how about showing browser exploits against IE and mozilla?
On Tue, 7 Sep 2004 14:13:16 +0800, Roger Filomeno <[EMAIL PROTECTED]> wrote: > One hour...Well the easiest hack i can do is the mIRC32 exploit i use > for Netopia. Basically you can run authorized programs as long as they > have the same filename as an authorized program. The mIRC /run command > gives you the shell access, allows you to run backdoor applications > like webcam captures ;p > > Website defacing...I'll try to look for some sites that still have has > that. The SQL inject has been fixed so long ago that it would be hard > to find one..except if it was made to allow that. > > Mal-formed RPC..same principle sasser used but you'll need another pc > on the lan. > > Yahoo..You can try booting people off Yahoo messenger Chat using a > booter (elitenick.com) also my favorite past time ;p > > > > > On Tue, 7 Sep 2004 10:08:23 +0800, Miguel A Paraz <[EMAIL PROTECTED]> wrote: > > On Tue, 7 Sep 2004 00:13:59 +0800, Roger Filomeno > > <[EMAIL PROTECTED]> wrote: > > > DIDS - distributed intrusion detection system, using snort, log > > > uploader to dshield.org, blocklist script from dshield.org, and alerts > > > from Internet Storm Center/Dshield.org > > > > This is practical, but proactive. I'd like to show a successful > > exploit, even with a contrived example. > > > > Do you know any web apps with open cross-site scripting or SQL > > injection vulnerabilities? I think that's the easiest way to get in > > nowadays, even if all you can do with it is deface a webpage. That > > gets attention. > > > > > Honey Pot - used with snort. Fools an attacker to attack a fake system > > > and logs all the activity, used to analyze intrusion methods - uses > > > perl. (didnt work for kevin mitnick.hmm) > > > > I think the honeypots out there are meant to fool programs, not humans. > > > > > Or... Maybe 110 telco grade servers on mosix cluster cracking verisign > > > keys ;p.. > > > that would might get an attention ;p > > > > I only have an hour! And one PC! :) > > > > > > -- > > Philippine Linux Users' Group (PLUG) Mailing List > > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > > Official Website: http://plug.linux.org.ph > > Searchable Archives: http://marc.free.net.ph > > . > > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > > . > > Are you a Linux newbie? To join the newbie list, go to > > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > > > > > -- > Roger P. Filomeno > Systems Developer > Finger Apps Inc, http://fingerapps.com > Systems Developer > Entertainment Gateway Group, http://egg.ph > > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > -- Seek ye first the kingdom of God and all these things shall be added unto you. Winelfred G. Pasamba Adventist University of the Philippines Computer Science Department, AUP Online Information System -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
