Re: Alisse

["R. DuFresne" <dufresne () sysinfo com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



You'd have to login to an account to get much more of a response.
And it's very likely there are other sec devices in the path, we, where I 
work do proxies as well as a secure pre-login <almost an ssl-vpn thingie> 
to even get to the bealogic auth screen.



Thanks,

Ron DuFresne




On Tue, 28 Jul 2009, Yiannis Koukouras wrote:

> Hi Dharmendra and Wim,
>
> I can not capture traffic as this is a PT on the internet facing
> systems of the client. I am not actually sitting on the same network
> as the system.
>
> If this is a BEA web service, shouldn't it respond to HTTP requests or
> at least react to my input in any way?
>
> The only output I get is the one I posted and no matter what I sent to
> it afterward it does not reply anything.
>
> If this is a WS is there a fuzzer I can use in order to force to reply?
>
>
> Ioannis (Yiannis) Koukouras
>
> On Tue, Jul 28, 2009 at 10:39 AM, Dharmendra <dbavale () gmail com> wrote:
> > Hi,
> > This looks like an application listening on the port. Try capturing the same using ethereal and do a follow tcp stream. 
> > This may help in identifying the protocol.
> > Regards,
> > Dharmendra T.
> >
> > 2009/7/27 Yiannis Koukouras <ikoukouras () gmail com>
> > > Hello all,
> > >
> > > During a black box pentest, I found port 9025 open on a system and
> > > when I connected with nc I got the following reply (follow link to
> > > view the reply as it is in non ASCII format):
> > >
> > > http://pastebin.ca/1494670
> > >
> > > Do you think this is a web service listener or something like that?
> > >
> > > The tags indicate that tha this has something to do with XML.
> > > Nevertheless, it does not respond to any input....
> > >
> > > I am open to ideas...
> > >
> > > Thnx,
> > > Ioannis (Yiannis) Koukouras
> > >
> > > ------------------------------------------------------------------------
> > > This list is sponsored by: Information Assurance Certification Review Board
> > >
> > > Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> > > and CEPT certs require a full practical examination in order to become certified.
> > >
> > > http://www.iacertification.org
> > > ------------------------------------------------------------------------
> >
> >
> >
> > --
> > Regards,
> > Dharmendra T.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

- -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A  E838 B2DF AFCC 94B0 6629

These things happened. They were glorious and they changed the world...,
and then we fucked up the endgame.    --Charlie Wilson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFKb1Fyst+vzJSwZikRAoUJAJ4m+6mmTtdbvc7w15rN31v/DXoM2QCfV4lR
SrCSW4MDQrlAuJu/WmP0JxM=
=5sFy
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------