What is IIS Exploit | IIS Exploit tutorial

What Is IIS Exploit | IIS Exploit tutorial , the title speaks for itself. This tutorial is about website hacking that are working on older versions of IIS server. We will be discussing about what is a IIS server and how hackers can upload deface pages on it.
Note:- This tutorial is for information purpose only. Ethical Hacking won’t be responsible for any harm caused due to the information. We aim to create awareness so that you can protect yourself from getting hacked.
Q) What is an IIS Server ?
A) IIS [Internet Information Service] is a web server developed by Microsoft to use with Mircosoft Operating systems.
How to Use IIS exploit :-
For Windows XP :
1)Go to start the click on run.
2)Copy the folowing code and paste it in run command:-
%WINDIR%EXPLORER.EXE ,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}::     {BDEADF00-C265-11d0-BCED-00A0C90AB50F}
3)Click on ok.
4)A folder named “Web Folders” will open.
5)Right click in the folder and click on “New” and then click on “Web folder”.
6)A dialogue box will open.
7)Enter the url of the vulnerable site and click on next.
8)If no error comes up the sites is vulnerable else try any other siite.
9)After pressing “Next” in step 7 it will ask you to name that web folder, enter any name you want.
10)Open that folder and copy your defaced html page to that folder.
For windows 7:
1) Go to My computer >> Right Click >> Select “Add a Network Location” .
2) Click on “Next” >> Choose the first option in the next screen >> Click “Next “.
3) Now enter the URL of the Vulnerable Site and Click on “Next” .
4) Now you will see a folder with name of that site, Open that folder and upload that file.
The link to your defaced page will be like “”http://vulnerablesite.net/mypage.html””
where mypage.html is the defaced page i uploaded.

Dork : “Powered By IIS ”
Search this dork in google to search for vulnerable sites.
Some Vulnerable site:-

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s