Full Disclosure mailing list archives
Re: Unusual request
From: Ivan Susanin <ivan () susanin org>
Date: Thu, 13 Feb 2003 11:04:13 +0200
IIS Storm 2.0 by m0sad team no idea where to download Have fun, Ivan Paul Schmehl wrote:
The net is filled with so much junk now, it's getting harder to find what you need. I am looking for an exploit that will give you "root" on an unpatched IIS box by simply typing a string in the address line in your browser. I know I've seen it before, but I can't seem to find it amongst all the vulns for IIS and all the web logs that show up when you google. I need this for a "security roadshow" that we're putting together, so I can demonstrate how easy it is to break in to an unpatched box. Can anybody point me in the right direction? I don't want exploit code. This is just a simple string that you enter into the URL box in a browser. It's at least two or three years old, I know.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Unusual request Paul Schmehl (Feb 12)
- Re: Unusual request Ivan Susanin (Feb 13)
- Re: Unusual request Laurent LEVIER (Feb 13)
- Re: Unusual request Berend-Jan Wever (Feb 13)
- Re: Unusual request Day Jay (Feb 13)
- Re: Unusual request Henrik Lund Kramshøj (Feb 15)
- <Possible follow-ups>
- RE: Unusual request Sung J. Choe (Feb 12)
- Re: Unusual request yossarian (Feb 12)
- Re: Unusual request Nexus (Feb 12)
- Re: Unusual request yossarian (Feb 12)
- Re: Unusual request aeonflux (Feb 12)
- Re: Unusual request yossarian (Feb 12)
- RE: Unusual request Steve Wray (Feb 12)