Re: [Full-disclosure] IIS 6.0 AUX.aspx DoS



Off-Topic:

AUX seems also to be a funny way to check if Apache server stands on
Windows host.

Google inurl:phpinfo.php apache cmd.exe
check:
/test (returns 404)
/AUX (returns 403 - !)

Google inurl:phpinfo.php apache /bin/sh
check:
/test (returns 404)
/AUX (returns 404)

Best regards,
Łukasz Pilorz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/