Re: IIS HTR Exploit ?
From: r00t@online.ieDate: 06/19/02
- Previous message: Erik Birkholz: "Re: hacking a NT domain after the member server"
- Maybe in reply to: r00t@online.ie: "IIS HTR Exploit ?"
- Next in thread: Vitaly Osipov: "Re: IIS HTR Exploit ?"
- Reply: Vitaly Osipov: "Re: IIS HTR Exploit ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: <r00t@online.ie> Date: Wed, 19 Jun 2002 09:45:13 +0100 To: Erik Birkholz <erik@foundstone.com>
Sorry bout this second message:
Some PPL want specific bid numbers:
Well here it is: 4855
Like I said the only thing close to a working exploit (that I am aware of) is
the eeye sample code.
However all this code does is, proves a host is vulnerable. There are one or
two others as well, but they dont got shellcode = t aint gonna work.
Please Please help ....
Calling all b-hats, please pass me your BID:4855 IIS5.0 W2k exploits.
Thank you kindly
Mark
Quoting Erik Birkholz <erik@foundstone.com>:
> There are HTR expolits. Eeye has been droppin them since blackhat 1999; at
> the venetion (alarms and all)
>
> Ahhh the good ole days
>
> If you mean the new sploit, please specify the BID so we know what you are
> talking about
>
> =-)
>
>
> Erik Pace Birkholz, CISSP
> Principal Consultant - FOUNDSTONE
> 323 252 5916
>
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Erik Birkholz: "Re: hacking a NT domain after the member server"
- Maybe in reply to: r00t@online.ie: "IIS HTR Exploit ?"
- Next in thread: Vitaly Osipov: "Re: IIS HTR Exploit ?"
- Reply: Vitaly Osipov: "Re: IIS HTR Exploit ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
