Penetration Testing mailing list archives
Re:
From: Yiannis Koukouras <ikoukouras () gmail com>
Date: Tue, 28 Jul 2009 19:38:51 +0300
well...it does not change at all.... I get the <Alisse></Alisse> string and then I get no reply at all no matter what I send to it. Ioannis (Yiannis) Koukouras CISSP, CISA, CISM MSc in Computer Systems Security BEng in Electronic Engineering http://www.linkedin.com/in/ikoukouras --- The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify the sender immediately by responding to this email and then delete it from your system. On Tue, Jul 28, 2009 at 7:04 PM, gnix<gnixmail () gmail com> wrote:
Yes, probably that reply is generated by a web service. I suggest you to work on what does that reply mean. For example, try to figure out if that reply changes or not and eventually try to understand how it changes. gnix On Mon, Jul 27, 2009 at 5:43 AM, Yiannis Koukouras <ikoukouras () gmail com> wrote:Hello all, During a black box pentest, I found port 9025 open on a system and when I connected with nc I got the following reply (follow link to view the reply as it is in non ASCII format): http://pastebin.ca/1494670 Do you think this is a web service listener or something like that? The tags indicate that tha this has something to do with XML. Nevertheless, it does not respond to any input.... I am open to ideas... Thnx, Ioannis (Yiannis) Koukouras ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Yiannis Koukouras (Jul 28)