May 29, 2024, 05:05 PM
This is an old tool, but it is capable to tackle even the latest IIS (IIS 10 on Windows Server 2022) 
Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered during the parsing of a request that contains a tilde character (~). This may allow a remote attacker to gain access to file and folder name information.
It is possible to detect short names of files and directories which have an 8.3 equivalent in Windows by using some vectors in several versions of Microsoft IIS. For instance, it is possible to detect all short-names of ".aspx" files as they have 4 letters in their extensions.
https://github.com/irsdl/IIS-ShortName-Scanner
Microsoft IIS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered during the parsing of a request that contains a tilde character (~). This may allow a remote attacker to gain access to file and folder name information.
It is possible to detect short names of files and directories which have an 8.3 equivalent in Windows by using some vectors in several versions of Microsoft IIS. For instance, it is possible to detect all short-names of ".aspx" files as they have 4 letters in their extensions.
https://github.com/irsdl/IIS-ShortName-Scanner
This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Scraping | https://breachforums.ai/Forum-Ban-Appeals if you feel this is incorrect.
Ban Reason: Scraping | https://breachforums.ai/Forum-Ban-Appeals if you feel this is incorrect.