I ran across a new exploit for the vulnerability found by Entercept, this one
is binary only, creates a backdoor account, and provides a remote command
shell feature using a local win32 executable and the dll on the server. The
readme file happens to list the other dll names that can be used in the
exploit:
--[ cut from readme.txt
1、 idq.dll
2、 httpext.dll
3、 httpodbc.dll
4、 ssinc.dll
5、 msw3prt.dll
6、 author.dll
7、 admin.dll
8、 shtml.dll
9、 sspifilt.dll
10、compfilt.dll
11、pwsdata.dll
12、md5filt.dll
13、fpexedll.dll
------------------------
The exploit was found on xfocus.org:
http://www.xfocus.org/download.php?id=241
I have a local copy with the extracted zip here:
http://www.digitaloffense.net/archives/iissystem/
I plan on dissecting the executable and dll later on (which are strangely the
exact same size yet differ in content), can anyone provide a Chinese to
English translation for the readme?
PS. Thanks to "isno" for writing it, just wished it came with source...
--
H D Moore
http://www.digitaldefense.net - work
http://www.digitaloffense.net - play
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Sep 10 2001 - 07:59:56 PDT