Maries Sig

08/20/2005 05:09 Nx�#1

Quote:

[nlro.net]: FTP-Password "ftp/[Blank]"
[nlro.net]: FTP-Password "anonymous/123456"
[nlro.net]: 80/tcp - Checks for Apache <= 1.3.33
[nlro.net]: 80/tcp - Crash the remote HTTP service
[nlro.net]: 80/tcp - Bad HTTP request
[nlro.net]: tcp - Performs a name resolution
[nlro.net]: 21/tcp - FTP Server type and version
[nlro.net]: 21/tcp - FTP server can be bounced
[nlro.net]: 21/tcp - FTP server accepts anonymous logins
[nlro.net]: 80/tcp - IIS buffer overflow
[nlro.net]: 80/tcp - Denial of service against IIS
[nlro.net]: 21/tcp - Crashes an IIS ftp server
[nlro.net]: 3306/tcp - MySQL Server version
[nlro.net]: 80/tcp - Web server buffer overflow
[nlro.net]: 80/tcp - Oracle9iAS buffer overflow
[nlro.net]: 80/tcp - Checks for version of PHP
[nlro.net]: 80/tcp - Checks for version of PHP
[nlro.net]: tcp - Determines the remote operating system
[nlro.net]: icmp - Ping target with Record Route option
[nlro.net]: 22/tcp - SSH Server type and version
[nlro.net]: 22/tcp - Negotiate SSHd connections
[nlro.net]: 110/tcp - Look for potential trojan horses
[nlro.net]: 22/tcp - Negotiate SSHd connections
[nlro.net]: 21/tcp - Tries to CRASH VxWorks ftpd server with CEL overflow
[nlro.net]: 80/tcp - crashes the remote proxy
[nlro.net]: 80/tcp - WebLogic Server DoS
[nlro.net]: 80/tcp - Kills Apache Tomcat by reading 1000+ times a MS/DOS device through the servlet
[nlro.net]: 80/tcp - Too long HTTP header kills WebSphere
[nlro.net]: 80/tcp - Crashes Xeneo web server with /%A or /%
[nlro.net]: 80/tcp - Too long HTTP 1.0 header kills the web server
[nlro.net]: 80/tcp - Infinite HTTP request kills the web server
[nlro.net]: udp - traceroute
[nlro.net]: 80/tcp - Too long HTTP 1.1 header kills the web server
[nlro.net]: 80/tcp - Too big Cookie chokes the web server

etwa nicht?

Quote:

What do we know now? Private Server can't even effort any security. Pitty. (This is a vuln log, not a hacked one ;p)

naa, immer noch nicht? gut, ich auch net :D

08/20/2005 10:38 apple#2

da war marie mal b�se :D
und hat nen webserve/FTP Gecrasht D:

Was nen buffer overlow ist weisste oder?

und das Crash knan man auch eindeutig lesen
und welcher server das war sieht man auch

mich w�rd nur interessiere
was f�rn tool das war :D

08/21/2005 14:20 C0rnh0lio#3

Marie, wie b�se du bist :D

08/30/2005 18:02 Maybe It's Maybelline#4

Es sind nur etwa 1/6 exploits die nlro hat, ich hab nichts abused bzw gecrasht :rolleyes:

[nlro.net]: FTP-Password "ftp/[Blank]" //FTP Passwort
[nlro.net]: FTP-Password "anonymous/123456" //FTP Passwort
[nlro.net]: 80/tcp - Checks for Apache <= 1.3.33 //Apache version l�sst sich abfragen
[nlro.net]: 80/tcp - Crash the remote HTTP service //Apache L�sst sich crashen
[nlro.net]: 80/tcp - Bad HTTP request + Durch einen komischen http request
[nlro.net]: 21/tcp - FTP Server type and version //die FTP version und typ l�sst sich abfragen
[nlro.net]: 21/tcp - FTP server can be bounced //FTP server is bounce able
[nlro.net]: 21/tcp - FTP server accepts anonymous logins //FTP server akzeptiert anonymous connections
[nlro.net]: 80/tcp - IIS buffer overflow //IIS buffer overflow
[nlro.net]: 80/tcp - Denial of service against IIS //IIS DoS'ing
[nlro.net]: 21/tcp - Crashes an IIS ftp server //IIS FTP server l�sst sich crashen
[nlro.net]: 3306/tcp - MySQL Server version //MySQL version abfragbar
[nlro.net]: 80/tcp - Web server buffer overflow // Apache hatt nen buffer overflow
[nlro.net]: 80/tcp - Oracle9iAS buffer overflow // Overflow
[nlro.net]: 80/tcp - Checks for version of PHP //PHP version abfragbar
[nlro.net]: tcp - Determines the remote operating system //OS version abfragbar
[nlro.net]: 22/tcp - SSH Server type and version //SSH typ und version l�sst sich abfrageb
[nlro.net]: 22/tcp - Negotiate SSHd connections //SSHd Connection wird weitergeleitet
[nlro.net]: 110/tcp - Look for potential trojan horses //Potenzielle trojaner
[nlro.net]: 22/tcp - Negotiate SSHd connections -
[nlro.net]: 21/tcp - Tries to CRASH VxWorks ftpd server with CEL overflow //VxWorks ftpd server is mit dem CEL overflow crashbar
[nlro.net]: 80/tcp - crashes the remote proxy //Proxy ist crashbar
[nlro.net]: 80/tcp - WebLogic Server DoS //WebLogic l�sst sich dos'en
[nlro.net]: 80/tcp - Kills Apache Tomcat by reading 1000+ times a MS/DOS device through the servlet //Tomcat l�sst sich killen
[nlro.net]: 80/tcp - Too long HTTP header kills WebSphere //Zu lange http header killen den server
[nlro.net]: 80/tcp - Crashes Xeneo web server with /%A or /% //server l�sst sich crashen mit /%A oder /%
[nlro.net]: 80/tcp - Too long HTTP 1.0 header kills the web server //zu lange http header killen de nwebserver
[nlro.net]: 80/tcp - Infinite HTTP request kills the web server // Unendlich http request killen den webserver
[nlro.net]: udp - traceroute
[nlro.net]: 80/tcp - Too long HTTP 1.1 header kills the web server -
[nlro.net]: 80/tcp - Too big Cookie chokes the web server // Zu gro�e cookies st�rren die enconemy des webserver.

Und was das ist? Das sind Nessus Attack Scripts, die sollte doch jeder kennen :rolleyes: