[unisog] IIS vulernerability scanner tool

David Moore dmoore at ipn.caida.org
Sat Jul 28 07:07:51 GMT 2001


The current perl script does not detect a sizeable portion of English
language installs which are still vulnerable, nor does it recognize
many foreign languages.  The following code currently post-processes
the output of the scanner, but it should be easy to change the if cases
in the scanner to call the same classification function.

I believe these are all vulnerable, but do not have access to machines
to test all of them.

Biggest problem with english language is not detecting results of
the form: The IDQ file c:\inetpub\wwwroot\NULL.ida could not be found.

Other than that it may only be an improvement if you think someone
may be running a non-English language version of IIS on your network.

-- david  (not on unisog, so please cc on responses)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: codered-classify.pl
Type: application/x-perl
Size: 3904 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20010728/251a9c01/codered-classify-0007.bin


More information about the unisog mailing list