From: Juda Barnes (judab@pent900.com)
Date: Sat Jul 16 2005 - 11:14:52 EDT
I allready used that I am unable to get win32_reverse or win32_bind
With the two exploits nsiislog_post and webdav_ntdll
Any other ideas ?
-----Original Message-----
From: er t [mailto:er587@hotmail.com]
Sent: Friday, July 15, 2005 5:48 PM
To: securityfocus@mymail.pent900.com; pen-test@securityfocus.com
Subject: RE: Pen Test help
Try Metasploit
NSIISLOG.DLL -
http://www.metasploit.com/projects/Framework/exploits.html#iis_nsiislog_post
WebDav Remote exploit MS03-007 -
http://www.metasploit.com/projects/Framework/exploits.html#iis50_webdav_ntdl
l
-----Original Message-----
From: Juda Barnes [mailto:securityfocus@mymail.pent900.com]
Sent: Thursday, July 14, 2005 2:57 PM
To: pen-test@securityfocus.com
Subject: Pen Test help
Hi all
i am doing Audit and pen test on machine till now i have figure out
that it is running
on Microsoft Windows 2000 SP3 or maybe SP4 Default installation
With WebDAV and FrontPage Installed
FPSE 4.0.2.5526, Microsoft-IIS/5.0
i used nessus and find the following vulnerbilities
-----> Plugin ID 11412 - WebDav Remote exploit MS03-007
-----> Plugin ID 11664 - NSIISLOG.DLL
Plugin ID 10661 - IIS5 .printer ISAP IPP
Plugin ID 10695 - .IDA ISAPI (MS01-033)
also i have verifyed that the server have nsiislog by
http://server/scripts/nsiislog.dll
i have tried to use the nsiislog exploit with no sucsseful ,
i will appriciate any good links where can i read regarding the NSIISLOG
exploit or other exploits
that i can find for that machine ( i wrote the vulnerabilities up there)
.er.587
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:35 EDT