This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Online IIS Metabase Explorer

From OWASP
Revision as of 19:37, 25 July 2006 by Dinis.cruz (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Online IIS Metabase Explorer is a tool that allows the online browsing of the current IIS Metabase.

This tool clearly shows the current IIS Metabase ACL vulnerability which allows the disclose of the IIS Anonymous users' details (i.e. the username and password) by accounts that belong to the IIS_WPG security group

Screenshot

Metabase Explorer

Metabase Explorer.png