|
Penetration Testing
mailing list archives
re: IDS and Unicode
From: Blurred Vision <blurred_visi0n () yahoo com au>
Date: Tue, 29 May 2001 11:36:33 +1000 (EST)
Parth,
I think you will find that IIS doesn't log the
unicode values, as they are translated into plain
ascii before being processed (and then logged)
The IIS logfile for the /..%c0%af../ original unicode
is logged as /../../
I think the same would go for cmd.exe in the log file.
Checking for unicode variants would only work if you
were performing on the wire monitoring. (Which is
ineffective on an SSL site anyway...
Blurred
_____________________________________________________________________________
http://messenger.yahoo.com.au - Yahoo! Messenger
- Voice chat, mail alerts, stock quotes and favourite news and lots more!
 By Date 
By Thread
Current thread:
- IDS and Unicode Parth Galen (May 28)
- <Possible follow-ups>
- re: IDS and Unicode Blurred Vision (May 28)
|
Intro
