Re: cmdasp.asp & unicode

From: CT (ct@arnet.com.ar)
Date: 08/16/01 

Message-ID: <002401c12662$8d4a6cc0$88fcfea9@ruben>
From: "CT" <ct@arnet.com.ar>
To: "Penetration Testers" <PEN-TEST@SECURITYFOCUS.COM>
Subject: Re: cmdasp.asp & unicode 
Date: Thu, 16 Aug 2001 11:48:42 -0300

:) You are a spanish guy... I wrote some for this bug ( unicode/decode/code
red II ) in spanish, how to exploit them and fix it:
www.heinekenteam.com/cursos/iis
Best regards

CyRaNo
Carpe Noctem

----- Original Message -----
From: "César González" <cesar@eureka-sistemas.com>
To: "Penetration Testers" <PEN-TEST@SECURITYFOCUS.COM>
Sent: Thursday, August 16, 2001 8:28 AM
Subject: cmdasp.asp & unicode

> Hello all,
>
> First of all, Thankx H.D. Moore for the reply to my last post
("Imformation
> about mkilog.exe") and sorry about my poor english ;).
> I am finishing a pen-test to a company and my customer said to me to try
to
> grab te data of the database. The machine who runs the databas soft, runs
> IIS too, and it ts vulnerable to an UNICODE exploit. I have uploaded the
> cmdasp.asp script but it seems to fail in some operations like deleting
> files. For example : I upload cmdasp.asp to c:\inetpub\scripts\ with the
> tftp trick but when i try to delete the file itself i got permision
denied.
> The user under the script runs is IUSR_SIVAC. (sivac is the database and
the
> name of the computer in the windows network)
> My questions are : ¿Why cant i delete the files i have uploaded to
> c:\inetpub\scripts? The user SIVAC should be allowed... if i can write in
the
> directory i should be allowed to delete too, isnt it?. ¿Could I force to
> change the user under the cmd.asp.asp runs?
>
> Thanks in advance.
>
> César González Revilla
> Eureka Sistemas S.L.
> C/ San Fernando 16 bajo
> 39010 Santander
>

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • RE: Pwdump2 with UNICODE?
    ... Subject: Pwdump2 with UNICODE? ... we grab the boot.ini file from the target server and that is ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Pwdump2 with UNICODE?
    ... Subject: Pwdump2 with UNICODE? ... > Subject: Pwdump2 with UNICODE? ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • cmdasp.asp & unicode
    ... Subject: cmdasp.asp & unicode ... Chances are either you need to run the attrib command ... shell via netcat, or via similar software. ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • cmdasp.asp & unicode
    ... grab te data of the database. ... and it ts vulnerable to an UNICODE exploit. ... For example: I upload cmdasp.asp to c:\inetpub\scripts\ with the ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: Is unicode necessary for a English and Spanish application/database?
    ... Randy, if you use any 1252-based collation such as the one that ... David referenced you can store English or Spanish data without using ... You may wish to consider Unicode for further down the road, ... The most common collation and charset in the US is ...
    (microsoft.public.sqlserver.server)