Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Disable website access for sites running Webspeed
From: suresync () gmail com
Date: 1 May 2007 14:54:07 -0000
_edit.r Busy agents exploit. 1-5-2007
author: Eelko Neven
discovered: 28-4-2007
tested: Windows 2000 server & Windows 2003 server

Because of poor security in _edit.r it is possible to put all agents in busy mode.

First you have to find the messenger execution url. For example:
http://yourmachine.com/scripts/cgiip.exe/WService=wsbroker1
http://yourmachine.com/scripts/wsisa.dll/WService=wsbroker1


just add the following to the url:
/_edit.r

your url will look like this:
http://yourmachine.com/scripts/cgiip.exe/WService=wsbroker1/_edit.r

When you run the above url you put the agent into an infinite loop (Do While). If for instance your server runs 5 
Broker Agents you just have to run above url 5 times and then all agents will be put in busy mode. From that moment on 
it's not possible to access that broker anymore.

  By Date           By Thread  

Current thread:
  • Disable website access for sites running Webspeed suresync (May 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]