December 11, 2005

Wanna see how easy it is to compromise an unpatched Windows Server?

Whoppix has done it again. As recorded by the attacker, have a look at how easy it is to compromise a Windows 2000 server with an unpatched IIS5 implementation. Before you go and say "but Windows Server and IIS6 are out", remember that so many people are still on Windows 2000. And that so many people are hanging these things after a default installation on the Internet.

If you wondered why I use Knoppix-STD for a lot of my pentest stuff, this is why. Check out the Whoppix video showing the attack using such tools. In this particular case, the attacker tunnels exploits through SSH (plink.exe) that is thrown up on the compromised Windows server.

Posted by SilverStr at December 11, 2005 02:39 PM | TrackBack
Comments

Not particularly important, but this video is a few months old now. The Chief first mentioned it in July[1] and indeed the swf file on the webserver has a date of Jul 8th.

[1] http://blogs.ittoolbox.com/security/investigator/archives/005008.asp

Posted by: Dominic White at December 11, 2005 04:46 PM

I just love the cheesy TecHn0mUsiK.

Posted by: GM at December 12, 2005 06:46 AM