July 12th, 2003, 04:25 AM
And tutorials on Unicode?
I'm not sure exactly what I'm looking for. I know unicode is basically any character besides the alphabet. I checked the two sites in the FAQ and it seemed to make things more confusing. To be more exact, this is what I want to learn.
What do these do????!???
(and I'm sure there are many more)
Now I'm not trying to deface webpages with the infamous IIS exploit. I just want to know two things. What do these commands do? Where can I read about them? (because I have had no luck on google.
sorry for such a newb question, I feel bad for asking it.
July 12th, 2003, 05:16 AM
... (See Definition D3 in Section 3.3, Characters and Coded Representations
.) (3) The basic unit of encoding for the Unicode character encoding. ...
Description: Glossary of unicode terminology with additional links to an FAQ and the Unicode Standard Version 3.0.
Category: Reference > Dictionaries > ... > Computers > Application Specific
www.unicode.org/glossary/ - 86k - Cached - Similar pages
[ More results from www.unicode.org ]
\"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
July 12th, 2003, 09:20 AM
Those things are just ways to crack vulnerable IIS installations.
It's nothing much to do with Unicode per se, it's just that it's IIS's unicode decoding routine which was vulnerable to this bug.
You will find plenty of docs on Unicode on the net, but it will not tell you how to exploit IIS, but how to use Unicode in your applications to enable them to be translated into non-western languages.
July 12th, 2003, 02:40 PM
I'll try to explain (to my understanding) what is happening when you see that stuff in your logs, or what not.
Those characters are unicode representations of normal characters. IIS filtered out the normal (non unicode) characters, but didn't filter out the unicode equivilents. The unicode text you had was trying to get out of the root html directory and get IIS to execute cmd.exe, which is the command prompt. The dir part was getting IIS to run the "dir" command inside of the command prompt, which you probably know will list the folders on your computer. From there, an attacker could explore your system and compromise it.
Luckily, you can patch that vulnerability. I also remember a tutorial a while back where catch used a tool called URLScan that would allow you to control what IIS saw/got. With it, you can prevent all sorts of malicious requests from even reaching IIS to harm it. If you run IIS, and you setup URLScan nicely, I think that you would be much safer than without it. His tut is here: http://www.antionline.com/showthread...hreadid=244658 BTW, I don't mess with IIS too much so I'm not exactly familiar with what goes on with it, etc.