Penetration Testing mailing list archives
Re: Non-GUI intrusion
From: "m () rl206 org" <m () rl206 org>
Date: Tue, 25 Sep 2001 21:55:42 -0500
You could try sniffing and reassembling smb traffic, possibly gleaning the target source files in the mix. Although it is possible that the blue-team is using promiscuous detection, this is likely the quietest way of reaching your flag. I do not know of a win32 tool which will do specifically tcp stream reassembly on win32. Someone on this list likely does, however. If there a nix somewhere in the mix, you could try http://www.hsc.fr/ressources/outils/smbsniff Good luck, Marten Kaye. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Non-GUI intrusion KK Mookhey (Sep 25)
- RE: Non-GUI intrusion Vince Sola (Sep 26)
- Re: Non-GUI intrusion KK Mookhey (Sep 29)
- Re: Non-GUI intrusion m () rl206 org (Sep 26)
- Re: Non-GUI intrusion Todd Ransom (Sep 26)
- <Possible follow-ups>
- RE: Non-GUI intrusion Dawes, Rogan (ZA - Johannesburg) (Sep 26)
- Re: Non-GUI intrusion Mike Brentlinger (Sep 26)
- RE: Non-GUI intrusion Vince Sola (Sep 26)