Penetration Testing mailing list archives
Re: Port 4662 exploitation
From: ArcSighter Elite <arcsighter () gmail com>
Date: Fri, 12 Dec 2008 16:42:55 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mohamad M wrote:
Hello All, I'm doing a vulnerability assessment for my company, and saw that port 4662 (edonkey) is open on 1 device facing the internet. I telneted to 4662, and I got connected; since I'm new to this domain, what are the steps needed in order to exploit this vulnerability? Thanks, ./Lgpmsec ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
An open port is never a vulnerability, only if the running service that binds to that port is actually vulnerable. What makes me ask, have you actually done a service fingerprint to determine is e-donkey?, cause that looks pretty weird to me. Sincerely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJQtqjH+KgkfcIQ8cRAgNoAJ9UwNxQVPYRoiiTFR+RodSlMKSnKQCg6pfX 66R/06sfIeFD5pxulEsjxyM= =cYuf -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Port 4662 exploitation Mohamad M (Dec 12)
- Re: Port 4662 exploitation ArcSighter Elite (Dec 12)
- RE: Port 4662 exploitation Mohamad M (Dec 12)
- Re: Port 4662 exploitation Jorge L. Vazquez (Dec 13)
- Re: Port 4662 exploitation James Bensley (Dec 13)
- RE: Port 4662 exploitation Jeremi Gosney (Dec 14)
- Re: Port 4662 exploitation ArcSighter Elite (Dec 15)
- Message not available
- Message not available
- Re: Port 4662 exploitation ArcSighter Elite (Dec 15)
- Re: Port 4662 exploitation James Bensley (Dec 15)
- RE: Port 4662 exploitation Mohamad M (Dec 12)
- Re: Port 4662 exploitation ArcSighter Elite (Dec 12)
- <Possible follow-ups>
- FW: Port 4662 exploitation lgpmsec (Dec 15)
- RE: Port 4662 exploitation Shenk, Jerry A (Dec 15)