Exploits: Win NT / 2k / IIS / Frontpage

unicode.zip many iis 3, 4, and 5 boxes are vulnerable to to an attack that will allow hackers to peruse directories, read files, and execute commands. info, exe and perl xploits for win and linux in one happy zip.

iis5_xpl1.txt if an iis 5 box has patch q277873 installed, its vulnerable to an input validation attack that allows remote attackers to execute3 arbitrary commands.

getadmin.exe this xploit uses dll injection to grant any user computer admin privelages.

sechole.exe same as getadmin but works on systems patched against the original getadmin exploit.

rdsx.pl the renowned msadc/rds xploit - execute commands with system privelages.

coldfusion_xpl.txt by default, cold fusion webserver has serveral vulnerable cfml scripts that will allow an attacker to upload files and browse the filesystem.

iishack.exe many iis 4 servers are vulnerable to a buffer overflow - here's eEye's exploit.

nullipc.txt by default all nt and windows 2000 computers are vulnerable to an attack that hackers can use to enumerate all usernames.

frontpage.pl a brief description of the /_vti_pvt/*.pwd security hole, and a perl script that scans for open password files and misconfigurations that allow an attacker to access the administration interface.

aspscript.txt certain iis boxes may reveal their source, or other sensative files.

TCU's Xpl0it section: for serious hackers only. I'll be adding exploits as often as I can.


Are you new to exploits? Read this gtmhh on sploits, or DV3 to learn more.

Back

News