Vulnerability Development mailing list archives

Re: [unicode / iis4]

From: Marco van Berkum <m.v.berkum () obit nl>
Date: Thu, 11 Jan 2001 09:35:13 +0100

"Wertheimer, Ishai" wrote:


Here is an example:

When trying to figure out directory I'm going to I tried IDQ extension and
got:

File
E:\Somedirectory\docroot\msadc\..\..\..\..\..\..\..\..\..\..\winnt\system32\
test.idq


????????

First of all you say that with IDQ you get this:
E:\Somedirectory\docroot\msadc\..\..\..\..\..\..\..\..\..\..\winnt\system32\test.idq

I find this hard to believe since NT will never show you \..\..\ kinda traversal
chars (they filter these
NON unicode encoded chars out, unicode would be ../..\..),
and another point is that the msadc directory is NOT after document_root
directory but it
is on c:\program files\common files\system\msadc and another point is that
winnt\system32
will not be found on drive E: (at least not with normal installation).


So msadc directory isn't always directing to sysroot.


It is.

grtz,
Marco van Berkum

--
Sex is like hacking. You get in, you get out,
and you hope you didn't leave something behind
that can be traced back to you.

Marco van Berkum, System Operator/Security Analyst OBIT b.v.
RIPEHANDLE: MB17300-RIPE

Current thread:

Re: [unicode / iis4] white hat eagle (Jan 07)
- <Possible follow-ups>
- Re: [unicode / iis4] Tim H (Jan 08)
  - Re: [unicode / iis4] Marco van Berkum (Jan 09)
  - Re: [unicode / iis4] Ryan Yagatich (Jan 09)
    - Re: [unicode / iis4]PLEASE HELP ME. Fabrizio Siciliano (Jan 24)
- Re: [unicode / iis4] Wertheimer, Ishai (Jan 10)
  - Re: [unicode / iis4] Marco van Berkum (Jan 11)
- Re: [unicode / iis4] Wertheimer, Ishai (Jan 11)