Browse Exploit & Auxiliary Modules

The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.

Search for modules

Open Source Vulnerability DataBase ID
Bugtraq ID
Full Text Search
Common Vulnerabilities Exposures ID
Microsoft Security Bulletin ID
 
Search Modules

Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service

The vulnerability allows remote unauthenticated attackers to force the IIS server to become unresponsive until the IIS service is restarted manually by the administrator. Required is that Active Server Pages are hosted by the IIS and that an ASP script reads out a Post Form value.


Rank

  • Normal

Authors

  • Alligator Security Team < >
  • Heyder Andrade < heyder [at] alligatorteam.org >
  • Leandro Oliveira < leadro [at] alligatorteam.org >

References


Development


Similar Modules


Usage Information

$ msfconsole

                ##                          ###           ##    ##
 ##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use auxiliary/dos/windows/http/ms10_065_ii6_asp_dos
msf auxiliary(ms10_065_ii6_asp_dos) > set RHOST [TARGET IP]
msf auxiliary(ms10_065_ii6_asp_dos) > run


Module Options

RHOST The target address
RPORT The target port (default: 80)
URI URI to request (default: /page.asp)
VHOST The virtual host name to use in requests
CHOST The local client address
CPORT The local client port
ConnectTimeout Maximum number of seconds to establish a TCP connection
Proxies Use a proxy chain
SSL Negotiate SSL for outgoing connections
SSLVersion Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
VERBOSE Enable detailed status messages
WORKSPACE Specify the workspace for this module
TCP::max_send_size Maxiumum tcp segment size. (0 = disable)
TCP::send_delay Delays inserted before every send. (0 = disable)