mailing list archives
FW: Enumerate Root Web Server Directory Vulnerability for IIS 4.0
From: ollie () DELPHISPLC COM (Ollie Whitehouse)
Date: Wed, 15 Mar 2000 09:31:52 -0000
After a poke from rfp I see that I did not look in to the problem enough and
have come up with a solution that hacks-around dll generated errors
(although not advised).
From: Ollie Whitehouse
Sent: 15 March 2000 09:28
To: 'rain forest puppy'
Subject: RE: Enumerate Root Web Server Directory Vulnerability for IIS
Ok my original diagnosis may of been incomplete, a couple solutions to the
problem (although not tidy and should only be used as a temporary messure).
Firstly the IDQ error messages is generated by IDQ.dll not HTTPODBC.dll ;o),
1) The I need IDQ support solution:
I won't give offsets due to the different DLL versions floating around but
if you locate the error message with a hexeditor you see the folllowing:
0002D150 2C00 0000 5468 6520 4944 5120 6669 6C65 ,...The IDQ file
0002D160 2025 3220 636F 756C 6420 6E6F 7420 6265 %2 could not be
Be brutle very brutle and replace the %2 with ??, this should fix nearly all
occurances of Path Enumartion type problem like these you then use a
patching tool to create a patch to patch Microsofts DLLs ;o).... that would
do for now. Obviously the pretty way of doing this is to either to append to
the DLL and provide a new JMP point when the error is called to the new
error message (viri techniques). The solution above is just a quick-n-dirty
2) I don't need IDQ support
-> WebSite -> Properties -> Homedirectory -> Configuration
then remove support for all extensions you don't require.