Bugtraq mailing list archives
Unicode exploit - version 2
From: Roelof Temmingh <roelof () SENSEPOST COM>
Date: Thu, 26 Oct 2000 12:12:14 +0200
All, http://www.securityfocus.com/vdb/bottom.html?section=exploit&vid=1806 applies: After the discussion on Bugtraq et al on the IIS Unicode flaw, this PERL script will check the existance of an 'alternative' cmd.exe, and pass all commands to the alternative shell, or creates it if it does not exists - making redirection of commands possible. Credit to all that contributed. Greetings, Roelof. ------------------------------------------------------ Roelof W Temmingh SensePost IT security roelof () sensepost com +27 83 448 6996 http://www.sensepost.com
Attachment:
unicodexecute2.pl
Description:
Current thread:
- Unicode exploit - version 2 Roelof Temmingh (Oct 27)