Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
myhack58佚名MYHACK58:62200613011
HistoryNov 26, 2006 - 12:00 a.m.

The command line to create a virtual directory-vulnerability warning-the black bar safety net

2006-11-2600:00:00
佚名
www.myhack58.com
15
JSON

Long, long no and we chat, want to everyone. Meet first just to give everyone a small gift. In fact also is not what good stuff.
In research and study in progress, no research, no in-depth to understand, there is no progress. Serious learning attitude+pursued+one hundred thousand why.
The result obtained is the achievement!
Well, bullshit to put up too much. Understand people, not a fancy plane words are understood. Do not understand people, to see and maybe never will understand.

The system has a VBS can also achieve this function. But I think, if in the virtual host, the presence of multiple sites case.
Create a virtual directory, only in the first default site. General virtual host the default is off. That is your build, by HTTP can not access.
From the MSDN, I found some related technical information, wrote a small tool. Can be built on other sites. Here it seems to say a bit confusing.

I am an example to everyone talk about it.
Get a virtual host to the Internet Information Service of the list for everyone to see will understand

+The default web site(stopped)
+Management of web site(stopped)
+163.com
+263.com
+363.com

Well, above we saw that there are three sites open. While the foregoing that a default has been closed.
In this case, we use VBS to create a virtual directory, is built on the default site, and the site is stopped, so the establishment is successful, also cannot access.
For example: how can we in 2 6 3. com this station, the establishment of a directory, such as:VDIR,via http://www. 1 6 3. com/VDIR can access?
By finding the information that I got, in the establishment of the time, allows you to specify a number, such as: 1…N

1 : indicates, in the default site, and then press this sequence, and the 3 6 3. com the corresponding number is 5.
Understand this truth after, with the program to achieve this function is relatively simple. Of course, you would say, then I think in 2 6 3. com this station, established.
But I don’t know, this station corresponding to the number is how many, for that matter, we can only from the number 3 the beginning has been to build, (1,2 corresponds to the previously default)
When creating a post, you can read his configuration information, return to everyone. Built a post, you will understand that is not built in you want to build that Station, if not.
You can put him out. Then increase the number.:) There is no one tool that can at the command line, put all the host site information, such as:the name of the corresponding directory like listed here? Principle almost, you see the complete code should be written.

The following is the code:

program VDir;

{$APPTYPE CONSOLE}

uses
ActiveX,SysUtils,ComObj;
Var
VName,
VPath,
Vattrib : String;

createVpath : Boolean;
WebIndex : integer;

Procedure ShowHelp;
Begin
WriteLn(‘=========== VDir by CYFD! ============’);
WriteLn(“);
WriteLn(‘Useag:’+ParamStr(0)+’ <-n:VName> <-p:VPath> <-i:WebIndex> <-c:CmdType> [-r:Vattrib]');
WriteLn(”);
WriteLn(‘Sample:’+ParamStr(0)+’ -n:yfd-p:c:\ -i:1-c:1-r:0,1,3’);
WriteLn(");
WriteLn(’ CmdType :‘);
WriteLn(’ 1 : create’);
WriteLn(’ 0 : delete’);
WriteLn(’ Vattrib :‘);
WriteLn(’ 0 : AccessScript’);
WriteLn(’ 1 : AccessRead’);
WriteLn(’ 2 : AccessWrite’);
WriteLn(’ 3 : AccessExecute’);
WriteLn(’ 4 : EnableDirBrowsing’);
End;

Procedure ParseParam(Str : String);
var
tStr : String;
Begin
tStr := lowercase(Copy(Str,1,3));
if tStr=‘-n:’ then
VName := Copy(Str,4,Length(Str));
if tStr=‘-p:’ then
VPath := Copy(Str,4,Length(Str));
if tStr=‘-c:’ then
createVpath := StrToIntDef(Copy(Str,4,Length(Str)),1) = 1;
if tStr=‘-r:’ then
Vattrib := Copy(Str,4,Length(Str));
if tStr=‘-i:’ then
WebIndex := StrToIntDef(Copy(Str,4,Length(Str)),1);

End;

Function GetStrForSpace(SourceStr :String ; JGZF:char ; Index:integer):String;
var
Pchar1 : pchar;
i , count : integer;
cStr : string;
begin
Count := 0;
Pchar1 := pchar(SourceStr);
cStr := ";
for i:=0 to length(Pchar1)-1 do begin
if pchar1 = JGZF then
begin
Count := Count + 1;
if Count = Index then begin
break;
end;
end
else if Count = Index -1 then cStr := cStr + pchar1;
end;
Result := cStr;
end;

procedure createVDir(Vdirpath:string);
var
WebSite, WebServer, WebRoot, VDir,Binds: Variant;
BindStr : String;
begin
Try
WebSite := createOleObject(‘IISNamespace’);
WebSite := WebSite. GetObject(‘IIsWebService’, ‘localhost/w3svc’);
WebServer := WebSite. GetObject(‘IIsWebServer’, IntTostr(WebIndex));

// Here the WebIndex is you want to build the number.

WebRoot := WebServer. GetObject(‘IIsWebVirtualDir’, ‘Root’);

if createVpath then Begin
VDir := WebRoot. create(‘IIsWebVirtualDir’, VName);
Vdir. AccessScript := pos(‘,0,’,Vattrib) >0;
VDir. AccessRead := pos(‘,1,’,Vattrib) >0;
VDir. AccessWrite := pos(‘,2,’,Vattrib) >0;
VDir. AccessExecute := pos(‘,3,’,Vattrib) >0;
VDir. EnableDirBrowsing := pos(‘,4,’,Vattrib) >0;

// The above few lines is for you to set up the directory to set access permissions. Writable, readable, executable, can browse…

VDir. Path :=VDirPath;
VDir. SetInfo;

Binds := WebServer. ServerBindings;
BindStr := Binds[0]+‘:’;
WriteLn(“);
WriteLn(‘Result :’);
WriteLn(”);
WriteLn(‘IP : ‘+ GetStrForSpace(BindStr,’:’,1));
WriteLn(‘Port : ‘+ GetStrForSpace(BindStr,’:’,2));
WriteLn(‘HostName : ‘+ GetStrForSpace(BindStr,’:’,3));
WriteLn(");
WriteLN(‘Path Is:’ + WebRoot. Path);
WriteLN(‘Index IS:’ + IntTostr(WebIndex));
WriteLn(‘Comment :’ + WebServer. ServerComment);

// The above few lines is to give the site some of the information, IP, port, hostname, path, etc…

WriteLn(");
WriteLn(‘createsuccess.’);
End
Else Begin
WebRoot. delete(‘IIsWebVirtualDir’, VName);
Writeln(‘delete Success.’);
End;
Except
WriteLn(‘Fail.’);
End;

end;

Var
i : integer;
begin

coinitialize(nil);
if ParamCount <4 then Begin
ShowHelp;
Exit;
End;

For i:=1 to ParamCount do
ParseParam(Paramstr(i));

if (ParamCount = 5) and (Vattrib =") then Begin
ShowHelp;
Exit;
End;
Vattrib := ‘,’+Vattrib+‘,’;
createVDir(VPath);

{ TODO-oUser-cConsole Main : insert code here }

end.

The code can be used to COPY into Notepad, then save it as a VDIR. DPR file using DELPHI open compile it on the line.

Method of use:
I want to be in the default site(number 1)to establish one, can read, can write, can note browsing to the directory, the name: yfd path is c:
Then so use:

D:VDir.exe -n:yfd-p:c: -i:1-c:1-r:1,2,4

Program help display:
Useag:VDir.exe <-n:VName> <-p:VPath> <-i:WebIndex> <-c:CmdType> [-r:Vattrib]

Sample:D:VDir.exe -n:yfd-p:c: -i:1-c:1-r:0,1,3

CmdType :
1 : create
0 : delete
Vattrib :

0 : AccessScript (script access)
1 : AccessRead (readable)
2 : AccessWrite (writable)
3 : AccessExecute (executable)
4 : EnableDirBrowsing (can browse)

-n: to establish the name of the directory

-P: The establishment of the directory path

-i: number

-c: (1 means built,0 indicates deletion)

-r: (when you select the build,please enter his corresponding access rights values,delete when you can not write).

Returns the result:

D:>VDir.exe -n:yfd-p:c: -i:1-c:1-r:1,2,4

Result :

IP : 127.0.0.1
Port : 8 0
HostName :

Path Is: E:ScriptWEBTEST
Index IS: 1
Comment : the default Web site

create success.

JSON