Hosting Provided By

Re: Net:telnet exploit

From: Dave Aitel <dave(at)immunitysec.com>
Date: Mon Mar 24 2003 - 11:36:37 EST

If you read the telnet protocol's RFC you might see where they mention how FF is a control character of some sort, or something. So to send one \xFF you need to escape it with another \xFF, which is being automatically done for you.

Try sending your requests raw rather than through a telnet protocol handler.

Dave Aitel
Recruitment and Training
Immunity, Inc.
http://www.immunitysec.com/CANVAS/ "Hack like you were in the movies."

On Sun, 23 Mar 2003 11:36:34 -0000
"Gary O'leary-Steele" <garyo@sec-1.com> wrote:

> Hello all,

top spam and e-mail risk at the gateway. SurfControl E-mail Filter puts the brakes on spam & viruses and gives you the reports to prove it. See exactly how much junk never even makes it in the door. Free 30-day trial: http://www.surfcontrol.com/go/zsfptl1 Received on Mon Mar 24 14:01:30 2003

This message: [ Message body ]
Next message: marcog(at)nettaxi.com: "WebApplication assessment issue"
Previous message: Alfred Huger: "Post break-in forensics"
In reply to Gary O'leary-Steele: "Net:telnet exploit"
Next in thread: Gerardo Richarte: "Re: Net:telnet exploit"
Reply: Gerardo Richarte: "Re: Net:telnet exploit"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:34 EDT

Do you need help?