Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Breaking into an ssl-only IIS box

From: "Ralph Los" <RLos () enteredge com>
Date: Thu, 28 Feb 2002 15:14:39 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey all,
        Thought I'd throw this out.  What tools do you all use to break into
a box that has the following config:

        (1) IIS/4.0 on WinNT 4.0 sp6a
        (2) FrontPage Extensions (how to determine version?) installed
        (3) /IISADMIN and /PRINTERS folders visible, but password-protected
        (4) All of this is ONLY visible through SSL (no big deal)...


Thoughts?

- ----------------------------------------|
Ralph M. Los
Sr. Security Consultant and Trainer
          EnterEdge Technology, L.L.C.
          rlos () enteredge com
          (770) 955-9899 x.206
- ----------------------------------------| 

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.1

iQA/AwUBPH6PRNfQPveTWZDtEQJ5pQCeMI5fjChZy2+nI7JjIHa2lufKWdEAoPyd
qOf+XjptTrg2J23ILMPI6z17
=ifVA
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: