pen-test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Code execution needed, dns compromised

from [Gisthre Nendjka] [Permanent Link][Original]
To: pen-test@securityfocus.com
Subject: Code execution needed, dns compromised
From: "Gisthre Nendjka" <gisthre@gmail.com>
Date: Sun, 22 Jul 2007 02:31:38 -0300
Delivered-to: sp-com-lists@consult.net
Delivered-to: pentest-list2@consult.net
Delivered-to: mailing list pen-test@securityfocus.com
Delivered-to: moderator for pen-test@securityfocus.com
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=NF1VpjkoVNxUGFaDN4o4Px9cGQxy0t/CQ1mmNmXxXouHnlCd3q1uuFD8trbK19/IhX46irh8Npt7i8BLUcaiOqPk8Q0CnEOkpi5cwYBTc43gRwtsBowkkvcTpDQh5PMre0x9LWqdmtFwGSRLpBDmk9/8OKKKNPnQ5IoSr8AG5qU=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=beQ8ruRePt6JKOslHB5YUiq0EfdQzW/BON9OWiMwK7ue/1va9w6F6RWhdKAx1Ofe5UDtho5P1tgfEN9e5jiY32sLJ7BlKjgVjKpiKKZVvqbjvVXzal4Jd+IE8qKv52NcxSxc5Hx91YPlHvTgPOmYKlhOFOy4fKY5rf7KzIHdsa8=
List-help: <mailto:pen-test-help@securityfocus.com>
List-id: <pen-test.list-id.securityfocus.com>
List-post: <mailto:pen-test@securityfocus.com>
List-subscribe: <mailto:pen-test-subscribe@securityfocus.com>
List-unsubscribe: <mailto:pen-test-unsubscribe@securityfocus.com>
Mailing-list: contact pen-test-help@securityfocus.com; run by ezmlm
Resent-date: Mon, 23 Jul 2007 03:54:14 -0600 (MDT)
Resent-from: pen-test-return-1078484665@securityfocus.com
Resent-message-id: <20070723095414.9E5A4143EBF@outgoing2.securityfocus.com>
Resent-sender: listbounce@securityfocus.com
Sender: listbounce@securityfocus.com 
Hi, i am conducting a pentest for a small firm and was able to
redirect the dns queries to a server driven by me. I used to see ldap
dns queries ( _ldap._tcp.dc._msdcs.DOMAIN.COM ,
_ldap._tcp.pdc._msdcs.DOMAIN.COM and others) and antivirus looking for
updates, so before trying to reverse antivirus update method, and
getting personal passwords from smtp/pop/http personal accounts, i
would like to know if there is an easy way to run code into these
computers (mainly put a specific "myfile.txt" in the desktop folder).

Thanks in advance,

Gisthre

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Code execution needed, dns compromised, Gisthre Nendjka <=
Previous by Date:  Re: Something strange in my logs!!!, Zed Qyves
Next by Date:  Re: Mile2 Training (Certifications), Pete Herzog
Previous by Thread:  Breaking from MySQL to Linux system (SQL Injection)., Danett song
Next by Thread:  Re: Vulnerability Assessment, Mondai Ji
Indexes:  [Date] [Thread] [Top] [All Lists]