Here's an exploit for the IIS 5 hole.. will give you a remote command shell, reverse telnet style. We've only had a chance to test this on a couple of hosts, it should work fine - if not, drop me a mail and I'll see what I can do to remedy the situation. Read the comments for more info. dark spyrit/beavuh.
jill.c