Unicode is a standard of computer character sets that aims to unambiguously represent every known glyph in every human language. Unicode's native encoding is 32 bit (older versions use 16 bits). Research Unicode
The Unicode Attack is a system whereby hackers gain access to a web hosting computer via a security hole in the Microsoft IIS V5.0 http server software. This web server software allowed users of the web server to run the operating system shell program, 'cmd.exe', in order to run any program they like on the remote web server. Unicode attacks rely upon substituting the / character with Unicode characters so that a malicious user can circumvent the Web root restrictions to access resources outside of the Web path. Unicode attacks are very common, or at least attempted attacks are very commonm, and can be identified by entries in the http log file similar to: 216.234.125.210 - - [31/Aug/2004:21:41:20 -0600] 'GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0' 302 247 '-' '-' Here, a malicious hacker is probing the web server to see if he can achieve a directory listing using the shell program cmd.exe. Had he been successful he may then have used the shell program to take over the web server for his own purposes. This server, however, was a Linux server and immune to this attack.
Microsoft web servers can protect against the Unicode Attack by installing the Microsoft security patches and also removing permission to execute programs in the %winnt%/system32 directory from the 'EVERYONE' group. Research Unicode Attack
The Probert Encyclopaedia was designed, edited and programed by
Matt and Leela Probert
Abbreviations
Research Unicode
