webshell find all of the IIS site configuration.- Vulnerability warning-the black bar safety net

ID MYHACK58:62200818764
Type myhack58
Reporter 佚名
Modified 2008-04-10T00:00:00


Sources:bad wolf safety net website:http://www. winshell. cn 默认 IIS 站点 配置 文件 有 2 个 MBSchema.xm 和 MetaBase.xml, The path is C:\WINDOWS\system32\inetsrv\(generally this directory is set to everyone read permissions.) MetaBase. xml this file is stored in the site IIS configuration information. Inside can be found to all of the Server IIS Settings under the sites directory and configuration. Several major configuration:

ServerComment:My Site //site name ServerBindings:8 0 //the site of the port Path="D:\wwwroot" //here is the site of the path DefaultDoc="index. asp,index.php,index.htm,Default.htm,Default. asp,Default. aspx" //default document head,is the home page to display the file name ScriptMaps==". asa,C:\WINDOWS\syst..........." //Site supports which scripts.

There is to see C:\WINDOWS\system32\inetsrv\History directory,this directory is for each site in the IIS settings for the backup. But these are related to the permissions problem if the permissions default set to strict you can not access.