Vulnerability Development mailing list archives

The good , the bad, the IIS. (%3F Weirdness)

From: <jesperht () hotmail com>
Date: 5 Jan 2002 17:14:34 -0000



*I have no clue if this is a new bug or not due to my 
lack of hotfixes, but here it goes!*

Hello fellow vuln-dev'ers,
Here is a srange bug ive found on my test server:

Microsoft Windows 2000 [Version 5.00.2195]  
(service pack 2)

Making the following request:

http://bender/global.asa%3f.htr

Adding a %3f.htr at the end seems to yield its source 
code.  Because this is a default install, all that it 
contains is the following:

<OBJECT RUNAT=Server SCOPE=Session 
ID=MyInfo PROGID="MSWC.MyInfo">
</OBJECT>
   
Ive tried appending  %3f.htr to iisstart.asp (another 
default file), but that does not reveal a thing.  
Renaming iisstart.asp to iisstart.asa and trying to 
view its source does not work then either.  I cant find 
any logic behind this. Please give this a shot, play 
with this, and send in your results/thoughts!

Best Regards,
-Scarabus

Current thread:

The good , the bad, the IIS. (%3F Weirdness) jesperht (Jan 05)
- Re: The good , the bad, the IIS. (%3F Weirdness) Robert Freeman (Jan 06)
- SV: The good , the bad, the IIS. (%3F Weirdness) Stefan Sundkvist (Jan 06)