Penetration Testing mailing list archives
Re: pen testing iis
From: suntzu <oonix () unixfoo org>
Date: Fri, 22 Jun 2001 21:59:32 -0500 (CDT)
If you have control of cmd.exe in the web root directory ( via unicode ) you can usually make nt tftp a file to the server of where you nc.exe my live... just a suggestion... -suntzu On Mon, 18 Jun 2001, ExpLiciT wrote:
Greetings.
I am pen-testing IIS 5 [no hotfixes] running in WinNT 4.0 with no fixes. At
this point I want to upload a file to the box [nc.exe] and then I will
definately have the box. How can I go about doing this?
Thanks
--ExpLiciT
'Firewalls are speed bumps not brick walls'
Current thread:
- pen testing iis 5 ExpLiciT (Jun 21)
- Re: pen testing iis suntzu (Jun 24)
- Re: pen testing iis Enrique A. Sanchez Montellano (Jun 27)
- Re: pen testing iis Javier Fernandez-Sanguino Peña (Jun 28)
- Re: pen testing iis Enrique A. Sanchez Montellano (Jun 27)
- Re: pen testing iis 5 Javier Fernandez-Sanguino Peña (Jun 27)
- <Possible follow-ups>
- Re: pen testing iis 5 Stephen Friedl (Jun 22)
- Re: pen testing iis 5 Reverend Lola (Jun 22)
- RE: pen testing iis 5 dilbert96 (Jun 24)
- RE: pen testing iis 5 st0ff st0ff (Jun 25)
- Pen Testing a Oracle database. How to pull data? Osvaldo J . Filho (Jun 26)
- RE: Pen Testing a Oracle database. How to pull data? Aaron C. Newman (Jun 26)
- RE: Pen Testing a Oracle database. How to pull data? George Milliken (Jun 26)
- Pen Testing a Oracle database. How to pull data? Osvaldo J . Filho (Jun 26)
- Re: pen testing iis suntzu (Jun 24)