Perhaps you used a bad example but you don't need to send two commands to accomplish a directory outside of the web root. A simple "dir C:\" or whatever would would fine. I find it much easier to simply upload a .cmd file to the temp directory that contains all the commands I want to run then I execute the file. On Tue, 23 Oct 2001, Daniel Polombo wrote: > Hello, > > as you all know, it's possible to exploit a number of IIS bugs to gain > access to \winnt\system32\cmd.exe and execute arbitrary commands on the > server. I've been trying to convince it to execute several commands on one > line (as one would separate commands with a ';' under any decent shell), with > limited success : on a number of NT/2k boxes, the syntax : > > command1 & command2 (eg, cd .. & dir) > > works fine. On some other boxes, though, it only returns 'The parameter is > incorrect'. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbakat_private http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Oct 23 2001 - 14:51:54 PDT