I bet antenna guy doesn't understand WebPilot: http://interscapeinc.com/70.html
:)
J
JustThat
@JustThat
0
Reputation
7
Posts
25
Profile views
0
Followers
0
Following
Best posts made by JustThat
This user hasn't posted anything yet.
Latest posts made by JustThat
-
RE: YOU DON'T UNDERSTAND ANTENNA!
-
RE: YOU DON'T UNDERSTAND ANTENNA!
@emurphy said:
@alias said:
just incase you wondered, this is one of the guys sites produced by antenna
http://cmcmarketscfd.com/home.htm
how 1999
The form is ugly enough, but look at the content:
"We at CMCmarketsCFD.Com are scammers that offer fantastic spreads and then tweak your platform to take out your stops, your trade will not be entered into the market, we take the bet on and trade against you, everyone that trades CFD's mainly trades with us, so you are another sucker to the slaughter."
"Watch your trade, soon as you get filled after a requote your platform will trade against you because our platforms are designed in PHP which is a lanquage in programming and know who are trading what, in what lots and we have a computer that is on auto-pilot to trade against the trades that you and others enter into a uniform PHP robotic system."
I can't even bear to try the links.
That almost looks like they got pwn3d
-
RE: YOU DON'T UNDERSTAND ANTENNA!
@alias said:
just incase you wondered, this is one of the guys sites produced by antenna
http://cmcmarketscfd.com/home.htm
how 1999
OMGTIU!
(OMG That Is Ugly)
-
RE: Dell Battery Replacement Program
@cconroy said:
Obviously they're using the new mail client MadLibsMail, and neglected to fill in one of the fields. Sample form:
Dear Customer,
Thank you for /verb/ing a /product name/ from us. If you're not /adverb/ly /adjective/ with the results, feel free to /verb/ it /direction/ your /body part/.
/Adverb/ly,
Dell Customer Service
ROFL!
-
RE: Coworker WTF
I call people like this "One Trick Ponies". Your coworker can probably do one thing and that's about it.
I once worked with a PeopleSoft specialist. She could write Peoplecode well enough but was 100% clueless when it came to anything else in computers. She had to ask a coworker for help sending email and also asked a coworker if he "had gotten this message from the network, too" while pointing to the BSoD on her XP workstation. -
Security Scans From Beyond the Clue
<font face="Courier New" size="2">We were deploying a new application on an existing web server farm. Part of the deployment process, however,
is that we had to have the box and application scanned by the security department.<o:p></o:p></font><font face="Courier New" size="2"><o:p></o:p>The engineer (and I use the term loosely) used a product called Nessus to run the system scan. No problem there other than
Nessus returning lots of messages like:<o:p></o:p></font><font face="Courier New" size="2">"Post 4153 is open. This could be a trojan. You should scan your system with a good anti-virus program."<o:p></o:p></font>
<font face="Courier New" size="2"><o:p></o:p>...which are pretty much useless when the report has several dozen of them on a server that is internal only,
isn't used for accessing the Internet and is just over one year old (Windows 2003) and isn't the purpose to tell the administrator
that there is a vulnerability; not that the port that a known vuln works on is open and you should check it just to be sure?<o:p></o:p></font><font face="Courier New" size="2">The real fun started when he sent us the results for his web application scan.
The results included vulnerabilities like the following:<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2">------------------------------------------------------------<o:p></o:p></font>
<font color="#0000ff" face="Courier New" size="2">/..\..\..\..\..\..\temp\temp.class - Cisco ACS 2.6.x and 3.0.1 (build 40) allows authenticated remote users
to retrieve any file from the system. Upgrade to the latest version. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /..%2F..%2F..%2F..%2F..%2F../windows/repair/sam - BadBlue server is vulnerable to multiple remote exploits.
See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam._ - BadBlue server is vulnerable to multiple remote exploits.
See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /..%2F..%2F..%2F..%2F..%2F../winnt/repair/sam - BadBlue server is vulnerable to multiple remote exploits.
See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /[SecCheck]/..%2f../ext.ini - BadBlue server is vulnerable to multiple remote exploits.
See http://www.securiteam.com/exploits/5HP0M2A60G.html for more information. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /modules.php?name=Members_List&letter=All&sortby=pass -
PHP Nuke module allows user names and passwords to be viewed.
See http://www.frog-man.org/tutos/PHP-Nuke6.0-Members_List-Your_Account.txt for other SQL exploits in this module. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /file/../../../../../../../../etc/ - The Icecast server allows the file system to be probed for directory structure,
but does not allow arbitrary file retrieval. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /../../../../winnt/repair/sam._ - Sam backup successfully retrieved. (GET)<o:p></o:p></font>
<font color="#0000ff" face="Courier New" size="2"> /cgi-bin/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%57%69%6E%64%6F%77%73%2Fping.exe%20127.0.0.1 -
Specially formatted strings allow command execution. Upgrade to version 1.15 or higher.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0011. (GET)<o:p></o:p></font><font color="#0000ff" face="Courier New" size="2"> /temp/ - This might be interesting... (GET)<o:p></o:p></font>
<font face="Courier New" size="2"><font color="#0000ff">------------------------------------------------------------</font><o:p></o:p></font>
<font face="Courier New" size="2"><o:p></o:p>Again, this is a Windows 2003 server.
</font>- <font face="Courier New" size="2">It is not a Cisco IOS.
</font> - <font face="Courier New" size="2">It isn't running BadBlue
</font> - <font face="Courier New" size="2">It isn't running Icecast
</font> - <font face="Courier New" size="2">It isn't running PHP for that matter.<o:p></o:p></font>
<font face="Courier New" size="2">So, we asked the engineer how he got this data. His response included: <o:p></o:p></font>
<font face="Courier New" size="2">"The results come from automated tools and scripts, thus they are not 100% accurate to your individual system...the results
must be verified locally. If you don't use specific modules or apps, then don't worry about them. Links are provided to sites
with more information about things identified..."<o:p></o:p></font><font face="Courier New" size="2">All right. Doesn't make much sense to us, telling us we may have a vulnerability according to the scan but only we would know
for sure, so we checked out one of the sites: http://www.securiteam.com/exploits/5HP0M2A60G.html <o:p></o:p></font><font face="Courier New" size="2">This article, published in July of 2002 (WTF!?) is for version 1.5 of BadBlue. 2.7.1 is the current release. To make matters worse,
the page indicates that a group called "ElectronicSouls" are the ones who found the exploit and their website is:
http://www.0x4553.org/ (caution! don't go here if small children are around or you are easily offended, get my drift?)<o:p></o:p></font><font face="Courier New" size="2">We then asked this engineer if he could reproduce just one of the vulnerabilities. Specifically, the one for BadBlue.
The page above has perl code to determine if a server has this vulnerability. We ran it on all our servers:
they all turned up negative.<o:p></o:p></font><font face="Courier New" size="2"><o:p></o:p>I came very close to telling the engineer that his front door at home was unlocked and he needed to check it.
I couldn't verify it was, but I ran a scan on his house from my desktop and, although not 100% accurate to his house,
it could only be verified locally. If he didn't have a front door, he could ignore my scan...just like we're going to ignore his.<o:p></o:p></font><font face="Courier New" size="2"><o:p> </o:p></font>
- <font face="Courier New" size="2">It is not a Cisco IOS.