On Sun, Jul 28, 2002 at 06:06:53PM +0800, McKenzie Family wrote: > (This seems to be an oldy but goody not affected by MS patches) > > Senario: > (1) Win NT / IIS 4 > (2) http://server/msadc/samples/adctest.asp found from whisker. > > Connection: DSN=AdvWorks > Query: Select * from Products where ProductType='|shell("<<<INSERT>>>")|' > > >From other peoples experience whats a good shell code to pipe into the field > to test if its vulnerable.. Ive tried a few of the echo, rdisk, and copy of > repair\sam._ to intedpub\wwwroot and then tried dloadin git from the web, > but so far no response .... > > I take it that means that the version of MDAC has been upgraded and therefor > not vulnerable even though the sample page still exist?
Adctest is just a clientside frontend for basic RDS functionality. What you are describing is exactly what the good old msadc.pl does. Read up on RDS, I recommend going to http://www.wiretrip.net/rfp/ /olle ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
