Penetration Testing mailing list archives
Re: IIS : access to cmd.exe and multiple commands on one line
From: Emre Yildirim <emre () sgi asper org>
Date: Tue, 23 Oct 2001 17:12:45 -0500
Alex Butcher (pentest) wrote:
It is unclear to me whether this problem happens only because of the way the request is made (http://path/to/cmd.exe?/c+command1&command2), or if there are really different versions of cmd.exe.
This is probably unrelated to this thread but After playing around with code red infected hosts, I found that http://path/to/cmd.exe?/rcommand+argument works too. For example http://path/to/cmd.exe?/rdir+c:\ displays the contents of C:\. Does anyone know what function the "r" plays in the URL? -- Emre Yildirim <emre () asper org> GPG KeyID 0xF9E4A1D1 (keyserver.pgp.com) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- IIS : access to cmd.exe and multiple commands on one line Daniel Polombo (Oct 23)
- Re: IIS : access to cmd.exe and multiple commands on one line hellNbak (Oct 23)
- Re: IIS : access to cmd.exe and multiple commands on one line Rebecca Kastl (Oct 23)
- Re: IIS : access to cmd.exe and multiple commands on one line Alex Butcher (pentest) (Oct 23)
- Re: IIS : access to cmd.exe and multiple commands on one line Emre Yildirim (Oct 23)
- Re: IIS : access to cmd.exe and multiple commands on one line Rainer Duffner (Oct 24)
- Re: IIS : access to cmd.exe and multiple commands on one line Daniel Polombo (Oct 24)
- <Possible follow-ups>
- Re: IIS : access to cmd.exe and multiple commands on one line Garreth Jeremiah/Markham/IBM (Oct 24)
- RE: IIS : access to cmd.exe and multiple commands on one line Sam Steinmeyer (Oct 24)