漏洞标题: iis 短文件名列举漏洞     检测: https://code.google.com/p/iis-shortname-scanner-poc/   查看扫描出来的目录,全是404 ,比较鸡肋.                                                                                                                                                  …

2015年6月16日15:19:24  出现 IIS tilde directory enumeration 漏洞 Acunetix Web Vulnerability Scanner 9.5 测试出现 红色警报 查询网页: http://www.2cto.com/Article/201403/287248.html https://social.msdn.microsoft.com/Forums/en-US/e3978d34-bdb2-4f82-94ec-5456526b04cb/-acune…

http://www.microsoft.com/opensource/directory.aspx…

How to generate a CSR in Microsoft IIS 7 To help you generate your CSR for Microsoft IIS 7 we've prepared a video walkthrough and a text/screenshot walkthrough. If you'd like a tool to help you automatically install the certificate on any Windows mac…

一.使用IBM的AppScan和Acunetix应用程序漏洞扫描将博CMS5.5,得出一些漏洞.         此番扫描大小共23种类型问题,其中高危漏洞有三个,中危漏洞9个,低级漏洞11个.注意这些漏洞级别很有可能根据具体项目不同而会变得不同.总的来说这两个工具扫描出的漏洞差别还是蛮大的,有些同类型的漏洞命名也不一样,甚至他有而它无的情况.所以综合这两款工具一起扫描变的十分重要.         虽然漏洞比较多,但高危漏洞基本也是常见的几个Web应用程序漏洞,如:XSS.明文传输.CSRF等…

客户公司搞安全检查,扫描出来我们之前做的系统有一个高危漏洞:IIS tilde directory enumeration,也就是利用“~”字符猜解暴露短文件/文件夹名,比如,采用这种方式构造URL:http://aaa.com/abc~1/.aspx,根据IIS返回的错误信息,猜测该路径或文件是否存在,具体可参考这篇文章:http://www.freebuf.com/articles/4908.html. 就单纯的解决这个问题来说,微软的URLScan工具是最适合的一个轻量级工具,关键它是免费…

Introduction In this how-to, we’ll see the installation of Pydio (Put Your Data In Orbit), which is a good alternative to Dropbox, Drive, or ownCloud. In this case, the installation will be carried on a Microsoft IIS 8 webserver, which in this case,…

Since the original tech preview release of FastCGI last year, we've been seeing a lot of requests for getting Ruby on Rails running with our FastCGI.  Theoretically, since the FastCGI component uses a standard protocol to support FastCGI-enabled appl…

https://technet.microsoft.com/en-us/library/ee790599.aspx Web Server (IIS) Administration Cmdlets in Windows PowerShell The Web Server Administration module for Windows PowerShell includes the Internet Information Services (IIS) cmdlets that let you…

Create an IIS application. Create a new IIS application pool and set it's .NET version to 4. Set the application pool of the new application to the new application pool. procedure CreateIISVirtualDir(); var IIS, WebSite, WebServer, WebRoot, VDir: Var…