Wut? This isn't about golf?
On 2/25/2014 1:39 PM, Brandon Perry wrote:
I, for one, believe lumberjack skills are a must have for anyone entering the
workforce today. The ability to hack trees down swiftly and efficiently is
something i am not willing to train my employees to do. I fully
PoTTY is a re-branded PuTTY clone for Windows offering
obfuscated-openssh (oossh) support (if you have to ask, you don't need
it).
This version simply adds the bug fixes made to Simon Tatham's PuTTY
v0.63 earlier this month. No new features/capabilities were added.
Download page:
Earlier today I noticed I was getting a lot of TCP port 6515 proxies on
The List (http://www.mrhinkydink.com/proxies.htm ) Curious, I checked
one it and it gave me a VIA header of
1.1 Fran-PC (McAfee Relay Server 5.2.3)
Then I took a peek at the database. Nearly 1900 of these things since
That... ahem... particular company has had that particular page
(/MCS/email.apsx) in one form or another for a long time, since the late
90s at least, when it was a cgi app.
IIRC, at one time you could SPAM anyone through it, but they learned
their lesson and now you can only SPAM the
) in Chinese-speaking countries.
--Mr. Hinky Dink
walk like a mannequin
roll like a tyre
act on reaction
dodge the Big Spud Fryer
http://mrhinkydink.blogspot.com
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
On Sun, 2011-08-07 at 16:27 -0400, valdis.kletni...@vt.edu wrote:
On Sat, 06 Aug 2011 19:59:23 EDT, Mr. Hinky Dink said:
23,000+ showed up in July. Over 16,000 new ones in the first week of
August. Somebody doesn't get it.
http://mrhinkydink.blogspot.com/2011/08/tcp-port-8909
23,000+ showed up in July. Over 16,000 new ones in the first week of
August. Somebody doesn't get it.
http://mrhinkydink.blogspot.com/2011/08/tcp-port-8909-proxies.html
See also...
http://mrhinkydink.blogspot.com/2011/04/insecure-defaults-in-ppliveav-client.html
See also
http://www.cisco.com/warp/public/707/cisco-sa-20110126-csg2.shtml
Cisco Bug ID CSCtk35917
If you or one of your budz had anything to do with this and are not
encumbered by NDA, please contact me off-list (or on -- it's all good).
This kind of thing is my specialty, so I have a
Recent Tweets about http://dlvr.it/4lDy3, which is in Chinese (I think).
And http://dlvr.it/4lDy3 which seems to be a security blog link trap
(lots of crap that goes through linkbucks.com).
http://twitter.com/daveaitel
___
Full-Disclosure - We believe
NAME: PoTTy v0.60
=
VENDOR: Mr. Hinky Dink
==
PoTTy, an Open Source, modified version of Simon Tatham's PuTTy (Windows
version, v0.60) for Bruce Leidl's Obfuscated-OpenSSH v5.2 server, has
been demonstrated vulnerable to the recent Windows DLL hijacking
discovered by mrhinkydink
PRODUCT: Websense Enterprise
EXPOSURE: Trivial Web Policy Bypass (III)
LINK:
http://mrhinkydink.blogspot.com/2010/08/websenseisa-via-bypass-redux.html
SYNOPSIS
On May 29, 2010 I demonstrated that by adding a Via: header to an HTTP
request it is possible for
Have you ever considered obfuscated-openssh?
http://github.com/brl/obfuscated-openssh
I have a modified version of PuTTY available for it...
http://www.mrhinkydink.com/potty.htm
Still... you should change the freakin' port.
Original Message
Subject: [Full-disclosure]
Point taken. However, my ulterior motive was in promoting
obfuscated-openssh, which, IMHO, is an excellent and under-appreciated
enhancement to openssh.
Note that with iptables you can leave ssh on port 22 but have it answer
on other ports. See http://proxyobsession.net/?p=869
Why anyone
Chaining downstream proxies to ISA and requiring Windows Integrated Auth
has been an issue for a long time (it generally breaks the chain, so
that fixes the bypass problem right there), but frankly I'm guessing.
Windows Auth brings a lot of incompatibilities with it. I wouldn't
recommend it
When you look at the MUSTs for Via in RFC 2616, there are only three.
None of them seem to be applicable here. And, of course, nowhere does
it say a client MUST NOT fake a Via header. ;-)
So you have an assumption that if an HTTP request with a Via header
passes through your device it must
I wouldn't call breaking proxy chaining mitigation, either. More like a
quick fix, if and only if it works. Or maybe you'd call it a
work-around, which is what I called it in the first place.
No, there's nothing at all in the Websense database indicating you went
to playboy.com. You are home
discovered by mrhinkydink
PRODUCT: Websense Enterprise v6.3.3
EXPOSURE: Trivial Web Policy Bypass
SYNOPSIS
By adding a Via: header to an HTTP request it is possible for a user
to completely bypass filtering and monitoring in a Websense Enterprise
6.3.3/Microsoft ISA Server (2004 or
As far as RDP is concerned, it's much simpler (and more fun!) to host an
Evil RDP Server than it is to hack into one. There is no end to the
shenanigans you can create or the havoc you can wreak, if you're into that
kind of thing (just sayin'... as a Big Time Security Professional™, I'm
not).
Vis7a and Server 2008, but I really haven't kept up with the tech).
- Original Message -
From: Thor (Hammer of God) t...@hammerofgod.com
To: Mr. Hinky Dink d...@mrhinkydink.com;
Full-Disclosure@lists.grok.org.uk
Sent: Saturday, March 27, 2010 12:09 PM
Subject: RE: [Full-disclosure] Possible
There is a section in RCP-Tcp Properties on the server under Environment for
Do not allow an initial program to be launched. Always show the desktop.
- Original Message -
From: wicked clown
To: Full-Disclosure@lists.grok.org.uk
Sent: Friday, March 26, 2010 5:04 AM
Subject:
).
-
The Hinky Dink Top 10 Koobface Infested Shitholes Report Reveals Where Web
2.0's Most PWN3D Users Live
Columbus, Ohio – March 22, 2010 – Mr. Hinky Dink, a Big Time Security
Professional™ today released an analysis of the spread of the Koobface worm.
Based on an exhaustive study of his database
Today I ran across this article...
http://www.nst.com.my/Current_News/NST/articles/20100320160620/Article/index_html
... in which it is noted that Kaspersky Labs recently discovered the
resurgence of the malicious programme (Koobface) and sounded the alarm.
Gentlemen, I beg to differ.
I first
Absolutely you are correct, but if you check the blog there are further
references up to last Friday. It was a tremendous, jaw-dropping flood of
Kooberz proxies the last two weeks. And it's still coming.
The point is us Little Guys are paying attention, too. And sometimes we
catch this
23 matches
Mail list logo
