Re: New VNC Attack tutorial

[skarvin <skarvin () gmail com>]

If it is of interest, I post a little proof of concept in my blog:
http://skarvin.blogspot.com

Best reggards!

PD: It's in spanish!

On 6/16/06, leoneri <meister.leoneri () gmail com> wrote:
> I just wonder, what is the change been made after installing TCP/IP patch?
>
> On 6/16/06, Moty Yacov <moty () netvision net il> wrote:
> >
> >
> > Sorry , but I did not see it before .
> > anyway using the scanner without the TCP/IP change it will give you zero
> > results.
> >
> >
> >  ________________________________
> >  From: silent stiletto [mailto:meister.leoneri () gmail com]
> > Sent: Thursday, June 15, 2006 9:20 AM
> > To: moty () netvision net il; pen-test
> >
> > Subject: Re: New VNC Attack tutorial
> >
> >
> > hello, I just joined, and already found something like this.. I kind of
> > little surprised..
> >
> >
> > On 14 Jun 2006 14:05:05 -0000, moty () netvision net il <moty () netvision net il>
> > wrote:
> > > Hi All
> > >
> > > Step by step - Finding un-patched VNC machines
> > >
> > >
> > > http://www.securigo.com/VNC-advisory.htm
> > >
> > >
> > > Useful for penetration tests to check internal client network from
> > outside/inside.
> > >
> > >
> > > Regards
> > >
> > > Moty  (CEH,CISSP,CCSE,CCSA,CCNA,MCSE)
> > >
> > > Penetration tests by Real hackers
> > >
> > > http://www.securigo.com
> > >
> > >
> > ------------------------------------------------------------------------------
> > > This List Sponsored by: Cenzic
> > >
> > > Concerned about Web Application Security?
> > > Why not go with the #1 solution - Cenzic, the only one to win the
> > Analyst's
> > > Choice Award from eWeek. As attacks through web applications continue to
> > rise,
> > > you need to proactively protect your applications from hackers. Cenzic has
> > the
> > > most comprehensive solutions to meet your application security penetration
> > > testing and vulnerability management needs. You have an option to go with
> > a
> > > managed service (Cenzic ClickToSecure) or an enterprise software
> > > (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> > > help you: http://www.cenzic.com/news_events/wpappsec.php
> > > And, now for a limited time we can do a FREE audit for you to confirm your
> > > results from other product. Contact us at request () cenzic com for details.
> > >
> > ------------------------------------------------------------------------------
> > >
> > >
> >
> >
>
> ------------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Concerned about Web Application Security?
> Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
> Choice Award from eWeek. As attacks through web applications continue to rise,
> you need to proactively protect your applications from hackers. Cenzic has the
> most comprehensive solutions to meet your application security penetration
> testing and vulnerability management needs. You have an option to go with a
> managed service (Cenzic ClickToSecure) or an enterprise software
> (Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
> help you: http://www.cenzic.com/news_events/wpappsec.php
> And, now for a limited time we can do a FREE audit for you to confirm your
> results from other product. Contact us at request () cenzic com for details.
> ------------------------------------------------------------------------------


--
Un saludo,

Isidro Catalán