From: er t (er587@hotmail.com)
Date: Fri Jul 15 2005 - 11:48:02 EDT
Try Metasploit
NSIISLOG.DLL -
http://www.metasploit.com/projects/Framework/exploits.html#iis_nsiislog_post
WebDav Remote exploit MS03-007 -
http://www.metasploit.com/projects/Framework/exploits.html#iis50_webdav_ntdll
-----Original Message-----
From: Juda Barnes [mailto:securityfocus@mymail.pent900.com]
Sent: Thursday, July 14, 2005 2:57 PM
To: pen-test@securityfocus.com
Subject: Pen Test help
Hi all
i am doing Audit and pen test on machine till now i have figure out
that it is running
on Microsoft Windows 2000 SP3 or maybe SP4 Default installation
With WebDAV and FrontPage Installed
FPSE 4.0.2.5526, Microsoft-IIS/5.0
i used nessus and find the following vulnerbilities
-----> Plugin ID 11412 - WebDav Remote exploit MS03-007
-----> Plugin ID 11664 - NSIISLOG.DLL
Plugin ID 10661 - IIS5 .printer ISAP IPP
Plugin ID 10695 - .IDA ISAPI (MS01-033)
also i have verifyed that the server have nsiislog by
http://server/scripts/nsiislog.dll
i have tried to use the nsiislog exploit with no sucsseful ,
i will appriciate any good links where can i read regarding the NSIISLOG
exploit or other exploits
that i can find for that machine ( i wrote the vulnerabilities up there)
.er.587
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar – get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:33 EDT