Full Disclosure mailing list archives
Unusual request
From: Paul Schmehl <pauls () utdallas edu>
Date: 12 Feb 2003 17:26:26 -0600
The net is filled with so much junk now, it's getting harder to find what you need. I am looking for an exploit that will give you "root" on an unpatched IIS box by simply typing a string in the address line in your browser. I know I've seen it before, but I can't seem to find it amongst all the vulns for IIS and all the web logs that show up when you google. I need this for a "security roadshow" that we're putting together, so I can demonstrate how easy it is to break in to an unpatched box. Can anybody point me in the right direction? I don't want exploit code. This is just a simple string that you enter into the URL box in a browser. It's at least two or three years old, I know. -- Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/~pauls/ AVIEN Founding Member _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Unusual request Paul Schmehl (Feb 12)
- Re: Unusual request Ivan Susanin (Feb 13)
- Re: Unusual request Laurent LEVIER (Feb 13)
- Re: Unusual request Berend-Jan Wever (Feb 13)
- Re: Unusual request Day Jay (Feb 13)
- Re: Unusual request Henrik Lund Kramshøj (Feb 15)
- <Possible follow-ups>
- RE: Unusual request Sung J. Choe (Feb 12)
- Re: Unusual request yossarian (Feb 12)
- Re: Unusual request Nexus (Feb 12)
- Re: Unusual request yossarian (Feb 12)
- Re: Unusual request aeonflux (Feb 12)
- Re: Unusual request yossarian (Feb 12)