Yesterday, I posted an article about a Nmap script to detect potentially vulnerable Microsoft IIS FTP servers. I updated the script which now allows an alternative FTP user and password pair to be passed via the command line (thanks to Chris for the comment). If no arguments are provided, an
Tag: exploit
Detecting Vulnerable IIS-FTP Hosts Using Nmap
A new 0-day exploit for the FTP server included within the Microsoft IIS suite has been released today. Check the post on the Full Disclosure mailing list for more details. Based on an existing Nmap script, I quickly wrote a new one which performs the following actions: Check if anonymous
carprss.php Exploit
Since 29 February, this blog was hit by 400+ attempts to compromize the server and install an IRC bot. There is a new exploit of SiteBuilder in the wild. Hits came from the following compromized hosts: # awk ‘{ print $1 }’ <carprss.tmp | sort -nu 64.128.80.82 64.185.237.176 64.22.112.178 64.255.254.10