: IIS executes "malicious.asp;.txt" as ASP file. What the? I investigated a situation where 300+ websites hosted on an IIS server were pwned by a hacker. Investigation led me to a text file that

Posted in: #AspNet #Hacking #Iis #ServerSideScripting

I investigated a situation where 300+ websites hosted on an IIS server were pwned by a hacker. Investigation led me to a text file that contained malicious ASP-classic code. The file was named dz.asp;.txt and I just realized that IIS happily executed this file without complaining.

So my question is: is this behavior normal? Shouldn't IIS treat this file as a .txt file instead of .asp?

10.01% popularity Vote Up Vote Down

: Transfer domain from godaddy to another registrar and (somewhat) maintain privacy? Does anyone know if its possible in any ways to do this? Transfer a private domain (via domainsbyproxy) registered

@Megan663

Posted in: #DomainRegistrar #Godaddy #Privacy #Transfer

2 Comments

: Google Analytics profile filters does not work I have a website and I need to separate traffic to it into two profiles. I need to exclude data from curtain IP address from Profile A and

@Megan663

Posted in: #Filtering #GoogleAnalytics

1 Comments

: Google Chrome developer tools metric units I would like to know if there is a way to change default "px" unit after you hover an element in dev tools, into em, percent, in, pt, pc. Most

@Megan663

Posted in: #Development #GoogleChrome #Measure #Plugin

1 Comments

: Should I use Schema.org location tagging on every page? I have a nicely tagged section on my homepage describing a restaurant’s location, city, state, zip, telephone, cuisine type, price and

@Megan663

Posted in: #Page #SchemaOrg #Seo

2 Comments

Login to post a comment!

1 Comments

Sorted by latest first Latest Oldest Best

@Rivera981

It became known in 2009 that IIS had a vulnerability in that it determined filetype by the part of the filename preceeding a semicolon if there was one in the name.

See this NIST description for more details.

10% popularity Vote Up Vote Down

Feed

: IIS executes "malicious.asp;.txt" as ASP file. What the? I investigated a situation where 300+ websites hosted on an IIS server were pwned by a hacker. Investigation led me to a text file that

More posts by @Megan663

: Transfer domain from godaddy to another registrar and (somewhat) maintain privacy? Does anyone know if its possible in any ways to do this? Transfer a private domain (via domainsbyproxy) registered

: Google Analytics profile filters does not work I have a website and I need to separate traffic to it into two profiles. I need to exclude data from curtain IP address from Profile A and

: Google Chrome developer tools metric units I would like to know if there is a way to change default "px" unit after you hover an element in dev tools, into em, percent, in, pt, pc. Most

: Should I use Schema.org location tagging on every page? I have a nicely tagged section on my homepage describing a restaurant’s location, city, state, zip, telephone, cuisine type, price and

Login to post a comment!

1 Comments

Back to top | Use Dark Theme