ASP directory vulnerabilities and IIS semicolon vulnerabilities under IIS (temporary workaround for;) _win server

Workaround:

Download the Silver Month Server tool, use the tool-> component Downloader download Isapi_rewrite, unzip it out.

Add the Isapi_rewrite.dll in the Isapi_rewrite as ISAPI, the name is Isapi_rewrite, this is pseudo static, did not install the

Download the vulnerability patch package, which is the item selected in the following figure, download open!

Replace the Httpd.ini in the Isapi_rewrite directory with the Httpd.ini in the patch package.

Or to ensure that the isapi_rewrite below Httpd.ini have the following two lines of rules to select the line! This will prevent these two IIS vulnerabilities, is to the two rules valid on the line, the Isapi_rewrite directory Httpd.ini is a global configuration file, will be applied to all sites, which will protect all sites from vulnerability attacks.

Let's talk about this vulnerability (below), as long as a file has (. asp) followed by a semicolon (;) followed by a random character with an extension such as (cao.asp;ca.jpg) the file Windows will be a JPG image file, However, this file is run as an ASP in IIS, (cao.asp;ca.jpg) This file IIS will be identified (cao.asp), the semicolon after the things ignored--. So say (cao.asp;. JPG) so the filename is ok!

There is a picture in the patch bag, put the law under each site, if someone exploit this loophole! will see this picture!

Principle: In Windows to search for multiple files is to use semicolons (;) to split, if the file itself with a semicolon how? - -。 haha system can not search for this file! The figure below, obviously have this h.asp;kk.jpg this file, in Windows Search will be treated as h.asp and kk.jpg these two files to search, this is a Windows design is not appropriate, should say should not let the semicolon (;) do file name!

But to know CDX, CERs and so on and so on files are ASP's mapping! So aaa.cdx;kk.jpg will be run as ASP! If these mappings are not deleted, they will be exploited, with the above method becoming secure!

The following figure is an ASP directory vulnerability, as long as all files below the directory named xxxx.asp will be run as ASP files. This is an ASP directory vulnerability

If it cannot be loaded, give the Iis_rewrite folder network and Network Service read-only permission!

Silver Month network, Silver Month Server tool.
Of course, for friends who already use rewrite, you can copy backup files and pictures directly.
/201008/tools/rewrite_rule.rar