Vulnerability Development mailing list archives

Re: [unicode / iis4]

From: "Wertheimer, Ishai" <iwertheimer () KPMG COM>
Date: Wed, 10 Jan 2001 08:59:59 -0500

I'm not sure why does Marco insist on this, since in many cases I found it
not working.

Here is an example:

When trying to figure out directory I'm going to I tried IDQ extension and
got:

File
E:\Somedirectory\docroot\msadc\..\..\..\..\..\..\..\..\..\..\winnt\system32\
test.idq

So msadc directory isn't always directing to sysroot.

Cheers,

Ishai Wertheimer

        -----Original Message-----
        From:   Marco van Berkum [SMTP:m.v.berkum () obit nl]
        Sent:   ? 09 ????? 2001 10:20
        To:     VULN-DEV () SECURITYFOCUS COM
        Subject:        Re: [unicode / iis4]

        Tim H wrote:

        > Hi All,
        > A lot of these attacks assume that the web directory is on the
same drive as
        > the system and that the system is in the winnt directory.  If
neither if
        > these conditions are true, is this exploit still reasonable?
        >
        > Thanks,
        > Tim

        I have been reading this discussion for some while now...

        I find it very hard to believe that some ppl still dont know how

        to exploit this incredibly easy and very common bug.

        Read my article regarding this bug on:

        http://ws.obit.nl/nt.txt

        grtz,

        Marco van Berkum

        --
        Sex is like hacking. You get in, you get out,
        and you hope you didn't leave something behind
        that can be traced back to you.

        Marco van Berkum, System Operator/Security Analyst OBIT b.v.
        RIPEHANDLE: MB17300-RIPE
*****************************************************************************
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee. Access to this email by anyone else
is unauthorized.

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it, is prohibited
and may be unlawful. When addressed to our clients any opinions or advice
contained in this email are subject to the terms and conditions expressed in
the governing KPMG client engagement letter.
*****************************************************************************

Current thread:

Re: [unicode / iis4] white hat eagle (Jan 07)
- <Possible follow-ups>
- Re: [unicode / iis4] Tim H (Jan 08)
  - Re: [unicode / iis4] Marco van Berkum (Jan 09)
  - Re: [unicode / iis4] Ryan Yagatich (Jan 09)
    - Re: [unicode / iis4]PLEASE HELP ME. Fabrizio Siciliano (Jan 24)
- Re: [unicode / iis4] Wertheimer, Ishai (Jan 10)
  - Re: [unicode / iis4] Marco van Berkum (Jan 11)
- Re: [unicode / iis4] Wertheimer, Ishai (Jan 11)