Metasploit mailing list archives
Windows Transparent Authentication updates
From: grutz at jingojango.net (Kurt Grutzmacher)
Date: Sat, 17 Nov 2007 21:44:32 -0600
On Sat, Nov 17, 2007 at 10:54:36PM +0200, Jonatan B wrote:
Then you'll be excited to see Dan Kaminsky tunnels everything over a browser: http://video.google.com/videoplay?docid=3470502418262982787
Yeah, I was there and got some ideas from his work but he's using the browser as a network tunnel with SLiRP. You still can't turn the browser into a proxy server that local clients can connect to to reach your server. His attack simply turns it into a routing node for you to connect through to the internal network. Think of BEEF but without the Javascript. :) The CNAME DNS 'pinning' idea is pretty nice. I like how nobody listens to the TTL anymore. -- ..:[ grutz at jingojango dot net ]:.. GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03 8CB3 ECB4 "There's just no amusing way to say, 'I have a CISSP'." -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071117/f951f9b0/attachment.pgp>
Current thread:
- Windows Transparent Authentication updates Kurt Grutzmacher (Nov 16)
- Windows Transparent Authentication updates Jonatan B (Nov 17)
- Windows Transparent Authentication updates Kurt Grutzmacher (Nov 17)
- Windows Transparent Authentication updates natronicus (Nov 19)
- Windows Transparent Authentication updates Kurt Grutzmacher (Nov 19)
- Windows Transparent Authentication updates Jonatan B (Nov 17)