Vulnerability Development mailing list archives

Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days

From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Mon, 17 Jan 2000 23:13:55 -0800


Solar Eclipse wrote:
<snip>


Day 21. Get busted and spend the rest of your life giving pleasure to big
sweaty inmates. But hey, you might like it!


Ahh... the well-known Bubba root hole compromise due to poor
physical security.

<snip>


You can also try putting the user's network card in promiscuous mode,
or capture the outgoing data from his modem. Unfortunately (or
fortunately, depending on your point of view) almost everybody uses SSL
nowadays and the number of unencrypted CCs floating around is not very
high.


Or you can hook the SSL DLLs, watching for traffic being passed to
SSL on the assumption that it will be more interesting.

                                        BB

Current thread:

Re: Secure coding in C (was Re: Administrivia #4883), (continued)
- - - Re: Secure coding in C (was Re: Administrivia #4883) Iván Arce (Jan 14)
    - Re: Secure coding in C (was Re: Administrivia #4883) kay (Jan 15)
    - Re: Secure coding in C (was Re: Administrivia #4883) Brian Masney (Jan 16)
    - Re: Secure coding in C (was Re: Administrivia #4883) K Martin (Jan 16)
    - Re: Secure coding in C (was Re: Administrivia #4883) Paul Cardon (Jan 16)
    - Re: Secure coding in C (was Re: Administrivia #4883) K Martin (Jan 17)
    - Re: Secure coding in C (was Re: Administrivia #4883) Bennett Todd (Jan 17)
    - Re: Secure coding in C (was Re: Administrivia #4883) Aviram Jenik (Jan 16)
    - Re: Secure coding in C (was Re: Administrivia #4883) Craig H. Rowland (Jan 17)
    - Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days Solar Eclipse (Jan 17)
    - Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days Blue Boar (Jan 17)
    - Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days kay (Jan 18)
    - Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21Days Blue Boar (Jan 18)
    - e-commerce site security (was: Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days) Jon Paul, Nollmann (Jan 18)
    - Re: Secure coding in C (was Re: Administrivia #4883) Warner Losh (Jan 17)
    - Re: Secure coding in C (was Re: Administrivia #4883) Tellier, Brock (Jan 20)
    - Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 20)
    - Re: Secure coding in C (was Re: Administrivia #4883) Seth R Arnold (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Blue Boar (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Mikael Olsson (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 21)

(Thread continues...)