Re: [PEN-TEST] admin rights on an IIS 5.0 with unicode bug?

[H D Moore <hdm () SECUREAUSTIN COM>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The point he was making was that IIS 5.0 is immune to that, and he was
wondering about other methods of elevating his access.

- -HD

On Sunday 25 March 2001 12:55 pm, Wertheimer, Ishai wrote:
> You can upload to the server this nice asp file by Maceo, and then easily
> type net localgroup administrators iusr_servername /add, and you are admin
> (I suppose that if the security configuration isn't too tight, you'll
> manage to do that).
>
> Cheers,
>
>
> Ishai Wertheimer
>
>
> -----Original Message-----
> From: Renato Ettisberger [mailto:renato.ettisberger () CH PWCGLOBAL COM]
> Sent: Sunday, March 25, 2001 5:38 PM
> To: PEN-TEST () SECURITYFOCUS COM
> Subject: [PEN-TEST] admin rights on an IIS 5.0 with unicode bug?
>
>
> Hi,
>
> I'm doing a pen test and I found a IIS 5.0 (Win2k) with the Unicode bug.
>
> As you know, there is a way to span a shell with admin rights on a IIS 4.0
> with the Unicode bug.
> I ask me, if there is a way to gain admin rights on an IIS 5.0, Win2k with
> the Unicode bug too?

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8

iQA/AwUBOr55lzwRvqMPEDLhEQK8KwCfbrnBMlB2sEpSoAqw59ApJmHkEnMAn3qv
lmlKpdXarBMpJuDpKadVF4A/
=H5Xg
-----END PGP SIGNATURE-----