Saturday, January 26, 2013
HACKING IIS Server
Alright so you all wanna know how to break into IIS web servers? First off,
you should find a cgi-scanner so that things will get easier. My personnel
preferences are
"whisker" by "rain forest puppy" (www.wiretrip.net/rfp).
"cis" by "mnemonix" (www.cerberus-infosec.co.uk)
To understand which server is running on the victim site
telnet <victim> 80
GET HEAD / HTTP/1.0
and there you go with the name and the version of the web server. However
some sites might run their web servers over 8080, 81, 8000, 8001, and so on.
To understand SSL web servers, which provides encryption between the web
server and the browser we use the tool "ssleay"
s_client -connect <victim>:443
HEAD / HTTP /1.0
and here we go again.
To Download the full document here
:: DOWNLOAD ::
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment