Results 1 to 2 of 2

Thread: .ASP Buffer Overflow exploits

  1. #1
    Junior Member
    Join Date
    May 2002

    Question .ASP Buffer Overflow exploits


    For my GIAC certification (GCIH) I am researching the .ASP Buffer Overflow vulnerability discovered by eeye.com in April 2002 but am having a hard time trying to exploit it.

    I have setup a test (controlled) environment with a Windows 2000 server - unpatched. For the sake of the research paper I have to exploit the server using this vulnerability and capture various traffic etc. Also, I will have to write-up defenses for it.

    I would appreciate any help you could provide, especially in figuring out how to exploit this vulnerability?

    I have looked at and tried to use Hsj's exploit (iis-asp-overflow.c) from packetstorm but have not had any luck with that either.


  2. #2
    Join Date
    May 2002
    well a lot of exploits only work on things that aren't put up right. Like for example, enabling file sharing allows for netbios attacks. play around with things, learn in detail how things work. Use logic yet use creativity! Though that doesn't really solve your problem, there are my 2cents. Good Luck!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts