[18939] in bugtraq
Re: Windows and IIS
daemon@ATHENA.MIT.EDU (Maceo)
Fri Feb 2 01:45:23 2001
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10102011203240.17770-100000@calvin.dogmile.com>
Date: Thu, 1 Feb 2001 12:19:30 -0700
Reply-To: Maceo <maceo@DOGMILE.COM>
From: Maceo <maceo@DOGMILE.COM>
X-To: "Jesper M. Johansson" <jjohanss@BU.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <005701c08be0$9aefb5f0$a800a8c0@yggdrasil.bu.edu>
On Wed, 31 Jan 2001, Jesper M. Johansson wrote:
> I can't repro this. I get the code to execute, but I cannot repro the
> privilege escalation. No matter what application protection level I set this
> at I can't get it to execute as anything other than IUSR. I tried on Windows
Run whoami.exe from the cmd process that the asp code shells.
The following code from CmdAsp:
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
displays the user context the ASP is running under, not the context
of the cmd shell (which has escalated privileges).
-Maceo
