توجه ! این یک نسخه آرشیو شده میباشد و در این حالت شما عکسی را مشاهده نمیکنید برای مشاهده کامل متن و عکسها بر روی لینک مقابل کلیک کنید : .HTR Vulnerability
Shadow
07-26-2003, 04:28 PM
lotfan dar morede vul file haye .htr dar iis 4/5 to zih dahid man bar ha tavasote sccaner haye mokhtalef en asib paziry ra peyda kardam vali ghader be anjame kary nistam
admin
07-26-2003, 05:03 PM
In asibha be hacker komak dar yaftan va vojod e file dar shakhae vaya drive mikonanad. Tavasot e anha dar hade pishrafteh mitavan SAM computer ra az server farakhani kard. Ama be hochonvan be shoma Shell nakhahad dad. Baraye etelaat e boshtar mitoonid be site SecurityFocus morajee va example ha ra morede azmayesh gharar dahid
Behrooz_Ice
07-27-2003, 06:02 AM
salam shadow jan , vulnerbility Microsoft IIS HTR ISAPI Extension Buffer Overflow ke be HTR marofe asibi hast ke dar Windows 2000 Server - Professional va Advance Server IIS 4 / 5 SP1 - SP2 vojod dare va jozve Vulnerbilityhaye HTTP mahsob mishe va be hacker ejazere eijade yek hamleye denial of service bar alayhe server victim ro mide va dar behtarin halat ejazeye ejraye barnameharo dar Server mide vali hamontor ke mehdi aziz goft be hich onvan ejazeye gereftane shell ro be ma nemide va expoliti ham ta behal baraye ein asib neveshte nashode .
dar zemn agar ein vulnerbility bar roye systeme khodet vojod dasht mitoni ba ein patche erae shode az sherkate microsoft ein asibpaziriro az bein bebari :
Microsoft IIS 5.0:
Microsoft Patch Q319733 IIS 5.0
[Only registered and activated users can see links]
vali agar dar yek Server vulnerbility .htw ke hamon asibe .htw Cross-Site Scripting Vulnerability hast peida kardi mitoni be vasileye exploiti ke dar zir midam log fileha va cookieharo az roye Server bebini va ya download koni , Exploit :
[Only registered and activated users can see links] " <SCRIPT>Active Scripting</SCRIPT> "
mesale kameltar :
[Only registered and activated users can see links]
movafagh bashi , bye
Behrooz Kamalian
vBulletin® v3.8.4, Copyright ©2000-2012, Jelsoft Enterprises Ltd.
