Tweet
dont worry
I take any opurtunity I can to learn, both linux and win2k. I am trying a few things. ;)
--red0x
I take any opurtunity I can to learn, both linux and win2k. I am trying a few things. ;)
--red0x
-
-
Anyone? Any successes? Any interesting findings yet?if it gets me nowhere, I'll go there proud; and I'm gonna go there free.Comment
-
i have an idea on how to get in...
can i get an email verifying it is ok for me to own your box?
simon@willhaven.org
thanks..."I'm not a robot like you. I don't like having disks crammed into me... unless they're Oreos, and then only in the mouth."Comment
-
once you try it, can you tell me how you found it and what it is, etc?
--red0xComment
-
yay
a computer to hack
how delicious----------------------------------------------------------------
"Everything that's countable doesn't necessarily count. What counts isn't necessarily countable."
Albert EinsteinComment
-
ble
IIS 5.0 cross scripting vulnerability.
just a guess :)
mmmmmm
maybe not.----------------------------------------------------------------
"Everything that's countable doesn't necessarily count. What counts isn't necessarily countable."
Albert EinsteinComment
-
don't just guess... go for itif it gets me nowhere, I'll go there proud; and I'm gonna go there free.Comment
-
There are two ways that I think can lead to owning... Exploiting the asp code or some crazy packet analysis stuff that I couldn't tell you about (cause I dont know)...
I've already gotten the asp code to spit out some runtime errors...
whats everyone else gotten so far?"I'm not a robot like you. I don't like having disks crammed into me... unless they're Oreos, and then only in the mouth."Comment
-
well
I already got some dll library to spit some errors.
That's why I said IIS cross scripting vulnerability.
Can't get it to do what I want though. Never been into this part of the exploiting world before anyway :D
DAmn where is George Guninski when you need him. heh
later all----------------------------------------------------------------
"Everything that's countable doesn't necessarily count. What counts isn't necessarily countable."
Albert EinsteinComment
-
i can think of a couple weaknesses in the site that are *possibly* expoitable...
give it a try and give me a shout if you want the source to work off of too... I know, I know... that would be cheating; but actually, if my code or one of the components I'm using is going to kill me, then I'd rather find out nowif it gets me nowhere, I'll go there proud; and I'm gonna go there free.Comment
-
hahah
do I get a hired then? :D
hehehe----------------------------------------------------------------
"Everything that's countable doesn't necessarily count. What counts isn't necessarily countable."
Albert EinsteinComment
-
anyone tired of trying to hack my server yet? not wanting to play with asp, etc?? well, thats disheartening, but..!
hack my other server!
as of this point, I would also like to open up http://63.82.76.99 for scrutiny
my only request is that the same guidelines listed above for getting into .100 be your guiding cricket
btw.. for the asp code, see attached for your reading pleasure
the ASPTear component can be downloaded at http://www.alphasierrapapa.com/iisde...nents/asptear/if it gets me nowhere, I'll go there proud; and I'm gonna go there free.Comment
Comment