Is really difficult find out a exploitable vulnerability on IIS, because
microsoft has been spend a big effort to look for privately vulnerability
every monthy. Just to you hv a good idea the last most powerful threat
discovery of the earth THE FLAME, uses a stolen digital certificate instead
exploitable code

actually mostly casual or acidental bug are discovered..but the first
technical step to take is use a good fuzzer like
http://lcamtuf.coredump.cx/cross_fuzz/cross_fuzz_randomized_20110105_see
d.html#-939906642,
and the next step if you hv luck and find out a Access Violation memory u
can debug it with windbg and build your exploit...

I advise u add some good researchers on your twitter to be on line and
learn abt last discoveries and who knows a Zero days..

marcelo carvalho

-----Original Message-----
From: Nikhil Varghese
Sent: Thursday, June 07, 2012 1:58 PM
To: security-basics (at) securityfocus (dot) com [email concealed]
Subject: Re: Exploitable vulnerabilities in Microsoft IIS/7.0

I think exploit development in windows is too difficult. I really
don't know where to start. The only experience I have is in using
metasploit.

Which is the best resource I can get to develop windows exploits?

On Wed, Jun 6, 2012 at 11:37 PM, Nikhil Varghese <nkvp.93 (at) gmail (dot) com [email concealed]> wrote:
> I found two more vulnerabilities, but i still don't have any way of
> testing them on my system.
>
> http://www.securitytracker.com/id/1024079
> http://www.securitytracker.com/id/1024440
>
> I tried to develop my own exploit but the information is too vague. It
> would be useful if anyone has an exploit or can help me out in anyway
> possible.
>
>
>
> On Wed, Jun 6, 2012 at 11:13 PM, Nikhil Varghese <nkvp.93 (at) gmail (dot) com [email concealed]>
> wrote:
>> Are there any vulnerabilities in Microsoft IIS/7.0 that are
>> exploitable? I found one:
>> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0074.
>> However, i could not find any metasploit exploit for the vulnerability.
>>
>> How can I test if my IIS server is vulnerable since i run Microsoft
>> IIS/7.0 in my system? Has anyone written an exploit/detailed
>> explanation for this yet?

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate. We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]