禁用空会话(匿名登录)
[ 2006/06/30 10:08 | by gOxiA ]
为了防止匿名访问,请禁用空会话。空会话是未经身份验证或匿名的用户在两台计算机间建立的会话。如果不禁用空会话,攻击者便可匿名(即,不需要进行身份验证)连接到服务器。
攻击者建立空会话后即可开始实施各种攻击,包括用于从目标计算机获取系统相关信息的枚举。可通过空会话返回的信息类型包括:域和信任的详细信息、共享、用户信息(包括组和用户权限)、注册表项及其他。请禁用它们,因为它们代表着重大的安全威胁。
通过VBS脚本提取IUSR和IWAM帐户的密码
[ 2006/06/29 17:25 | by gOxiA ]
Dim IIsObject
Set IIsObject = GetObject ("IIS://localhost/w3svc")
WScript.Echo "AnonymousUserName = " & IIsObject.Get("AnonymousUserName") & vbCrlf & _
"AnonymousUserPass = " & IIsObject.Get("AnonymousUserPass") &vbCrlf &vbCrlf &_
"WAMUserName = " & IIsObject.Get("WAMUserName") & vbCrlf & _
"WAMUserPass = " & IIsObject.Get("WAMUserPass")
Set IIsObject = Nothing
Set IIsObject = GetObject ("IIS://localhost/w3svc")
WScript.Echo "AnonymousUserName = " & IIsObject.Get("AnonymousUserName") & vbCrlf & _
"AnonymousUserPass = " & IIsObject.Get("AnonymousUserPass") &vbCrlf &vbCrlf &_
"WAMUserName = " & IIsObject.Get("WAMUserName") & vbCrlf & _
"WAMUserPass = " & IIsObject.Get("WAMUserPass")
Set IIsObject = Nothing
通过 Adsutil.vbs 获取或设置 IUSR 和 IWAM 的帐号密码
[ 2006/06/24 15:29 | by gOxiA ]
获取 IUSR 帐户密码
cscript.exe adsutil.vbs get w3svc/anonymoususerpass
获取 IWAM 帐户密码
cscript.exe adsutil.vbs get w3svc/wamuserpass
设置 IUSR 帐户密码
cscript.exe adsutil.vbs set w3svc/anonymoususerpass "password"
设置 IWAM 帐户密码
cscript.exe adsutil.vbs set w3svc/wamuserpass "password"
注:在获取密码的时候如果现实的结果密码为“******”,那么应当修改Adsutil.vbs文件
将
If (Attribute = True) Then
IsSecureProperty = True
中的
IsSecureProperty = True
改为
IsSecureProperty = False
关于 IWAM 帐号的同步可察看另外一篇Blog:IIS帐号同步
