Penetration Testing mailing list archives
re: IDS and Unicode
From: Blurred Vision <blurred_visi0n () yahoo com au>
Date: Tue, 29 May 2001 11:36:33 +1000 (EST)
Parth, I think you will find that IIS doesn't log the unicode values, as they are translated into plain ascii before being processed (and then logged) The IIS logfile for the /..%c0%af../ original unicode is logged as /../../ I think the same would go for cmd.exe in the log file. Checking for unicode variants would only work if you were performing on the wire monitoring. (Which is ineffective on an SSL site anyway... Blurred _____________________________________________________________________________ http://messenger.yahoo.com.au - Yahoo! Messenger - Voice chat, mail alerts, stock quotes and favourite news and lots more!
Current thread:
- IDS and Unicode Parth Galen (May 28)
- Re: IDS and Unicode Kevin J. Menard, Jr. (May 29)
- <Possible follow-ups>
- re: IDS and Unicode Blurred Vision (May 28)