Penetration Testing mailing list archives
RE: Hacking demo - most spectacular techniques
From: "Greg" <greg () hoobie net>
Date: Tue, 2 Oct 2001 12:29:36 +0100
From: Ilici Ramirez [mailto:ilici_ramirez () yahoo com] We intend to make a short demonstration of hacking as part of a longer seminar with more than 100 IT managers, vice-presindents, and other high-level morons.
Don't tell them that to their faces for starters.
1. Remote VNC install - GUI session on target machine 2. BO2K or Subseven 3. Port redirection with fpipe - a firewall is not always enough 4. Remote shell with netcat 5. Null session - information gathering with no right
You should include an example of subversion of an HTTP server entirely through a web browser. This could be something like using the Unicode or maybe even the CGI-double decode problems in MS IIS. Execute some commands, copy some files from the HTTP server filesystem to the webroot and download them etc. It is important to demonstrate that in some cases you don't need any 'hacking' tools at all and not that much expertise. That can have a great deal of impact. regards Greg ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Hacking demo - most spectacular techniques Ilici Ramirez (Oct 01)
- RE: Hacking demo - most spectacular techniques Greg (Oct 02)
- Re: Hacking demo - most spectacular techniques H Carvey (Oct 02)
- RE: Hacking demo - most spectacular techniques George Milliken (Oct 02)
- Re: Hacking demo - most spectacular techniques quentyn (Oct 02)
- Re: Hacking demo - most spectacular techniques Bill Pennington (Oct 02)
- Re: Hacking demo - most spectacular techniques Nexus (Oct 04)
- Re: Hacking demo - most spectacular techniques talisker (Oct 04)
- <Possible follow-ups>
- RE: Hacking demo - most spectacular techniques Martin Jr., Wally G. (Oct 02)
- RE: Hacking demo - most spectacular techniques Steve Maks (Oct 02)
- Re:Hacking demo - most spectacular techniques bluefur0r bluefur0r (Oct 02)
- RE: Hacking demo - most spectacular techniques Aleksander Czarnowski (Oct 02)
(Thread continues...)