Re: IIS5 Null.Printer vulnerability exploitation tool

From: Nikhil Wagholikar <visitnikhil@xxxxxxxxx>
Date: Sat, 13 Jun 2009 11:13:57 +0530

Hi Vedantam Sekhar,

The PoC tool for IIS5 Null.Printer Buffer Overflow vulnerability can
be downloaded from URL.
URL: http://www.packetstormsecurity.org/0111-exploits/IIS5-Koei.zip

Hope this helps!!

---
Nikhil Wagholikar
Practice Lead | Security Assessment & Digital Forensics
Network Intelligence India Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Training
http://www.niiconsulting.com/services/education/Training%20Calendar.html

2009/6/12 Vedantam sekhar <sekhar56us@xxxxxxxxx>

Group,

It will be helpfull if anyone guide me how to test for this particular vulnerability. I did confirm this vuln. exists in the website i am testing presently but i need show my customer remote system compromise is possible (showing him the cmd/# on the target ultimately).

The code given on the securityfocus only tells me if the site has the vulnerability or not

Btw will it work againest II5 on windows 2000 later than SP2 as well?

S

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

References:
- IIS5 Null.Printer vulnerability exploitation tool
  - From: Vedantam sekhar

Prev by Date: IIS5 Null.Printer vulnerability exploitation tool
Next by Date: Re: ORDER BY sql injection help
Previous by thread: IIS5 Null.Printer vulnerability exploitation tool
Index(es):
- Date
- Thread

Relevant Pages

Re: How to write a security vulnerability assessment consulting project
... Practice Lead | Security Assessments & Digital Forensics ... Comprehensive Information Security Training ... Our security team is working in a security vulnerability assessment ... Information Assurance Certification Review Board ...
(Pen-Test)
Re: How to write a security vulnerability assessment consulting project
... Practice Lead | Security Assessments & Digital Forensics ... Comprehensive Information Security Training ... Our security team is working in a security vulnerability assessment ... Information Assurance Certification Review Board ...
(Pen-Test)
Re: To go to University - For the CISSP etc. - Good idea/Bad idea???
... If there was no change then the security industry would be dead as the ... technology evolves so quickly that "new" technology is ... Information Assurance Certification ... Prove to peers and potential employers without a doubt that you can ...
(Pen-Test)
Re: To go to University - For the CISSP etc. - Good idea/Bad idea???
... holder globally and the most highly accredited Global Information Security ... Although technology moves on, many of the underlying foundations do not. ... Information Assurance Certification ... Prove to peers and potential employers without a doubt that you can ...
(Pen-Test)
Re: University plan
... Core Security Technologies ... Find a good 4 year undergraduate school, ... a full practical examination in order to become certified. ... Information Assurance Certification Review Board ...
(Pen-Test)