Penetration Testing mailing list archives

Re: IIS HTR Exploit ?

From: <r00t () online ie>
Date: Wed, 19 Jun 2002 09:45:13 +0100

Sorry bout this second message:

Some PPL want specific bid numbers:

Well here it is: 4855

Like I said the only thing close to a working exploit (that I am aware of) is 
the eeye sample code. 

However all this code does is, proves a host is vulnerable. There are one or 
two others as well, but they dont got shellcode = t aint gonna work.

Please Please help ....

Calling all b-hats, please pass me your BID:4855 IIS5.0 W2k exploits.

Thank you kindly

Mark 


Quoting Erik Birkholz <erik () foundstone com>:

There are HTR expolits.  Eeye has been droppin them  since blackhat 1999; at
the venetion (alarms and all)

Ahhh the good ole days

If you mean the new sploit, please specify the BID so we know what you are
talking about

=-)


Erik Pace Birkholz, CISSP
Principal Consultant - FOUNDSTONE
323 252 5916





----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

IIS HTR Exploit ? r00t (Jun 18)
- <Possible follow-ups>
- Re: IIS HTR Exploit ? r00t (Jun 19)
  - Re: IIS HTR Exploit ? Vitaly Osipov (Jun 20)