[framework] MS03-051
Greg Linares
Glinares at PCOnsite.com
Wed Sep 6 12:52:24 CDT 2006
Oh, I just misread his request, I thought he asked for a non-metasploit
version of the exploit
Oh well, yeah that iis_fp30reg_chunked exploit has its limitations, I
think it just runs code in the context of IUSR_BROWSER, although there
is a plethora of pipe-hijacking\privlidge escalation code that could be
ran in conjuction with it.
-----Original Message-----
From: H D Moore [mailto:hdm at metasploit.com]
Sent: Wednesday, September 06, 2006 10:42 AM
To: framework at metasploit.com
Subject: Re: [framework] MS03-051
The exploit has been part of the Framework for a couple years. You can
find it listed as iis_fp30reg_chunked.pm. Let me know if run into any
trouble exploiting it. Funny that nobody actually looked :-)
http://metasploit.com/projects/Framework/exploits.html#iis_fp30reg_chunk
ed
-HD
On Wednesday 06 September 2006 07:31, jack ciabatta wrote:
> I know, isn't a recent bug, but anyone have a no-ufficial metasploit
> module? It could be very useful.
> (http://www.securiteam.com/exploits/6A00J1P8UQ.html)
More information about the framework
mailing list