-
February 14th, 2002, 07:17 AM
#1
Risk of sounding like a newbee but i gotta ask
I know i am going to get major flamed for this but oh well
Like i said in another post. I will be the first to admit that I dont know as much as i would like to know but I am trying. From reading tutorials,website to going to places like this. But luckly my work has signed up for Mindleaders so I am getting free training now for free with many topics like IIS 4 , TCP/IP , LAN , C++ , Visual basics 4-6 , Unix , and A+ certification
So i hope that this will help speed up the learning process
Anyways on to my point
What i was wondering is in the post that someone found a server with a bunch of exploits on it and that it runs arbritary code you can gain access
Ok this was the code:
GET /_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe
What i want to know is what /..%c0%af../ means..... I have a little html knowledge so i know (or at least am assuming ) that the % = space as for the C0 and AF i dont know
Also if you have any where where i can go to learn the Microsoft Exploits for IIS servers that would be appreceated
I have been looking but all i can find are reports about them, what i want to know is how they are done....Dont get me wrong though i am not just some skipt kiddie who is going to go exploiting every IIS server that I can, I just want to know the logic behind it what it does and how it works and how to do it
Thanks
Violence breeds violence
we need a world court
not a republican with his hands covered in oil and military hardware lecturing us on world security!
-
February 14th, 2002, 07:26 AM
#2
-
February 14th, 2002, 07:42 AM
#3
/..%c0%af../ = /../
/../ is ascii, which the computer interpets to mean go up a directory
/..%c0%af../ is unicode, which also says go up a directory
This is an iis 4/5 exploit. it seems that the iis server which is capable of handeling unicode, carries out unicode instruction before it submits them to security checks, so in an unpatched server its possible to go beyond the normal restriction and access files above the web root.
for more nt type stuff id try packetstorm-security
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
February 25th, 2002, 01:34 AM
#4
Member
here u go
Greetings from Ireland Euclid
This should explain everything i think u wanted to know.
http://www.interphaze.org/bits/britneysnthackguide.html
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|