Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] How to become a Computer Security Professional ?

from [XSS Worm XSS Security Information Portal] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] How to become a Computer Security Professional ?
Date: Mon, 19 Nov 2007 18:43:37 +1100 
#!/bin/sh

# 0day exploit for Paul Schmehl
# based on information provided by Paul Schmehl
# pauls@utdallas.edu
#

echo pauls > /hack/edu/utdallas.edu/known.addresses

googledump.pl --email-addresses --context-links  --referers --extended-links
-keywords "Paul","Schmehl","utdallas.edu", "pauls@", "pauls@utdallas","
paul.schmehl@" --verbose

socialgrab.pl --known-address "pauls@utdallas.edu" --real-name "Paul
Schmehl" --tags=security,hacking,utdallas,vulnerability
--search=facebook,youtube,live,myspace,igoogle,yahoo,netvouz,rojo,digg,bebo,ebay,blogger,wordpress
--verbose --dump-links

infopull.pl --pgp-search --whois --domaintools --usenet --trackers --irclog
--mirrors --listserv --known-addresses="pauls@utdallas.edu"

echo "Paul Schmehl" >> /hack/TO-DO/pauls.at.utdallas.dot.edu

# http://xssworm.com





On 11/19/07, Paul Schmehl <pauls@utdallas.edu> wrote:


--On November 19, 2007 3:34:23 AM +0000 worried security
<worriedsecurity@googlemail.com> wrote:


The forth most important rule to becoming a security professional,
always use a throw-away e-mail account so it doesn't matter of script
kids hi-jack your e-mail account with the next cross-site scripting
vulnerablity that gets posted to the public mailing lists.


You forgot the most important rule of all.  Pay no heed to bozos who post
anonymously and don't even have a job in security.  Their advice is
usually worth just as much as their reputation.

Paul Schmehl (pauls@utdallas.edu)
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





-- 
Francesco Vaj [CISSP - GIAC]
CSS Security Researcher
mailto:vaj@nospam.xssworm.com
aim: XSS Cross Site
------
XSS Cross Site Scripting Attacks
Web 2.0 Application Security Information Blog (tm) 2007
http://www.XSSworm.com/
------
"Vaj, bella vaj."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] n3td3v denounces the actions of www.derangedsecurity.com, XSS Worm XSS Security Information Portal
Next by Date:  [Full-disclosure] [ MDKSA-2007:225 ] - Updated net-snmp packages fix remote denial of service vulnerability, security
Previous by Thread:  Re: [Full-disclosure] so gay huh?, rchrafe
Next by Thread:  Re: [Full-disclosure] How to become a Computer Security Professional ?, rchrafe
Indexes:  [Date] [Thread] [Top] [All Lists]