Penetration Testing mailing list archives
RE: Hacking demo - most spectacular techniques
From: Joshua Wright <Joshua.Wright () jwu edu>
Date: Tue, 2 Oct 2001 14:38:44 -0400
An eye-opener for many is webspy from the dsniff package. Point your web browser to your favorite bank for emphasis. -Joshua Wright Team Leader, Networks and Systems Johnson & Wales University Joshua.Wright () jwu edu pgpkey: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD44B4A73 fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73 -----Original Message----- From: Martin Jr., Wally G. [mailto:WALLY.G.MARTIN.JR () saic com] Sent: Tuesday, October 02, 2001 9:06 AM To: pen-test () securityfocus com Cc: 'Ilici Ramirez' Subject: RE: Hacking demo - most spectacular techniques You may wish to include SNIFFing (e.g., dsniff or sniffit) as an area of interest. This may help highlight the types of sensitive information that is floating around the clients network, unencrypted, and that this information can be obtained unknowingly (i.e., no IDS). -Wally -----Original Message----- From: Ilici Ramirez [mailto:ilici_ramirez () YAHOO COM] Sent: Monday, October 01, 2001 3:53 AM To: pen-test () securityfocus com Subject: Hacking demo - most spectacular techniques Hi all, We intend to make a short demonstration of hacking as part of a longer seminar with more than 100 IT managers, vice-presindents, and other high-level morons. The goal is to explain how easy is to hack an unsecured system or network. For them to understand and to realize how just only an unsecured computer could lead to compromise of an entire business we need to show some hacking examples real spectacular. So I need your help to make a top short list. I will insert here my humble opinion, but I expect more from all of you experienced pen-testers. 1. Remote VNC install - GUI session on target machine 2. BO2K or Subseven 3. Port redirection with fpipe - a firewall is not always enough 4. Remote shell with netcat 5. Null session - information gathering with no right Ilici R __________________________________________________ Do You Yahoo!? Listen to your Yahoo! Mail messages from any phone. http://phone.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- RE: Hacking demo - most spectacular techniques, (continued)
- RE: Hacking demo - most spectacular techniques George Milliken (Oct 02)
- Re: Hacking demo - most spectacular techniques quentyn (Oct 02)
- Re: Hacking demo - most spectacular techniques Bill Pennington (Oct 02)
- Re: Hacking demo - most spectacular techniques Nexus (Oct 04)
- Re: Hacking demo - most spectacular techniques talisker (Oct 04)
- RE: Hacking demo - most spectacular techniques Martin Jr., Wally G. (Oct 02)
- RE: Hacking demo - most spectacular techniques Steve Maks (Oct 02)
- Re:Hacking demo - most spectacular techniques bluefur0r bluefur0r (Oct 02)
- RE: Hacking demo - most spectacular techniques Aleksander Czarnowski (Oct 02)
- Re: Hacking demo - most spectacular techniques Kingbiscuit (Oct 04)
- RE: Hacking demo - most spectacular techniques Joshua Wright (Oct 04)
- RE: Hacking demo - most spectacular techniques Jose Nazario (Oct 04)
- RE: Hacking demo - most spectacular techniques Joerg Over (Oct 04)
- Re: Hacking demo - most spectacular techniques Gary Flynn (Oct 04)
- RE: Hacking demo - most spectacular techniques Frank Knobbe (Oct 04)
- Hacking demo - most spectacular techniques Mike Ahern (Oct 04)