Well,this is an old exploit that exists in websites
running on an older version of IIS server.IIS or Internet Information
Services is a web server application created by Microsoft.
This exploit affect websites running on IIS
version 6.0 or below.So the best way to protect a website against this exploit is to upgrade to new versions of IIS.The latest version being IIS 7.5 .
Well now coming to the exploit part.There is
not really a google dork to check for sites vulnerable to IIS attack.
The best way is footprinting of the site you are looking to penetrate.
For performing this attack,we require windows OS.
Windows 7 users,need follow these steps-
-Right click My Computer,Click on "Map Network Drive".
-Just enter the URL of vulnerable website in 'Folder' option,and
click finish.
-If the website would be vulnerable,you would get a new folder in
your network location,otherwise an error message.
-Now that you have got a new location,you can copy any malicious
script(Shell),and hence do anything with the website :)
-To access the file you copied,just open up your browser,and goto
http://site.com/file and you can access the file you uploaded.
-To remove that network location,just right click on it and then
click "disconnect" .
Here's a list of few sites vulnerable to this attack,try them-
http://pastebin.com/5LTPim5z
This post is meant only for educational purpose,any misuse of the above information shall not be the responsibility of publisher.......
running on an older version of IIS server.IIS or Internet Information
Services is a web server application created by Microsoft.
This exploit affect websites running on IIS
version 6.0 or below.So the best way to protect a website against this exploit is to upgrade to new versions of IIS.The latest version being IIS 7.5 .
Well now coming to the exploit part.There is
not really a google dork to check for sites vulnerable to IIS attack.
The best way is footprinting of the site you are looking to penetrate.
For performing this attack,we require windows OS.
Windows 7 users,need follow these steps-
-Right click My Computer,Click on "Map Network Drive".
-Just enter the URL of vulnerable website in 'Folder' option,and
click finish.
-If the website would be vulnerable,you would get a new folder in
your network location,otherwise an error message.
-Now that you have got a new location,you can copy any malicious
script(Shell),and hence do anything with the website :)
-To access the file you copied,just open up your browser,and goto
http://site.com/file and you can access the file you uploaded.
-To remove that network location,just right click on it and then
click "disconnect" .
Here's a list of few sites vulnerable to this attack,try them-
http://pastebin.com/5LTPim5z
This post is meant only for educational purpose,any misuse of the above information shall not be the responsibility of publisher.......
