Pen Test help

From: Juda Barnes (securityfocus@mymail.pent900.com)
Date: Thu Jul 14 2005 - 14:57:22 EDT

• Next message: Paul Fields: "RE: Pentest Letter of Achievement/Certificate"
• Previous message: Josh F: "Re: Professional use keylogger"
• Next in thread: er t: "RE: Pen Test help"
• Maybe reply: er t: "RE: Pen Test help"
• Maybe reply: Stephane Auger: "RE: Pen Test help"
• Maybe reply: Juda Barnes: "FW: Pen Test help"
• Maybe reply: Stephane Auger: "RE: Pen Test help"
• Maybe reply: Roberts, Scott: "RE: Pen Test help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

 
Hi all
 
     i am doing Audit and pen test on machine till now i have figure out
that it is running
    on Microsoft Windows 2000 SP3 or maybe SP4 Default installation
 
    With WebDAV and FrontPage Installed
 
 
 
    FPSE 4.0.2.5526, Microsoft-IIS/5.0
 
    i used nessus and find the following vulnerbilities
 
   -----> Plugin ID 11412 - WebDav Remote exploit MS03-007
   -----> Plugin ID 11664 - NSIISLOG.DLL
    Plugin ID 10661 - IIS5 .printer ISAP IPP
    Plugin ID 10695 - .IDA ISAPI (MS01-033)
 
 
    also i have verifyed that the server have nsiislog by
http://server/scripts/nsiislog.dll
    i have tried to use the nsiislog exploit with no sucsseful ,
 
    i will appriciate any good links where can i read regarding the NSIISLOG
exploit or other exploits
    that i can find for that machine ( i wrote the vulnerabilities up there)
 

• Next message: Paul Fields: "RE: Pentest Letter of Achievement/Certificate"
• Previous message: Josh F: "Re: Professional use keylogger"
• Next in thread: er t: "RE: Pen Test help"
• Maybe reply: er t: "RE: Pen Test help"
• Maybe reply: Stephane Auger: "RE: Pen Test help"
• Maybe reply: Juda Barnes: "FW: Pen Test help"
• Maybe reply: Stephane Auger: "RE: Pen Test help"
• Maybe reply: Roberts, Scott: "RE: Pen Test help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:33 EDT