Re: Hacking demo - most spectacular techniques

From: Bill Pennington (billpat_private)
Date: Tue Oct 02 2001 - 07:54:32 PDT

Next message: Trey Mujakporue: "Blind penetration testing"

Previous message: Steve Maks: "RE: Hacking demo - most spectacular techniques"
In reply to: Ilici Ramirez: "Hacking demo - most spectacular techniques"
Next in thread: bluefur0r bluefur0r: "Re:Hacking demo - most spectacular techniques"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I try to keep it simple. I setup an IIS 5 box and a firewall. configure
the firewall to allow only port 80 in but everything out. Then just use
the null.printer overflow. Simple effective and short. No need to drive
the GUI or anything most people just get it. If you want to get more
elaborate setup a second box running for fav DBMS then "find" the
username and password in some ASP code on the newly hacked IIS box and
use the tools installed on the www server (or upload them to attach to
the DB and make quires. I have run the exact demo numerous times for
both semi-technical and non-technical groups and it seems to work well.

Ilici Ramirez wrote:
> 
> Hi all,
> 
> We intend to make a short demonstration of hacking as
> part of a longer seminar with more than 100 IT
> managers, vice-presindents, and other high-level
> morons. The goal is to explain how easy is to hack an
> unsecured system or network.
> 
> For them to understand and to realize how just only an
> unsecured computer could lead to compromise of an
> entire business we need to show some hacking examples
> real spectacular.
> 
> So I need your help to make a top short list. I will
> insert here my humble opinion, but I expect more from
> all of you experienced pen-testers.
> 
> 1. Remote VNC install - GUI session on target machine
> 2. BO2K or Subseven
> 3. Port redirection with fpipe - a firewall is not
> always enough
> 4. Remote shell with netcat
> 5. Null session - information gathering with no right
> 
> Ilici R
> 
> __________________________________________________
> Do You Yahoo!?
> Listen to your Yahoo! Mail messages from any phone.
> http://phone.yahoo.com
> 
> ----------------------------------------------------------------------------
> This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
> Service. For more information on SecurityFocus' SIA service which
> automatically alerts you to the latest security vulnerabilities please see:
> https://alerts.securityfocus.com/

-- 


Bill Pennington - CISSP

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Trey Mujakporue: "Blind penetration testing"
Previous message: Steve Maks: "RE: Hacking demo - most spectacular techniques"
In reply to: Ilici Ramirez: "Hacking demo - most spectacular techniques"
Next in thread: bluefur0r bluefur0r: "Re:Hacking demo - most spectacular techniques"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 11:47:56 PDT