Home page logo

pen-test logo Penetration Testing mailing list archives

Re: Hacking demo - most spectacular techniques
From: "Nexus" <nexus () patrol i-way co uk>
Date: Tue, 2 Oct 2001 19:37:21 +0100

----- Original Message -----
From: "Ilici Ramirez" <ilici_ramirez () yahoo com>
To: <pen-test () securityfocus com>
Sent: Monday, October 01, 2001 8:53 AM
Subject: Hacking demo - most spectacular techniques
managers, vice-presindents, and other high-level
morons. The goal is to explain how easy is to hack an

The ones that you hope will pay you for your consultancy ? ;-)

1. Remote VNC install - GUI session on target machine
2. BO2K or Subseven
3. Port redirection with fpipe - a firewall is not
always enough
4. Remote shell with netcat
5. Null session - information gathering with no right

SQL injection - show them a hardened web server (prove it with popular
automated scanners) but one that doesn't do user input validation to the
database, stored procedures running in the SYSTEM context, sa:blank et al.
All you need is a browser....


This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]