[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[stalk:00208] [summary]about snort-1.7 IIS unicode attack detector

To: security-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [stalk:00208] [summary]about snort-1.7 IIS unicode attack detector
From: Koji Shikata <shikap@xxxxxxxxxxxx>
Date: Mon, 2 Apr 2001 01:52:58 +0900

(B
(B
$B$7$+#P$G$9!#(B
$B$@$$$?$$BG$A;_$a$K$J$C$?!"$H8+$F$$$^$9$N$G!"%5%^%i%$%:$7$^$9!#(B
$B!t$6$C$/$j9T$-$^$9!#$A$g$C$H8+$E$i$$$+$b!&!&!&!&(B
(B
$B85%M%?$O$3$A$i!#(B
$B!!!!(BKoji Shikata <shikap@xxxxxxxxxxxx> wrote:
$B!!!!(B> $B$9$G$K(B24$B;~4V>o;~@\B3(BML$B$G$O0l1~Ej9F$7$^$7$?$,!"$"$N$&$C$H$*$7$$(B
$B!!!!(B> http_decode$B$N8m8!CN$r2sHr$9$k%Q%C%A$r:n$j$^$7$?!#(B
(B
$B8=:_!"%Q%C%A$O(B
(Bhttp://www.yk.rim.or.jp/~shikap/patch/
$B$+$iCVI=8=$K$D$$$F$NFf$K$D$$$F$o$+$C$?HO0O$G=q$$$F$*$-$^$9!#(B
$B!!!!(B> $B!t(BFW-Wizard$B$KN.$l$F$$$?$N$G$4B8$8$NJ}$bB?$$$H$O;W$$$^$9$,!#(B
$B$*$h$S!"(B
$B!!!!!dFbMF$r4JC1$K8@$&$H!"(B
$B!!!!!d!VFf$NE>CV%Q%?!<%s$r$I$N(B%??$B$KE,MQ$7$F$b!"%G%3!<%I$,2DG=!W(B
$B$J$I$N!"(BIIS4.0$BFCM-$N!"!V(BUnicode$B$rE>CV$7$?I=8=!W$N967bE,MQHO0O>pJs$K$D$$$F(B
$B8r49$r9T$$$^$7$?!#(B
(B
$B$3$N;~!"(B
$B!!!!(B"$BB>NOK\4jF2(B" <tarikihongandou@xxxxxxxxxxx> wrote:
$B!!!!(B> $B%-%c%i%/%?%3!<%I$K$h$C$F(B
$B!!!!(B> ($BFs%1%?L\(B-'0')*16+$B2<0l%1%?(B-'0'
$B!!!!(B> ($BFs%1%?L\(B-'a')*16+$B2<0l%1%?(B-'a'
$B!!!!(B> ($BFs%1%?L\(B-'A')*16+$B2<0l%1%?(B-'A'
(B
$B!!!!(Bminz@xxxxxxxx (Hiroshi Migimatsu ^^;) wrote:
$B!!!!(B> 	$B$-$C$H(B if ( isalpha( c ) ) ( c - 'a' + 10 ); $B$J$s$D$&(B
$B!!!!(B> 	$B0BD>$JE83+$7$F$$$k$@$1$G$s$o!#$=$N8e!V@5$7$$(B Unicode$B!W(B
$B!!!!(B> 	$B$G$"$m!<$,$J$+$m$&$,!#(B
$B$J$I$N!"E>CVI=8=$K$D$$$F$NM-1W$J>pJs$,8r49$5$l$^$7$?!#(B
(B
$B8!CN%"%k%4%j%:%`$O!"(B
$B!!!!(B> $BId9f$r2rFI$7$F!"(B/\.$B!J#1#6?J?t$G$=$l$>$l(B0x2f$B!$(B0x5c$B!$(B0x2e$B!K$K(B
$B!!!!(B> $BAjEv$9$kId9f$r3NG'$7$?$i%a%C%;!<%8$r=PNO$9$k!"(B
$B$H$$$&$b$N$H$J$C$F$$$^$9!#(B
(B
$B$J$*!"(B
$B!!!!8$$N$_$C$-!<(B <micky@xxxxxxxxx> wrote:
$B!!!!(B> $B$5$C$=$/(Bunicode$B%Q%C%A$rEv$F$?(Bsnort$B$r(Bvanguard$B$GF0$+$7$F$_$^(B
$B!!!!(B> $B$7$?!#7k2L$ONc$K$h$C$F%j%"%k%?%$%`$G(Bacid$B$KH?1G$5$l$^$9!#(B
$B!!!!(B> 
$B!!!!(B> http://vanguard.hawkeye.ac/acid/acid_main.php
$B!!!!(B> 
$B!!!!(B> $BJL$JK?=j$G5l%Q%C%A$r1?MQ$7$F$^$7$?$,!"$$$/$D$+8m8!CN$,H/@8(B
$B!!!!(B> $B$9$k$3$H$r3NG'$7$^$7$?!#Nc$K$h$C$F%5!<%A%(%s%8%s7O$N%"%/%;(B
$B!!!!(B> $B%9$G$9!#(B
(B
$B!!!!(BKoji Shikata <shikap@xxxxxxxxxxxx> wrote:
$B!!!!(B> > $B$L$%!"?7%Q%C%A$b8m8!CN$7$^$7$?$!(B(;_;)
$B!!!!(B> $B8m8!CN$N:GBg$NM}M3$O!"J8;z%3!<%I$,0c$C$F$$$k$H!"(BUTF-8$B$J%Q%?!<%s$H(B
$B!!!!(B> $B0lCW$7$J$$$N$G!";ve8mF0:n$9$k$3$H$,860x$G$7$?$!!#(B
$B$H$$$&$o$1$G!"40A4$K8m8!CN$r$J$/$9$3$H$O$G$-$F$$$J$$!"$H$$$&>u67$G$9!#(B
(B
$B$3$l$K$D$$$F$O!"(B
$B!!!!(BKoji Shikata <shikap@xxxxxxxxxxxx> wrote:
$B!!!!(B> $B$H$O$$$(!"0lEY$N$C$?A%$K$O:G8e$^$G>h$jB3$1$^$9!#!J$-$C$Q$j!K(B
$B$H$$$&$3$H$G!"$$$D$+$O2r>C$9$kuBV$KJQ$o$j!J>P!K!"(BCVS$B%D%j!<$KF~$j$^$7$?!#(B
$B$H$$$&$3$H$G!"(Bsnort$BK\BN$K$Fl$re5-$N$H$*$j!":#8e$b3+H/!JpJs$J$I$r$*$h$;$$$?$@$1$l$P9,$$$G$9!#(B
(B
$BK\Ev$K$"$j$,$H$&$4$6$$$^$7$?!#(B
(B
(B
(B-- 
(B  $B!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a(B
(B  $B!!!!http://www.yk.rim.or.jp/~shikap/patch/
$B!!(BHome $B$O$3$A$i(B http://www.yk.rim.or.jp/~shikap/
(B  $B!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a!a(B
(B
(B--
(B- $B$3$N%a%$%j%s%0%j%9%H$K4X$9$khttp://www.infoseek.co.jp/Kky?pg=kky_top.html&svx=971122 $B!}(B $B!{(B

Follow-Ups:

[stalk:00209] re:about snort-1.7 IIS unicode attack detector
From: tadashi nagao

Prev by Date: [stalk:00207] [Summary] $B?/F~$N(B$BFO$1=P(B

Next by Date: [stalk:00209] re:about snort-1.7 IIS unicode attack detector

Previous by thread: [stalk:00207] [Summary] $B?/F~$N(B$BFO$1=P(B

Next by thread: [stalk:00209] re:about snort-1.7 IIS unicode attack detector

Index(es):

Date

Thread