Full Disclosure mailing list archives

RE: Unusual request

From: Paul Schmehl <pauls () utdallas edu>
Date: 13 Feb 2003 10:14:39 -0600

On Thu, 2003-02-13 at 07:58, Rapaille Max wrote:

Hi,

I did this kind of demo 2-3 times already, with a Win2k SP2 and IIS.
To add a layer, we just added a firewall between the ISS and the attacker PC ..  with just Port 80 incoming and, as 
(too)usual, All port open for outgoing...  Just using a unicode exploit, and then loading some tools, defacing web 
page, taking remote control, etc...  A lot of fun for Us, and great astonishment for the public..  Certainly with the 
firewall..  A lot of them where just saying, before the demo : We are secure, our integrator installed a firewall...  
BTW, we also used some tools ike unicoder.pl and Upload.asp, to demonstrate, in a second time, how easy it is, even 
if you don't know what you do...

Good effect of awareness for those managers, Engineer, etc...


That's precisely what I have in mind.

-- 
Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/~pauls/
AVIEN Founding Member

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Unusual request, (continued)
- RE: Unusual request Sung J. Choe (Feb 12)
  - Re: Unusual request yossarian (Feb 12)
    - Re: Unusual request Nexus (Feb 12)
    - Re: Unusual request yossarian (Feb 12)
    - Re: Unusual request aeonflux (Feb 12)
  - RE: Unusual request Steve Wray (Feb 12)
- RE: Unusual request Sung J. Choe (Feb 12)
- RE: Unusual request John . Airey (Feb 13)
- RE: Unusual request Schmehl, Paul L (Feb 13)
- RE: Unusual request Rapaille Max (Feb 13)
  - RE: Unusual request Paul Schmehl (Feb 13)
    - RE: Unusual request badpack3t (Feb 13)
- RE: Unusual request Timm, Kevin (Feb 13)
- RE: Unusual request Sung J. Choe (Feb 13)