|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Russ McRee (holisticinfosec
gmail.com)
Date: Mon Feb 08 2010 - 14:27:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Directory traversal as a reconnaissance tool
http://holisticinfosec.blogspot.com/2010/02/directory-traversal-as-reconnaisance.html
Like most of you, I find malicious or fraudulent online advertisers
annoying to say the least.
My typical response, upon receipt of rogue AV pop-ups, or redirects to
clearly fraudulent sites, is to "closely scrutinize" the perpetrating
site.
This effort often bears fruit as is evident in the following analysis.
My interest was recently peaked when being made aware of a number of
related sites committing abuse against a variety of brands; all quite
clearly in violation of copyrights and trademarks.
An example, for your consideration: messenger-download.info
After a little exploration it was quickly determined that these
cretins seek only to con victims out of credit card data with the
promise of illegal downloads for a fee.
Apparently these dbags have been at it for awhile.
They make it look like you're going to receive access to a legitimate
offering then they suck you in to freedownloadzone.com.
This, of course, pissed me off, so...off to the races.
A poke here, a tickle there, and voila.../etc/passwd...
--
Russ McRee
GCIH, GPEN, GCFA, CISSP
425-518-6998 cell
http://holisticinfosec.org
http://blog.holisticinfosec.org
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]