Alex Butcher (pentest) wrote: >>It is unclear to me whether this problem happens only because of the way the >>request is made (http://path/to/cmd.exe?/c+command1&command2), or if there are >>really different versions of cmd.exe. This is probably unrelated to this thread but After playing around with code red infected hosts, I found that http://path/to/cmd.exe?/rcommand+argument works too. For example http://path/to/cmd.exe?/rdir+c:\ displays the contents of C:\. Does anyone know what function the "r" plays in the URL? -- Emre Yildirim <emreat_private> GPG KeyID 0xF9E4A1D1 (keyserver.pgp.com) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Oct 23 2001 - 15:31:30 PDT