Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Alisse

From: maniacode () free fr
Date: Wed, 29 Jul 2009 09:28:31 +0200


It sounds just like a specific "webservice" that would transmit private
key encrypted data (handshake session ?) or a fixed length hash result
(remote system/config/file integrity test ?).

-- 
Pierre Jaury
CS103, 20, Avenue des buttes de Coësmes
35 043 Rennes FRANCE

Administrateur Dreamseed.fr
Responsable équipe réseau Insal@n
Webmaster e-kaiyou.org

On Mon, July 27, 2009 08:43, Yiannis Koukouras wrote:

Hello all,

During a black box pentest, I found port 9025 open on a system and
when I connected with nc I got the following reply (follow link to
view the reply as it is in non ASCII format):

http://pastebin.ca/1494670

Do you think this is a web service listener or something like that?

The tags indicate that tha this has something to do with XML.
Nevertheless, it does not respond to any input....

I am open to ideas...

Thnx,
Ioannis (Yiannis) Koukouras

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require a
full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: