Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: How to become a Computer Security Professional ?
From: rchrafe <rchrafe () gmail com>
Date: Tue, 20 Nov 2007 07:49:20 +0100

XSS Worm XSS Security Information Portal wrote:
#!/bin/sh

# 0day exploit for Paul Schmehl
# based on information provided by Paul Schmehl
# pauls () utdallas edu <mailto:pauls () utdallas edu>
#

echo pauls > /hack/edu/utdallas.edu/known.addresses

googledump.pl --email-addresses --context-links 
 --referers --extended-links -keywords "Paul","Schmehl","utdallas.edu 
<http://utdallas.edu>", "pauls@", "pauls () utdallas 
","paul.schmehl@" --verbose 

socialgrab.pl --known-address "pauls () utdallas edu 
<mailto:pauls () utdallas edu>" --real-name "Paul Schmehl" 
--tags=security,hacking,utdallas,vulnerability 
--search=facebook,youtube,live,myspace,igoogle,yahoo,netvouz,rojo,digg,bebo,ebay,blogger,wordpress 
--verbose --dump-links

infopull.pl --pgp-search --whois --domaintools --usenet --trackers 
--irclog --mirrors --listserv --known-addresses="pauls () utdallas edu 
<mailto:pauls () utdallas edu>"

echo "Paul Schmehl" >> /hack/TO-DO/pauls.at.utdallas.dot.edu

# http://xssworm.com
HAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAA
 






On 11/19/07, *Paul Schmehl* <pauls () utdallas edu 
<mailto:pauls () utdallas edu>> wrote:

    --On November 19, 2007 3:34:23 AM +0000 worried security
    <worriedsecurity () googlemail com
    <mailto:worriedsecurity () googlemail com>> wrote:
    >
    > The forth most important rule to becoming a security professional,
    > always use a throw-away e-mail account so it doesn't matter of
    script
    > kids hi-jack your e-mail account with the next cross-site scripting
    > vulnerablity that gets posted to the public mailing lists.
    >
    You forgot the most important rule of all.  Pay no heed to bozos
    who post
    anonymously and don't even have a job in security.  Their advice is
    usually worth just as much as their reputation.

    Paul Schmehl ( pauls () utdallas edu <mailto:pauls () utdallas edu>)
    Senior Information Security Analyst
    The University of Texas at Dallas
    http://www.utdallas.edu/ir/security/
    <http://www.utdallas.edu/ir/security/>

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    <http://lists.grok.org.uk/full-disclosure-charter.html>
    Hosted and sponsored by Secunia - http://secunia.com/




-- 
Francesco Vaj [CISSP - GIAC]
CSS Security Researcher
mailto: vaj () nospam xssworm com <mailto:vaj () nospam xssworm com>
aim: XSS Cross Site
------
XSS Cross Site Scripting Attacks
Web 2.0 Application Security Information Blog (tm) 2007
http://www.XSSworm.com/
------
"Vaj, bella vaj.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]