Breaking into an ssl-only IIS box
From: Ralph Los (RLos@enteredge.com)Date: 02/28/02
- Previous message: John Ormonde: "CanSecWest '02 conference"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Ralph Los" <RLos@enteredge.com> To: pen-test@securityfocus.com Date: Thu, 28 Feb 2002 15:14:39 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey all,
Thought I'd throw this out. What tools do you all use to break into
a box that has the following config:
(1) IIS/4.0 on WinNT 4.0 sp6a
(2) FrontPage Extensions (how to determine version?) installed
(3) /IISADMIN and /PRINTERS folders visible, but password-protected
(4) All of this is ONLY visible through SSL (no big deal)...
Thoughts?
- ----------------------------------------|
Ralph M. Los
Sr. Security Consultant and Trainer
EnterEdge Technology, L.L.C.
rlos@enteredge.com
(770) 955-9899 x.206
- ----------------------------------------|
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1.1
iQA/AwUBPH6PRNfQPveTWZDtEQJ5pQCeMI5fjChZy2+nI7JjIHa2lufKWdEAoPyd
qOf+XjptTrg2J23ILMPI6z17
=ifVA
-----END PGP SIGNATURE-----
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: John Ormonde: "CanSecWest '02 conference"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
