Metasploit mailing list archives

Windows Transparent Authentication updates

From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Sat, 17 Nov 2007 21:44:32 -0600

On Sat, Nov 17, 2007 at 10:54:36PM +0200, Jonatan B wrote:

Then you'll be excited to see Dan Kaminsky tunnels everything over
a browser:
http://video.google.com/videoplay?docid=3470502418262982787


Yeah, I was there and got some ideas from his work but he's using the browser 
as a network tunnel with SLiRP. You still can't turn the browser into a proxy 
server that local clients can connect to to reach your server. His attack 
simply turns it into a routing node for you to connect through to the
internal network. Think of BEEF but without the Javascript. :)

The CNAME DNS 'pinning' idea is pretty nice. I like how nobody listens
to the TTL anymore.

-- 
                 ..:[ grutz at jingojango dot net ]:..
     GPG fingerprint: 5FD6 A27D 63DB 3319 140F  B3FB EC95 2A03 8CB3 ECB4
        "There's just no amusing way to say, 'I have a CISSP'."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071117/f951f9b0/attachment.pgp>

Current thread:

Windows Transparent Authentication updates Kurt Grutzmacher (Nov 16)
- Windows Transparent Authentication updates Jonatan B (Nov 17)
  - Windows Transparent Authentication updates Kurt Grutzmacher (Nov 17)
- Windows Transparent Authentication updates natronicus (Nov 19)
  - Windows Transparent Authentication updates Kurt Grutzmacher (Nov 19)