Skip to main content

Cisco PIX firewall

More
17 years 11 months ago #18387 by Smurf
Replied by Smurf on topic Re: Cisco PIX firewall
Hi Worker,

Righty, i have built my Windows 2000 with SP1 machine and loaded onto it IIS5. I am currently looking at the first utility however i cannot get it to work correctly on the machine i have built which i am unsure why.

The following link is Microsoft Security Bulletin for the vulnerabity that IIS5-koei.exe exploits and according to that document (if you read it you will notice that it explains that a firewall will not mitigate this vulnerabilty) it was fixed in Service Pack 2 so there is no reason why it shouldn't be working.

www.microsoft.com/technet/security/bulletin/ms01-023.mspx

I will continue to look into it for you to see if i can see why its not working.

Cheers

Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 11 months ago #18388 by Smurf
Replied by Smurf on topic Re: Cisco PIX firewall
Well, started digging into my old notes, etc... and cannot understand why that first utility don't work. Some of the others require NetCat to setup a return connection to use in the exploit, these will depend on the way the firewall is configured to block the outgoing traffic.

There are a load of stuff you can do through Internet Explorer to get hold of the SAM database for example, so you can brute force the username/password database, etc...

What i would do is try to get hold of a book called Windows 2000 Hacking Exposed. In there you will find a full section on IIS5 with various techniques to hack it.

www.amazon.com/Windows-2000-Hacking-Expo.../103-3878345-8685408

If you go through the chapter on IIS5, there are simple traversal techniques and then others that go into using netcat to do some more advance stuff where you get a direct command prompt setup to the IIS server.

Cheers

Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 11 months ago #18532 by Worker
Replied by Worker on topic Re: Cisco PIX firewall
My private messages are not working so I cannot send you PM. Can you send me e-mail at sajk@net.hr? I have to ask you something.

Thanks!
More
17 years 11 months ago #18554 by Smurf
Replied by Smurf on topic Re: Cisco PIX firewall
Hi Worker,

Great to hear that you have managed to get hold of the book and hacked IIS5 :)

I have sent through an e-mail with all the tools/expliots i have for Webservers. Hopefully this will help ya more.

Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
More
17 years 9 months ago #19671 by cool
Replied by cool on topic Re: Cisco PIX firewall

Hi!

I have to make some work and testing for my University. Testing must include PIX 501 firewall. First idea was to make a LAN configuration with that firewall and then test to find if there are any holes and vulnerabilities and to break through firewall. I am not sure if that is possible because that is one of the best firewalls. So, does anybody have any idea about that? Or does anybody know what other interesting testing could be done with that firewall?

Thanks!


Please note dat in PIX der in inside and outside segment .
For inside segment - 100 secuirty level
For outside segment - 0 Security level
At d same time in the inside segment install syslog server to monitor the trafiic , based on that you can block d traffic which r not gennuine.
Time to create page: 0.130 seconds