A kind of Honeypot

From: Nicolas Gregoire (nicolas.gregoireat_private)
Date: Wed Jun 20 2001 - 01:42:41 PDT

  • Next message: Vanja Hrustic: "Re: What is your policy on customers particapating in a pen test?"

    Hi all,
    
    I plan to make a website just for my pen-tests.
    
    This website grabs as much as possible info from the visitors (IP,
    browser, proxy, etc ..), tries to exploit some common vulns of browsers
    (Guninski's page is a good start for this) and hosts a passive
    fingerprinting app.
    The victims are "spammed" with some misc. content (p0rn, free CD/DVD,
    jokes) linking (or redirecting) to the site.
    
    Has anybody ever do that ?
    
    Nicob
    



    This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 11:02:24 PDT