delete852 wrote: |
I read a file somewhere on gaining access to the system throught unicode vulnerability in IIS. How does this work exactly?
What I got out of it is that once you can send commands throught the URL bar as query string you are able to create a batch file in DOS. And then make it connect to you system, on your system you have to be running netcat (I think) and in a certain mode that when computers connect to you it lets you open a program on their computer. So after you would execute the script throught unicode the server would connect to you and you would get access to their MS-DOS virtual machine. Is this possible or like what? Looking for some feedback. |
output generated using printer-friendly topic mod, All times are GMT + 2 Hours