Many users are expecting a patch for the Microsoft IIS Semicolon Bug, but from the recently published bulletin by Microsoft it seems that is highly unlikely during this patch cycle. Microsoft Security Bulletin Advance Notification for January 2010 It seems they will only be pushing out a fairly low priority fix which is rated critical [...]
Tag Archive | "hacking-IIS"
This is another selection from the Old Skool Philes, I like these as they tend to generate some good discussion and they are a good introduction to newcomers to hacking on the mindset and workflow of getting access to a box. The exact methods may not work, but we aren’t here to train script kiddies, [...]
This Phenoelit tool called ObiWaN is written to carry out brute force security testing on Webservers. The idea behind this is webservers with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a [...]