Penetration Testing mailing list archives
Re: Exploit Archive
From: Francisco Sáa Muñoz aka n3z <fsm () aesthechnics com>
Date: Fri, 20 Aug 2004 09:05:40 +0200
Quoting chewy <chewy () pandora be>:
On Sat, 14 Aug 2004, DokFLeed.Net wrote:*verify the OS fingerprinting you get , then optimize your test. *test only what's open, don't be a dreamer and try to audit a closedport, Ihave seen it happening. and I bet each tester on his first project didit,its the enthusiasm rather than experience.I'm just wondering how do you remotely check for applications that use a level of authentication based on port knocking without beeing a dreamer then ?
Usually, people use the software with default configuration. When auditing, I try usually a lil' script against cd00r (hail to the first), SAdoor, toctoc and the other portknocking's software defaults. As easy as is. -- ]-* Francisco Sáa Muñoz a.k.a. Nuno Treez Security Junkee since 1996 Linux User #119288 mame.dk #115087 Utinam barbari spatium proprium tuum invadant! *-[EOF] ------------------------------------------------------------------------------ Ethical Hacking at the InfoSec Institute. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors. Check out our Advanced Hacking course, learn to write exploits and attack security infrastructure. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. http://www.securityfocus.com/sponsor/InfoSecInstitute_pen-test_040817 -------------------------------------------------------------------------------
Current thread:
- Exploit Archive DeMott Jared (Aug 17)
- Re: Exploit Archive DokFLeed.Net (Aug 18)
- Re: Exploit Archive R. DuFresne (Aug 18)
- Re: Exploit Archive chewy (Aug 19)
- Re: Exploit Archive Francisco Sáa Muñoz aka n3z (Aug 20)
- Re: Exploit Archive R. DuFresne (Aug 18)
- Re: Exploit Archive DokFLeed.Net (Aug 18)
- Re: Exploit Archive Kevin Sheldrake (Aug 18)
- Re: Exploit Archive Ereshkigal (Aug 19)
- Re: Exploit Archive Jacob Uecker (Aug 18)
- Re: Exploit Archive A.R. (Aug 19)
- Re: Exploit Archive Ramsey Consulting Services (Aug 19)
- Re: Exploit Archive Senser (Aug 20)
- Re: Exploit Archive Robert Rich (Aug 20)
- RE: Exploit Archive Michael Zanetta (Aug 23)
- Re: Exploit Archive Robert Rich (Aug 20)
- <Possible follow-ups>
- RE: Exploit Archive Víctor Chapela (Aug 20)
- RE: Exploit Archive Todd Towles (Aug 20)