Penetration Testing mailing list archives
Re: Sam File via IIS flaw
From: "Jerome Athias" <jerome.athias () free fr>
Date: Thu, 30 Jun 2005 12:46:42 +0200
try SAMinside : http://www.insidepro.com/ Regards, JA----- Original Message ----- From: <nordicsmak () yahoo com>
To: <pen-test () securityfocus com> Sent: Tuesday, June 28, 2005 9:02 PM Subject: Sam File via IIS flawDuring a recent penetration test I've discovered a flaw in the IIS server that allows me to browse to and view any file on the system.
I'm able to browse to the /winnt/repair/sam file, but it obviously is unusable in the format that's presented in the browser.
Any way to get this file in a format that can be used in L0pht? Thanks, Chris
Current thread:
- Sam File via IIS flaw nordicsmak (Jun 30)
- Re: Sam File via IIS flaw Jerome Athias (Jun 30)
- RE: Sam File via IIS flaw Prashant Meswani (Jun 30)
- Re: Sam File via IIS flaw Peter Wood (Jun 30)
- Re: Sam File via IIS flaw Alex Gottschalk (Jun 30)
- Re: Sam File via IIS flaw David Cravshaw (Jun 30)
- Re: Sam File via IIS flaw chillman (Jun 30)
- <Possible follow-ups>
- Re: Sam File via IIS flaw skill2die4 (Jun 30)