Penetration Testing mailing list archives
Re: pen testing iis
From: "Enrique A. Sanchez Montellano" <enrique.sanchez () defcom com>
Date: Mon, 25 Jun 2001 09:35:35 +0200
If you cannot tftp or ftp (happens) just echo the debug equivalent .... =) ... long live debug since its on all windows machines ... then just compile it on the server and VOILA!!!
debug is your friend!!! Enrique A. Sanchez Montellano suntzu wrote:
If you have control of cmd.exe in the web root directory ( via unicode ) you can usually make nt tftp a file to the server of where you nc.exe my live... just a suggestion...-suntzuOn Mon, 18 Jun 2001, ExpLiciT wrote:Greetings. I am pen-testing IIS 5 [no hotfixes] running in WinNT 4.0 with no fixes. At this point I want to upload a file to the box [nc.exe] and then I will definately have the box. How can I go about doing this? Thanks --ExpLiciT 'Firewalls are speed bumps not brick walls'
-------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) ServiceFor more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Current thread:
- pen testing iis 5 ExpLiciT (Jun 21)
- Re: pen testing iis suntzu (Jun 24)
- Re: pen testing iis Enrique A. Sanchez Montellano (Jun 27)
- Re: pen testing iis Javier Fernandez-Sanguino Peña (Jun 28)
- Re: pen testing iis Enrique A. Sanchez Montellano (Jun 27)
- Re: pen testing iis 5 Javier Fernandez-Sanguino Peña (Jun 27)
- <Possible follow-ups>
- Re: pen testing iis 5 Stephen Friedl (Jun 22)
- Re: pen testing iis 5 Reverend Lola (Jun 22)
- RE: pen testing iis 5 dilbert96 (Jun 24)
- RE: pen testing iis 5 st0ff st0ff (Jun 25)
- Pen Testing a Oracle database. How to pull data? Osvaldo J . Filho (Jun 26)
- RE: Pen Testing a Oracle database. How to pull data? Aaron C. Newman (Jun 26)
- RE: Pen Testing a Oracle database. How to pull data? George Milliken (Jun 26)
- Pen Testing a Oracle database. How to pull data? Osvaldo J . Filho (Jun 26)
- Re: pen testing iis suntzu (Jun 24)