WebApp Sec mailing list archives

RE: Double Slashes

From: Jeff Robertson <Jeff.Robertson () DigitalInsight com>
Date: Thu, 4 Aug 2005 09:45:11 -0400

This is very similar to what is being talked about wrt to Apache in the
thread of messaeges called "Heavy Security Issue" today. Maybe IIS had
something similar, and this is how they fixed it.

-----Original Message-----
From: Andres Molinetti [mailto:andymolinetti () hotmail com] 
Sent: Thursday, August 04, 2005 9:30 AM
To: pen-test () securityfocus com
Cc: webappsec () securityfocus com
Subject: Double Slashes

Is there anyway to encode a "//" in a GET request to an .ASP page in IIS 5.0

(patched up2date)

For example..

GET /dir1//dir2.asp HTTP/1.0

IIS seems to convert to a single slash the following ones:
//
\\
/./
/../
///////// ...

Not sure if it is some fix to old unicode and double enconding bugs.

Regards,

Andy

_________________________________________________________________
¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en 
MSN Motor. http://motor.msn.es/researchcentre/

Current thread:

Double Slashes Andres Molinetti (Aug 04)
- <Possible follow-ups>
- RE: Double Slashes Jeff Robertson (Aug 04)
- RE: Double Slashes Auri Rahimzadeh (Aug 04)
  - RE: Double Slashes Andres Molinetti (Aug 04)
- RE: Double Slashes Jeff Robertson (Aug 04)
  - RE: Double Slashes Andres Molinetti (Aug 04)
- RE: Double Slashes Auri Rahimzadeh (Aug 04)
- RE: Double Slashes Auri Rahimzadeh (Aug 04)
- Re: Double Slashes Steven M. Christey (Aug 04)
- RE: Double Slashes Kyle Quest (Aug 05)