Originally posted here by noob_hacker
uh... can't grasp anything for a layman like me...
Then why are you trying to exploit something? Learn the basics first..
so by using the command *get* then http means i activated a bug (?) that gives me information about the structure of the http i'm looking at?? cool...
Not quite my friend... You're GETting something from a webserver.. The bug (MS00-078) is in the way IIS handles the %255c.. Which results in an ability to break out of the webroot..
oh ya btw can you give me some more info about what other command i can give on an http port?
Read RFC-2616...