On Wed, 2003-03-12 at 10:54, A. Caruso wrote: > Most of the tools depend on the default install of IIS with webroot on > c:. I've moved webroot to d: on my toybox and haven't been able to > jump back to c: to get a shell (cmd). Does anyone know of a mechanism > to "jump" file systems. >From unicoder.pl : my @cdirs = qw (/scripts/ /msadc/ /iisadmpwd/ /_vti_bin/ /exchange/ /cgi-bin/ /pbserver/ /); So, we're here looking for some common directories, often located on the C: and whith the "exec" flag. And you need to find a directory located on a filesystem with interesting binaires, like cmd.exe You can't swap from disk to disk, because you're exploiting a "directory transversal sploit", and there's no root directory (aka /) in the Windows world. Regards, -- Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information ngregoireat_private ------[ ExaProbe ]------ http://www.exaprobe.com/ PGP KeyID:CA61B44F FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
This archive was generated by hypermail 2b30 : Thu Mar 13 2003 - 13:51:25 PST