-007 -
http://www.metasploit.com/projects/Framework/exploits.html#iis50_webdav_ntdl
l

-----Original Message-----
From: Juda Barnes [mailto:securityfocus () mymail pent900 com]
Sent: Thursday, July 14, 2005 2:57 PM
To: pen-test () securityfocus com
Subject: Pen Test help


Hi all

     i am doing Audit and pen test on machine till now i have figure out
that it is running
    on Microsoft Windows 2000 SP3 or maybe SP4  Default installation

    With WebDAV and FrontPage Installed



    FPSE 4.0.2.5526, Microsoft-IIS/5.0

    i used nessus and find the following vulnerbilities

   -----> Plugin ID 11412  - WebDav Remote exploit  MS03-007
   -----> Plugin ID 11664  - NSIISLOG.DLL
    Plugin ID 10661  - IIS5 .printer ISAP IPP
    Plugin ID 10695  - .IDA ISAPI  (MS01-033)


    also i have verifyed that the server have nsiislog by
http://server/scripts/nsiislog.dll
    i have tried to use the nsiislog exploit with no sucsseful ,

    i will appriciate any good links where can i read regarding the NSIISLOG
exploit or other exploits
    that i can find for that machine ( i wrote the vulnerabilities up there)


.er.587

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! 
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/