Vulnerability Development mailing list archives
Re: Question Regarding new IIS escaped char exp.
From: H D Moore <hdm () secureaustin com>
Date: Mon, 21 May 2001 05:11:31 -0500
On Thursday 17 May 2001 01:03 pm, w1re p4ir wrote:
Ello all, If an IIS machine is patched against the Unicode Attack that was released many months ago... Does this exploit work? I haven't really been able to test it on a machine that ISN'T nt4.0 sp6/a. Anyone have any ideas? -wire
Yes it would work. The new one also affects IIS 3.0, which was previously unexploitable (?) after the sample files had been removed. I updated the unicoder.pl tool to use the new decode sequences and added an interactive mode per request (command shell). A few new directories were added, which should make exploiting IIS 5.0 and OWA machines easier. You can grab the latest copy from: http://www.digitaloffense.net/csw/unicoder.pl -HD
Current thread:
- Question Regarding new IIS escaped char exp. w1re p4ir (May 21)
- Re: Question Regarding new IIS escaped char exp. H D Moore (May 21)
- Re: Question Regarding new IIS escaped char exp. Ralph Moonen (May 21)
- Re: Question Regarding new IIS escaped char exp. H D Moore (May 21)