Just want to share this very short command line of netcat.
If you want to test a win2k running iis5 box with the default installation,
that means, it hasn't been hardened, then that's the right box and it's
vulnerable.
Thinks you need.
1. netcat
2. jill
on your linux console:
example: nc -l -p <port>
l -> list
p - > port
root# nc -l -p 5000
This means that we're running netcat to listen on port 5000
Now, since the default IIS5 is vulnerable with .printer vulnerability, you
can run jill against it.
I won't tell how to do it. Just download the program, compile it, then run
it to initiate a return port to 5000.
That's an exercise. :-)
Once your done, get back to the other console running netcat. You will see
the windows 2000 command prompt. And another good thing is that, you have
administrative privileges over that session.
C:\>
Isn't it cool. So for people running iis5, disable TCP/IP printing.
Btw, I'm studying passive network mapping now so if anyone can give tips,
that will be really valuable.
more to come
Neil
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
