Yes, I know there are quite a number of unicode tools out there (Kevin Timm's fire-runner, H D Moore's unicoder.pl, sec-1's iisenc.pl, Ian Vitek's briiis.pl), however I promised it and here I release a new one. Hopefully, since it's GPL, I can add contributions in order to fix the many TODOs I still have left. Still, these tools are usable enough. I include with this mail some tools I have developed in order to do penetration tests in IIS servers. Included are: 1.- unicode-shell. Simulates a shell to execute commands to an IIS server. It's really delightful to do a 'ls' and see the results as if using a troyan (netcat) in the remote server. 2.- echo-files. Allows remote generation of *any* file in an IIS server. This program generates the commands that can be given to a non-interactive execution of unicode-shell in order to use the IIS server as an FTP server. With this two tools you can penetrate-test an IIS server including file downloads (using uuencode or adjointed 'netsend'). 3.- Downloadasp. This tool uses know vulnerabilities in IIS to download the source for ASPs in order to do a code audit in search of known bad habits in programming (like using user's input to generate SQL queries). 4.- findasp. This tool takes a local copy of a webserver and outputs a list of asp files. Findasp can "feed" downloadasp in order to retrieve the whole source of an IIS server. I hope this four tools are useful for penentration testers out there. I would like to receive bug reports and improvements (although I will not be doing penetration testing for some time, so I might not be quick to answer). Best regards Javier Fernández-Sanguino Peña
This archive was generated by hypermail 2b30 : Mon Jul 16 2001 - 13:54:42 PDT