Re: Pentesters getting owned?

[jan.muenther () nruns com]

Hi there,

> story.  I have experienced network admins monitoring and attempting to drop
> connections as the team performs the pen-test.

Well, that is totally common practice. I've seen this happening over and
over, they're watching and changing things on the fly while you're at work.
One time I was actually kicked out (they shut down the machine, hah hah)
while being logged on... 

One thing that always concerns me is pen testers forgetting their temporary
backdoors and listeners. I usually check twice that I didn't forget
anything, but hey, others might not or you may just have a bad day. One of
the reasons why you should always thoroughly document what you've done and
how...

I also recall a story of a fellow pen tester who conducted a pen test on the
wireless infrastructure of a client who arrived one day early and already
commenced the testing, totally ripping them apart. They didn't notice it and
had shut down a lot of systems overnight and were quite surprised by him
showing them their passwords on a sheet of paper. 

Cheers, J.

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave