Problem is, when entering the actual directory traversal strings in the browser, we get a 500 Internal Server Error.
example strings are as follows:
http://testserverIP/samples/..%c0%af../ ... 32/cmd.exe
http://testserverIP/msadc/..%c0%af../.. ... 32/cmd.exe
since we know that the path exists and that cmd.exe exists, could anyone
give me an idea as to what is possibly preventing us from successfully recreating the said exploit?
any help would be much appreciated. thanks.