|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Pen on IIS with webroot not on C
From: Nicolas Gregoire (ngregoire
exaprobe.com)
Date: Wed Mar 12 2003 - 16:47:15 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 2003-03-12 at 10:54, A. Caruso wrote:
> Most of the tools depend on the default install of IIS with webroot on
> c:. I've moved webroot to d: on my toybox and haven't been able to
> jump back to c: to get a shell (cmd). Does anyone know of a mechanism
> to "jump" file systems.
>From unicoder.pl :
my cdirs = qw (/scripts/ /msadc/ /iisadmpwd/ /_vti_bin/ /exchange/
/cgi-bin/ /pbserver/ /);
So, we're here looking for some common directories, often located on the
C: and whith the "exec" flag. And you need to find a directory located
on a filesystem with interesting binaires, like cmd.exe
You can't swap from disk to disk, because you're exploiting a "directory
transversal sploit", and there's no root directory (aka /) in the
Windows world.
Regards,
--
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoireexaprobe.com ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQA+b6z1uhlqje80vsMRAs5HAJ99kLEo12qamF/iCz2CEh0kt3WjGQCfRSBz
f+edlbwvxfVr59kvABiHeEw=
=0r51
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]