Re: Non-GUI intrusion
From: m@rl206.orgDate: 09/26/01
- Previous message: olle: "Re: FW: RE Modem identification"
- In reply to: KK Mookhey: "Non-GUI intrusion"
- Next in thread: Dawes, Rogan (ZA - Johannesburg): "RE: Non-GUI intrusion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "KK Mookhey" <kkmookhey@yahoo.com> From: "m@rl206.org" <m@rl206.org> Subject: Re: Non-GUI intrusion Date: Tue, 25 Sep 2001 21:55:42 -0500 Message-Id: <20010926025543.7C9054DC2@rome>
You could try sniffing and reassembling smb traffic, possibly
gleaning the target source files in the mix. Although it is
possible that the blue-team is using promiscuous detection, this
is likely the quietest way of reaching your flag.
I do not know of a win32 tool which will do specifically tcp stream
reassembly on win32. Someone on this list likely does, however.
If there a nix somewhere in the mix, you could try
http://www.hsc.fr/ressources/outils/smbsniff
Good luck,
Marten Kaye.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: olle: "Re: FW: RE Modem identification"
- In reply to: KK Mookhey: "Non-GUI intrusion"
- Next in thread: Dawes, Rogan (ZA - Johannesburg): "RE: Non-GUI intrusion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
