Full Disclosure: Re: .NET REMOTING on port 31337

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: .NET REMOTING on port 31337

From: <full-disclosure () hushmail com>
Date: Sat, 29 Sep 2007 08:33:14 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Evan,

Your racism is not appreciated.  Please do not mail me again.

On Fri, 28 Sep 2007 15:44:51 -0400 Evan Pitstick
<bikingnerd () comcast net> wrote:

Simon Smith is friends with KF the infosec nigger midget.  Be
careful or he will steal your watermelons for his friend.

On Fri, 2007-09-28 at 15:37 -0400, full-disclosure () hushmail com
wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

fascinating tell me more

On Fri, 28 Sep 2007 15:36:07 -0400 Simon Smith

<simon () snosoft com>

wrote:

I don't have any techniques...

full-disclosure () hushmail com wrote:

educate me dude i bet i'll win this one.

are your techniques more advanced than the anvil ids suite?

On Fri, 28 Sep 2007 15:22:23 -0400 Simon Smith

<simon () snosoft com>

wrote:

I do... but I don't have time to explain it to you... its
complicated...
post-nmap stuff...

full-disclosure () hushmail com wrote:

dunno how do you plan on figuring out what is running there

On Fri, 28 Sep 2007 15:07:34 -0400 Simon Smith

<simon () snosoft com>

wrote:

Phew... thought you were serious for a moment...
I mean... what more could there be aside from nmap. ;]
full-disclosure () hushmail com wrote:

No just kidding lol a lot of people here seem to make

money

in

this

business.

On Fri, 28 Sep 2007 15:01:01 -0400 Simon Smith

<simon () snosoft com>

wrote:

No way...
are you serious?
;P
full-disclosure () hushmail com wrote:

Sounds like you will need to learn how to use debugging

and

other

reverse engineering tools dude.  Security gets a little

more

complicated post-nmap.



On Fri, 28 Sep 2007 14:21:52 -0400 Simon Smith

<simon () snosoft com>

wrote:

Got output... and it was... no idea what it was...

can't

paste

it

due to
confidentiality though.
Fabrizio wrote:

.NET Remoting is "a generic system for different

applications

to

use to

communicate with one another." It's part of the .NET

framework,

obviously. (not trying to be a smart ass)

I'm gonna take a wild guess and say it's not a good

thing......

Connect to it, and see if you get any output, if you

haven't

already

done so.

Fabrizio



On 9/28/07, * Simon Smith* <simon () snosoft com
<mailto:simon () snosoft com>> wrote:


Has anyone ever heard of .NET REMOTING running on

port

31337?

If

so,

have you ever seen it "legitimate"?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-

charter.html

<http://lists.grok.org.uk/full-disclosure-

charter.html>

Hosted and sponsored by Secunia - http://secunia.com/

------------------------------------------------------

---

--

--

--

--

-------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-

charter.html

Hosted and sponsored by Secunia - http://secunia.com/

--
- simon
----------------------
http://www.snosoft.com

--
Click here to find great prices on contact lenses.  Save

now.


http://tagline.hushmail.com/fc/Ioyw6h4ea3DsXjSV0BsP1YTozy3Px8JSHxZ

v9UYiKIbvmBMS8cN5D/

--
- simon
----------------------
http://www.snosoft.com

--
Click here for free information on exciting leadership

programs.


http://tagline.hushmail.com/fc/Ioyw6h4dDEsHl9DycYqbZ3GrueBGQ2n3jOJ

u8VBwDe3bXvscFUYtv/

--
- simon
----------------------
http://www.snosoft.com

--
Click for free information on accounting careers, $150 hour
potential.


http://tagline.hushmail.com/fc/Ioyw6h4dCaQzqlFuxiHhBM76jQM7p3uFLDV

jtv7Yywb9ixgu0UUOR/

--

- simon

----------------------
http://www.snosoft.com


--

- simon

----------------------
http://www.snosoft.com

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at

https://www.hushtools.com/verify

Charset: UTF8
Version: Hush 2.5

wpwEAQECAAYFAkb9WBYACgkQ+dWaEhErNvTjLQP9G5jwotCJuGJKoaH1vtyPzmeYcYs
D

JkXGzbRfLyssmLYitypIX+BrDEZo+yMa1ILP8KXR/kbp2VhuxTqHTpXB37lG9T1Yakb
z

bPQTEWalXuAFAbssE80xTPUMUoRrfOpjp+2nbs8DjiUb2lRwG9h0ZgytQ6eDQ0XzflB
w

A/omYx0=
=nUaR
-----END PGP SIGNATURE-----

--
Click to compare life insurance rates.  Great rates, quick and

easy.

http://tagline.hushmail.com/fc/Ioyw6h4d8MLgbgntDZ0zafUNZKvdlcKGT44L
uMlKsRIwZPCOiSelkc/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5

wpwEAQECAAYFAkb+RgoACgkQ+dWaEhErNvT/ogP9F685RCLsfQWt+CCQ9Fu+YJc/Cm68
KJ0acKPE1TgJ07OxuE2DWilj98fc04dY/6rvNt3jXnOyYVewDyqSbSBx0asgPScRB1VZ
OHBWQwgEQLznQDH7C6EL0Ewhmn2wByftnAsKyEdbmpoAeSgDQiJ/skZV6uHSRRZ/mW4v
qjIAAq4=
=mfeQ
-----END PGP SIGNATURE-----

--
Bad web design can hurt your business! Click to hire a professional
http://tagline.hushmail.com/fc/Ioyw6h4eGtxkwotzOVtzlAytOTopaIbelPytXHd7yY7IVJMtVQNtk0/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: .NET REMOTING on port 31337, (continued)
- Re: .NET REMOTING on port 31337 full-disclosure (Sep 28)
  - Re: .NET REMOTING on port 31337 Simon Smith (Sep 28)
- Re: .NET REMOTING on port 31337 full-disclosure (Sep 28)
  - Re: .NET REMOTING on port 31337 Simon Smith (Sep 28)
- Re: .NET REMOTING on port 31337 full-disclosure (Sep 28)
- Re: .NET REMOTING on port 31337 full-disclosure (Sep 29)