Penetration Testing mailing list archives
Breaking into an ssl-only IIS box
From: "Ralph Los" <RLos () enteredge com>
Date: Thu, 28 Feb 2002 15:14:39 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey all, Thought I'd throw this out. What tools do you all use to break into a box that has the following config: (1) IIS/4.0 on WinNT 4.0 sp6a (2) FrontPage Extensions (how to determine version?) installed (3) /IISADMIN and /PRINTERS folders visible, but password-protected (4) All of this is ONLY visible through SSL (no big deal)... Thoughts? - ----------------------------------------| Ralph M. Los Sr. Security Consultant and Trainer EnterEdge Technology, L.L.C. rlos () enteredge com (770) 955-9899 x.206 - ----------------------------------------| -----BEGIN PGP SIGNATURE----- Version: PGP 7.1.1 iQA/AwUBPH6PRNfQPveTWZDtEQJ5pQCeMI5fjChZy2+nI7JjIHa2lufKWdEAoPyd qOf+XjptTrg2J23ILMPI6z17 =ifVA -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Breaking into an ssl-only IIS box Ralph Los (Feb 28)