Penetration Testing mailing list archives
Code execution needed, dns compromised
From: "Gisthre Nendjka" <gisthre () gmail com>
Date: Sun, 22 Jul 2007 02:31:38 -0300
Hi, i am conducting a pentest for a small firm and was able to redirect the dns queries to a server driven by me. I used to see ldap dns queries ( _ldap._tcp.dc._msdcs.DOMAIN.COM , _ldap._tcp.pdc._msdcs.DOMAIN.COM and others) and antivirus looking for updates, so before trying to reverse antivirus update method, and getting personal passwords from smtp/pop/http personal accounts, i would like to know if there is an easy way to run code into these computers (mainly put a specific "myfile.txt" in the desktop folder). Thanks in advance, Gisthre ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Code execution needed, dns compromised Gisthre Nendjka (Jul 23)