Re: dos commands via iis 4 (TFTP)

["Bluefish (P.Magnusson)" <11a () GMX NET>]

> Yes. This is a good idea. Can you recomend such a server client combo? It's
> needs to be something that can operate well with the limited commands that
> can be sent via the Unicode (or other similiar) vulnerabilities.

in this specific case, you have the ftp command available for usage. So
the "exploit software" (or how one should dub it) can be of whatever size
etc you can think of.

<BADHUMOR>
Even VB applications would do, if the right VBRUN.DLL is installed ;-)

No sorry I don't know of any programs and don't plan to code. Lack of
time, plus I *seem* bright when I complain at others coding misstakes
instead of sending in my own for review ... Or don't I? ;)
</BADHUMOR>

No seriously I don't have time to develop such a program, but IMHO it
shouldn't be very hard. I got 3 deadlines in 5 days to keep *sigh*
Perhaps someone allready has written such a tool.

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

             http://www.eff.org/cafe