Re: IIS5 Null.Printer vulnerability exploitation tool



Hi Vedantam Sekhar,

The PoC tool for IIS5 Null.Printer Buffer Overflow vulnerability can
be downloaded from URL.
URL: http://www.packetstormsecurity.org/0111-exploits/IIS5-Koei.zip

Hope this helps!!

---
Nikhil Wagholikar
Practice Lead | Security Assessment & Digital Forensics
Network Intelligence India Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Training
http://www.niiconsulting.com/services/education/Training%20Calendar.html


2009/6/12 Vedantam sekhar <sekhar56us@xxxxxxxxx>

Group,

It will be helpfull if anyone guide me how to test for this particular vulnerability. I did confirm this vuln. exists in the website i am testing presently but i need show my customer remote system compromise is possible (showing him the cmd/# on the target ultimately).

The code given on the securityfocus only tells me if the site has the vulnerability or not

Btw will it work againest II5 on windows 2000 later than SP2 as well?

S





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------