Download this advisory from: http://soroush.secproject.com/downloadable/IIS5.1_Authentication_Bypass.pdf or: http://0me.me/demo/IIS/IIS5.1_Authentication_Bypass.pdf Description: Although IIS5 is very old, finding one is not impossible! Therefore, I want to introduce a technique to bypass the IIS authentication methods on a directory. This vulnerability is because of using Alternate Data Stream to open a protected folder. All of IIS authentication methods can be … Continue reading IIS5.1 Directory Authentication Bypass by using “:$I30:$Index_Allocation”