home tags events about login
one honk maybe more

benjojo posted 22 Jun 2024 12:55 +0000

Having this as my default www root page to scare all security auditors to stone

A Windows XP IE6 window on http://localhost and the page contents is a big windows XP logo saying "Your web service is now running" "Welcome to IIS 5.1" and "to add documents to your default website, save files in C:\inetpub\wwwroot"

nico@ublog.byme.at replied 22 Jun 2024 15:09 +0000
in reply to: https://masto.hivane.net/users/acontios/statuses/112660541240296969

@acontios @benjojo It isn't the default page because it is restricted to localhost.
The code say: "We don't want localstart.Asp shown to outside users." and it redirect to iisstart.asp

But if it is only for the LOLz, here a WinHTTPTrack download of the page after removing the localhost-check and fixing some other permission-related issue:
https://internalexception.byme.at/temp/IIS_Default.7z

It should contains everything needed to create an honeypot.