120013
20019
20038
20014
Web Mail Mail Mail
WebDAV Win 98 Win 2000 IIS Exchange
OPTIONS / - 200
PROPFIND / - 207
PROPFIND / - 207
PROPFIND / - 207
204
207
503 Service Gateway 200
HTTP/1.1 () Web
WebDAV table Fred
?
Web
Web Web FTP NTFS Windows
Web FTP Windows IUSR_
NTFS Web FTP Web FTP
IP IIS IP IP 403
IIS Windows 403
IIS Web 403
Web
IIS NTFS NTFS 401
NTFS
Content-Length: 0
Accept-Ranges: bytes
DASL: <DAV:sql>
DAV: 1, 2
Public: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE,
MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
Allow: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE,
MKCOL, PROPFIND, PROPPATCH, LOCK, UNLOCK, SEARCH
Cache-Control: private
PROPFIND /dir/ HTTP/1.1
registry value:
FrontPage WebDAV
Web ( %SystemDrive%\Inetpub\wwwroot) Internet (IUSR_MachineName)
Everyone
Web
FrontPage Server Extensions ?
FrontPage HTML Web Script
!!!!!! Windows Everyone !!!!!!!
!!!! FrontPage Server Extensions !!!!
POST /_vti_bin/shtml.dll - 200 MSFrontPage/5.0
POST /_vti_bin/_vti_aut/author.dll - 200 MSFrontPage/5.0
[_vti_bin]
(C:\inetpub\wwwroot\)
FrontPage Server Extensions (C:\Program Files\Common
Files\Microsoft Shared\WebServerExtensions\40\isapi)
Everyone “”
SQL
A123456789 1234
ASP( or PHPJSP)(' ')
SQL
Email Address
HTML Input MaxLength JScript ( Form Action Input MaxLength )
ASP SQL Server sa Sysadmin
sa SQL Server 7.0 sa
http://www.microsoft.com/taiwan/sql/SQL_Injection_G2.htm
GET /scripts/..%5c../winnt/system32/cmd.exe /c+dir 500 -
GET /_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir
500 -
GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
200 -
OPTIONS / - 200 Microsoft-WebDAV-MiniRedir/5.1.2600
Trend Micro OfficeScan Corporate Edition 3.0
Trend Micro OfficeScan Corporate Edition 3.5
Trend Micro OfficeScan Corporate Edition 3.11
Trend Micro OfficeScan Corporate Edition 3.13
Trend Micro OfficeScan Corporate Edition 3.54
Trend Micro Virus Buster Corporate Edition 3.52
Trend Micro Virus Buster Corporate Edition 3.53
Trend Micro Virus Buster Corporate Edition 3.54
