IIS again.

[dilbert96 () hushmail com]

Hello all,
 
 
I know there are many of these already around but here is a program I wrote 
for the Unicode vulnerability which works for the IIS double-parse vulnerability. 
The program simulates an interactive command prompt and allows switching 
to and from cmd.exe interactively. The ZIP contains two files iisenc.pl 
and exploits.txt which contains the GET strings etc. To add further strings 
the format is:
 
GET /STRING  tab  WhatIsExpectedInReturn tab  Comments
 
Regards,
 
Gary O'leary-Steele
 
P.S Anyone know where I can get a PPTP sniffer for Windows NT?
Free, encrypted, secure Web-based email at www.hushmail.com

Attachment: Iisenc.zip
Description: