Skip to content

lijiejie/IIS_shortname_Scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

iis_shortname_scan.py

iis_shortname_scan.py

 
 

Repository files navigation

IIS shortname Scanner

Under certain circumstances, windows 8.3 short names may be bruteforce enumerated under IIS with .net enabled,

request these two urls:

If the first one return HTTP 404 and the second one return no 404. Your server might be exploitable to this vulnerability.

Change Log (Oct 27, 2016)

  • Bug fixed: extention short than 4 letters like /webdeb~1.cs now could be enumerated
  • Code reconstruction

Usage

	iis_shortname_Scan.py target

from http://www.lijiejie.com my[at]lijiejie.com

About

an IIS shortname Scanner

Resources

Readme
Activity

Stars

506 stars

Watchers

18 watching

Forks

228 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

Languages