SCANUNICODE
所属分类:网络编程
开发工具:Visual C++
文件大小:11KB
下载次数:25
上传日期:2009-12-09 09:05:29
上 传 者:
spfaaron
说明: 微软IIS 4.0和5.0都存在利用扩展UNICODE字符取代"/"和"\"而能利用"../"目录遍历的漏洞。未经授权的用户可能利用IUSR_machinename账号的上下文空间访问任何已知的文件。该账号在默认情况下属于Everyone和Users组的成员,因此任何与Web根目录在同一逻辑驱动器上的能被这些用户组访问的文件都能被删除,修改或执行,就如同一个用户成功登陆所能完成的一样。
(Microsoft IIS 4.0 and 5.0 are present using the extended UNICODE character to replace the " /" and " \" and can use " ../" directory traversal vulnerability. Unauthorized users may use IUSR_machinename account the context of the space access any known file. By default, the account belongs to Everyone and Users group, so any Web root directory on the same logical drive can be user groups to access these files can be deleted, modified or enforced, just as a user successfully landed on the can do the same.)
文件列表:
扫描UNICODE漏洞\ForUnicode.clw (247, 2004-04-17)
扫描UNICODE漏洞\ForUnicode.cpp (3835, 2004-04-17)
扫描UNICODE漏洞\ForUnicode.dsp (4336, 2004-04-17)
扫描UNICODE漏洞\ForUnicode.dsw (543, 2004-04-17)
扫描UNICODE漏洞\ForUnicode.h (338, 2004-04-17)
扫描UNICODE漏洞\ForUnicode.ncb (58368, 2005-11-29)
扫描UNICODE漏洞\ForUnicode.opt (48640, 2005-11-29)
扫描UNICODE漏洞\ForUnicode.plg (1772, 2005-11-29)
扫描UNICODE漏洞\ForUnicode.rc (1457, 2004-04-17)
扫描UNICODE漏洞\Resource.h (451, 2004-04-17)
扫描UNICODE漏洞\StdAfx.cpp (297, 2004-04-17)
扫描UNICODE漏洞\StdAfx.h (1106, 2004-04-17)
扫描UNICODE漏洞 (0, 2008-10-05)
========================================================================
CONSOLE APPLICATION : ForUnicode
========================================================================
AppWizard has created this ForUnicode application for you.
This file contains a summary of what you will find in each of the files that
make up your ForUnicode application.
ForUnicode.dsp
This file (the project file) contains information at the project level and
is used to build a single project or subproject. Other users can share the
project (.dsp) file, but they should export the makefiles locally.
ForUnicode.cpp
This is the main application source file.
ForUnicode.rc
This is a listing of all of the Microsoft Windows resources that the
program uses. It includes the icons, bitmaps, and cursors that are stored
in the RES subdirectory. This file can be directly edited in Microsoft
Visual C++.
/////////////////////////////////////////////////////////////////////////////
Other standard files:
StdAfx.h, StdAfx.cpp
These files are used to build a precompiled header (PCH) file
named ForUnicode.pch and a precompiled types file named StdAfx.obj.
Resource.h
This is the standard header file, which defines new resource IDs.
Microsoft Visual C++ reads and updates this file.
/////////////////////////////////////////////////////////////////////////////
Other notes:
AppWizard uses "TODO:" to indicate parts of the source code you
should add to or customize.
/////////////////////////////////////////////////////////////////////////////
近期下载者:
相关文件:
收藏者: