Re: Re: IIS5.1 Directory Authentication Bypass by using
There's not a lot in the way of information about IIS settings required to exploit this. What I've gleaned so far is IIS 5.1, and a request to a directory using the :$i30:$INDEX_ALLOCATION in the request...Can't seem to replicate this though. Are there any other settings that you are aware of for IIS? Basic auth required? I'd like to find a way to replicate this in our environment. Thanks!
討論串 (同標題文章)
完整討論串 (本文為第 3 之 3 篇):