From: Nathan Jackson (c.cured@gmail.com)
Date: Tue Dec 07 2004 - 09:24:19 EST
Quote from securityfocus link:
You MUST Enter the host like this http://server DON'T FORGET http://
or it'll not work.
On 4 Dec 2004 19:49:13 -0000, m a <aznxy@yahoo.com> wrote:
>
>
> Running a pen test on some web servers.
>
> Some were verified to have RDS version is 1.5 thus:
>
> http://10.1.1.1/msadc/readme.txt
>
> Here is the exploit:
>
> http://www.securityfocus.com/bid/529/exploit/
>
> I have tried unicode directory traversal which doesn't work.
>
> Running msadc works
>
> $ ./msadc.pl -h 10.1.1.1 -N
>
> -- RDS smack v2 - rain forest puppy / ADM / wiretrip --
>
> Machine name: NT2
>
> I am trying to execute some cmd /c commands, however just trying to echo >xxx a file to the default path of msadc and the wwwroot does not yield anything I can open. I am largely trying to verify that the commands work.
>
> Even if this does work (and the default paths are changed) I am nost sure what else I can do with it considering the
>
> firewall is filtering out everything apart from 80 and 443 (some host
>
> probably just one) inbound. I could potentially try killing the inet process and then implant nc.exe and have it take over on 80 or 443 but that would be to intrusive.
>
> Here's some more reading on this (this guy had the benefit of unicode):
>
> http://www.honeynet.org/scans/scan14/rfp.html
>
> Any help much appreciated.
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:09 EDT