Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

IIS again.
From: dilbert96 () hushmail com
Date: Fri, 18 May 2001 08:59:27 +0000 (GMT)
Hello all,
 
 
I know there are many of these already around but here is a program I wrote 
for the Unicode vulnerability which works for the IIS double-parse vulnerability. 
The program simulates an interactive command prompt and allows switching 
to and from cmd.exe interactively. The ZIP contains two files iisenc.pl 
and exploits.txt which contains the GET strings etc. To add further strings 
the format is:
 
GET /STRING  tab  WhatIsExpectedInReturn tab  Comments
 
Regards,
 
Gary O'leary-Steele
 
P.S Anyone know where I can get a PPTP sniffer for Windows NT?
Free, encrypted, secure Web-based email at www.hushmail.com

Attachment: Iisenc.zip
Description:

  By Date           By Thread  

Current thread:
  • IIS again. dilbert96 (May 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]