Tyrano
Apr 8 2004, 03:57 AM
Hello peoples. dr0zaxx has asked me to post his new pdf on compromising IIS 4/5 on a Win2k platform. The link is here, so enjoy. And make him a damn member already! lol
http://www.x0fff8.org/HackingIIS4-5.pdfI attached it too, because well, thats what i was supposed to do in the first place
EXPLOiTED
Apr 8 2004, 04:27 AM
hahaha..Good stuff dr0zaxx!!!
realloader
Apr 8 2004, 05:06 AM
i have gave upto exploit iis.
But now...im happy totest it.
thank u sir Tyrano!
Truepower
Apr 8 2004, 05:57 AM
nice tut there dr0zaxx, well set out
Cyrus
Apr 8 2004, 12:41 PM
thx for this tutorial
didnt know that bug yet.
mR_stBlue
Apr 8 2004, 02:08 PM
with web folder
RedShadow
Apr 9 2004, 07:45 PM
hmm i find a IIS 5 server test it and instead of saving it as a webfolder it saves it as a little desktop icon as \\www.[site].com is it just becouse the server is patched and the admin isnt stupid?
Joc00
Apr 9 2004, 08:35 PM
Interesting info here. News to me but hey im slow. Test good!
Dude looks like hes got some anger built up hehe. More sex m8
IIzedII
Apr 9 2004, 10:17 PM
really interesting, but why should that be usefull?
Just for defacing a website oder sth?
You can up - OK - but yyou aren't abel to execute sth.
am i right?
JMP
Apr 10 2004, 12:43 AM
I wonder what makes this possible. All you do is add the page to your network, and then you have full access to it. I have to say this is somewhat the most lame thing I've ever seen. Alot if kiddies will have a laugh doing this.
dr0zaxx
Apr 10 2004, 02:03 AM
| QUOTE |
| hmm i find a IIS 5 server test it and instead of saving it as a webfolder it saves it as a little desktop icon as \\www.[site].com is it just becouse the server is patched and the admin isnt stupid? |
Yes, I also faced this problem in Windows XP. Some vulnerable sites i tested do come up as a "My Computer" icon instead of a web folder. I am not sure why so. Maybe due to the settings in each individual computers. Some vulnerable website i am able to view, but some vulnerable i am not
dont know why. You might want to ask around.
Estasia
Apr 10 2004, 07:00 AM
very usefull info
now does annyone know how to make an .asp script to execute an .exe or eaven if it's possible?
Hadezz
Apr 10 2004, 07:05 AM
Am i missing out on something ... seems to me that entering website after website into that NetCraft website in order to see if it is running IIS 4/5 would be pretty tedious ... is there a faster way
Estasia
Apr 10 2004, 08:19 AM
well scan for port 80 with a prog that shows the banner and then find the files with the iis banner
dr0zaxx
Apr 10 2004, 11:14 AM
| QUOTE |
very usefull info
now does annyone know how to make an .asp script to execute an .exe or eaven if it's possible? |
Hrm... I did thought of that. But then, I didnt learned ASP so I wouldnt have much clue on that. If you are interested, you might want to test it. You can repost your results if you have any or managed to execute an .exe file.
Yeah there is a faster way, i heard Angry IP Scanner does the job. You are able to log the banner retrieved each time.
ISMO
Apr 10 2004, 12:19 PM
I have use WebDav Scanner, it shows the banner and its fast ... but i thing the most of the server are patched ?
nudde678
Apr 10 2004, 12:21 PM
Have you ever noticed, that you are only connectet to the IPC share?
type \\IP in your browser and you see the same..
So waht you need to do this is scann for port 139/445 and try to acc this computer via your browser as a guest..
Sometimes you have luckd and you are able to access guest shared folders..
and if you have really luck the admin has shared c:\inetpub\wwwroot\
A guest doesnt have execute rights.. yes you can upload files in special folders, but nothing more.. defacing of the index.asp / index.html is impossible sorry ^^
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
