Full Disclosure mailing list archives
Re: How to become a Computer Security Professional ?
From: "XSS Worm XSS Security Information Portal" <cross-site-scripting-security () xssworm com>
Date: Mon, 19 Nov 2007 18:43:37 +1100
#!/bin/sh # 0day exploit for Paul Schmehl # based on information provided by Paul Schmehl # pauls () utdallas edu # echo pauls > /hack/edu/utdallas.edu/known.addresses googledump.pl --email-addresses --context-links --referers --extended-links -keywords "Paul","Schmehl","utdallas.edu", "pauls@", "pauls@utdallas"," paul.schmehl@" --verbose socialgrab.pl --known-address "pauls () utdallas edu" --real-name "Paul Schmehl" --tags=security,hacking,utdallas,vulnerability --search=facebook,youtube,live,myspace,igoogle,yahoo,netvouz,rojo,digg,bebo,ebay,blogger,wordpress --verbose --dump-links infopull.pl --pgp-search --whois --domaintools --usenet --trackers --irclog --mirrors --listserv --known-addresses="pauls () utdallas edu" echo "Paul Schmehl" >> /hack/TO-DO/pauls.at.utdallas.dot.edu # http://xssworm.com On 11/19/07, Paul Schmehl <pauls () utdallas edu> wrote:
--On November 19, 2007 3:34:23 AM +0000 worried security <worriedsecurity () googlemail com> wrote:The forth most important rule to becoming a security professional, always use a throw-away e-mail account so it doesn't matter of script kids hi-jack your e-mail account with the next cross-site scripting vulnerablity that gets posted to the public mailing lists.You forgot the most important rule of all. Pay no heed to bozos who post anonymously and don't even have a job in security. Their advice is usually worth just as much as their reputation. Paul Schmehl (pauls () utdallas edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- Francesco Vaj [CISSP - GIAC] CSS Security Researcher mailto:vaj () nospam xssworm com aim: XSS Cross Site ------ XSS Cross Site Scripting Attacks Web 2.0 Application Security Information Blog (tm) 2007 http://www.XSSworm.com/ ------ "Vaj, bella vaj."
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- How to become a Computer Security Professional ? Meef (Nov 17)
- Re: How to become a Computer Security Professional ? Fabio Pietrosanti (Nov 17)
- Re: How to become a Computer Security Professional ? M. Shirk (Nov 18)
- Re: How to become a Computer Security Professional ? Dude VanWinkle (Nov 18)
- Re: How to become a Computer Security Professional ? worried security (Nov 18)
- Re: How to become a Computer Security Professional ? Paul Schmehl (Nov 18)
- Re: How to become a Computer Security Professional ? Richard Golodner (Nov 18)
- Re: How to become a Computer Security Professional ? rchrafe (Nov 19)
- Message not available
- Re: so gay huh? rchrafe (Nov 19)
- Message not available
- Re: so gay huh? rchrafe (Nov 19)
- Re: How to become a Computer Security Professional ? Paul Schmehl (Nov 18)
- Re: How to become a Computer Security Professional ? XSS Worm XSS Security Information Portal (Nov 18)
- Re: How to become a Computer Security Professional ? rchrafe (Nov 19)