Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: UnAnonymizer

From: Brate Sanders <brate_sanders () yahoo co uk>
Date: Tue, 27 Jun 2006 08:49:13 +0000 (GMT)

Is there a security issue hidden somewhere in there or is it just a bug report sent to the wrong mailing list address? 
:-)


----- Original Message ----
From: Peter Besenbruch <prb () lava net>
Cc: full-disclosure () lists grok org uk
Sent: Tuesday, 27 June, 2006 1:42:33 PM
Subject: Re: [Full-disclosure] UnAnonymizer

H D Moore wrote:

A fun browser toy that depends on Java for complete results:
- http://metasploit.com/research/misc/decloak/


Fun indeed:

Field            Data        Dependency
External Address:    24.199.198.152    None
Internal Host:        unknown        Java
Internal Address:    unknown        Java
DNS Server (API):    unknown        Java
DNS Server (HTTP):    24.199.198.158    None
External NAT:        unknown        Java

The "External Address" listed belongs to a TOR server hosted on 
RoadRunner. The DNS server is also part of that system. I'm assuming the 
"Internal Host" should have been mine? The "Internal Address" mine, 
also? The "DNS Server (API)" my ISP's? Something isn't working.

Here's another page that tries something similar with Java:
http://gemal.dk/browserspy/ipjava.html

I get similar results to the above. Yes, Java is installed (version 1.5).

-- 
Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: