Demo of WebDAV exploit with Trojan installation

["Brian Serra" <brianserra () earthlink net>]

All,
I have a demonstration seminar coming up shortly and have run into some
problems with getting a Trojan (backdoor, rat) to run after I exploit WebDAV
on a W2k IIS 5.0 sp3 system. The webDAV exploit works fine and I get a
remote command prompt. I then tftp the Trojan up to the IIS system and
execute it. It seems I may not have sufficient permission to run the Trojan
and have it open a listening port. The Trojan will execute and show in the
task manager, but the port will not open. If I execute the Trojan locally it
opens the port fine.  This works the same with y3k and beast Trojans.

Any ideas? Do I need to escalate privilege first? If so, any recommendations
on what to use.

Thanks!!

Brian Serra - CISSP
Senior Technical Security Consultant
Vulnerability Assessment and Penetration Testing
847-763-2304 Direct
630-926-4055 Mobile
bserra () forsythesolutions com

Forsythe Solutions
7440 North Long Avenue, Skokie, IL 60077

Building cost-effective IT infrastructure that organizations trust.



---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-pen-test 
----------------------------------------------------------------------------