Penetration Testing mailing list archives
RE: Pen Test help
From: "er t" <er587 () hotmail com>
Date: Fri, 15 Jul 2005 15:48:02 +0000
Try MetasploitNSIISLOG.DLL - http://www.metasploit.com/projects/Framework/exploits.html#iis_nsiislog_post WebDav Remote exploit MS03-007 - http://www.metasploit.com/projects/Framework/exploits.html#iis50_webdav_ntdll
-----Original Message----- From: Juda Barnes [mailto:securityfocus () mymail pent900 com] Sent: Thursday, July 14, 2005 2:57 PM To: pen-test () securityfocus com Subject: Pen Test help Hi alli am doing Audit and pen test on machine till now i have figure out that it is running
on Microsoft Windows 2000 SP3 or maybe SP4 Default installation With WebDAV and FrontPage Installed FPSE 4.0.2.5526, Microsoft-IIS/5.0 i used nessus and find the following vulnerbilities -----> Plugin ID 11412 - WebDav Remote exploit MS03-007 -----> Plugin ID 11664 - NSIISLOG.DLL Plugin ID 10661 - IIS5 .printer ISAP IPP Plugin ID 10695 - .IDA ISAPI (MS01-033)also i have verifyed that the server have nsiislog by http://server/scripts/nsiislog.dll
i have tried to use the nsiislog exploit with no sucsseful ,i will appriciate any good links where can i read regarding the NSIISLOG exploit or other exploits
that i can find for that machine ( i wrote the vulnerabilities up there) .er.587 _________________________________________________________________FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
Current thread:
- Pen Test help Juda Barnes (Jul 14)
- <Possible follow-ups>
- RE: Pen Test help er t (Jul 15)
- RE: Pen Test help Juda Barnes (Jul 16)
- Re: Pen Test help H D Moore (Jul 16)
- RE: Pen Test help Juda Barnes (Jul 17)
- Re: Pen Test help H D Moore (Jul 18)
- RE: Pen Test help Juda Barnes (Jul 16)
- Re: Pen Test help H D Moore (Jul 18)