Re: Hello everyone

[Michael Holstein <michael.holstein () csuohio edu>]

> After just a few hours of scanning (I have to start somewhere} I have 
> located quite a few routers that have their manufacturers password still 
> set not to mention loads of Windows machines that have port 139 open AND 
> have write access to the whole of the C: Drive in some instances.

There goes 'ethical' right there. You didn't have permission to scan, 
and certainly didn't have a right to try to login to routers you found 
(their failure to secure it is not a defense since you knew it wasn't 
yours).

> My question - since it is these machines that I understand will be the 
> computers that the hacker will use to hide him/her self and given that 
> there are tools around - just that I don't know of one yet - WHY doesn't 
> someone send a message to these machines that the owner will see and ASK 
> them politely to close up these holes? Perhaps something along the "net 
> send" command.

I'll bet their/your ISP would absolutly *love* that.

> If given the knowledge I'd be happy to devote a day or so doing just 
> this. Currently I don't yet have enough skills.

It's real easy. Just look into the use of 'smbclient' with the -M 
option. This is better than doing it in windows because you can fake th 
e "from" address in the message.

~Mike.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/