Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] How to become a Computer Security Professional ?

from [rchrafe] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] How to become a Computer Security Professional ?
Date: Tue, 20 Nov 2007 07:49:20 +0100 
XSS Worm XSS Security Information Portal wrote:

#!/bin/sh

# 0day exploit for Paul Schmehl
# based on information provided by Paul Schmehl
# pauls@utdallas.edu <mailto:pauls@utdallas.edu>
#

echo pauls > /hack/edu/utdallas.edu/known.addresses

googledump.pl --email-addresses --context-links 
 --referers --extended-links -keywords "Paul","Schmehl","utdallas.edu 
<http://utdallas.edu>", "pauls@", "pauls@utdallas 
","paul.schmehl@" --verbose 

socialgrab.pl --known-address "pauls@utdallas.edu 
<mailto:pauls@utdallas.edu>" --real-name "Paul Schmehl" 
--tags=security,hacking,utdallas,vulnerability 
--search=facebook,youtube,live,myspace,igoogle,yahoo,netvouz,rojo,digg,bebo,ebay,blogger,wordpress
 
--verbose --dump-links

infopull.pl --pgp-search --whois --domaintools --usenet --trackers 
--irclog --mirrors --listserv --known-addresses="pauls@utdallas.edu 
<mailto:pauls@utdallas.edu>"

echo "Paul Schmehl" >> /hack/TO-DO/pauls.at.utdallas.dot.edu

# http://xssworm.com

HAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAAHAHAHAHAHAHAHHAA
 







On 11/19/07, *Paul Schmehl* <pauls@utdallas.edu 
<mailto:pauls@utdallas.edu>> wrote:

    --On November 19, 2007 3:34:23 AM +0000 worried security
    <worriedsecurity@googlemail.com
    <mailto:worriedsecurity@googlemail.com>> wrote:
    >
    > The forth most important rule to becoming a security professional,
    > always use a throw-away e-mail account so it doesn't matter of
    script
    > kids hi-jack your e-mail account with the next cross-site scripting
    > vulnerablity that gets posted to the public mailing lists.
    >
    You forgot the most important rule of all.  Pay no heed to bozos
    who post
    anonymously and don't even have a job in security.  Their advice is
    usually worth just as much as their reputation.

    Paul Schmehl ( pauls@utdallas.edu <mailto:pauls@utdallas.edu>)
    Senior Information Security Analyst
    The University of Texas at Dallas
    http://www.utdallas.edu/ir/security/
    <http://www.utdallas.edu/ir/security/>

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    <http://lists.grok.org.uk/full-disclosure-charter.html>
    Hosted and sponsored by Secunia - http://secunia.com/




-- 
Francesco Vaj [CISSP - GIAC]
CSS Security Researcher
mailto: vaj@nospam.xssworm.com <mailto:vaj@nospam.xssworm.com>
aim: XSS Cross Site
------
XSS Cross Site Scripting Attacks
Web 2.0 Application Security Information Blog (tm) 2007
http://www.XSSworm.com/
------
"Vaj, bella vaj.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] How to become a Computer Security Professional ?, rchrafe
Next by Date:  [Full-disclosure] Large Scale MySpace Phishing Attack, Dancho Danchev
Previous by Thread:  Re: [Full-disclosure] How to become a Computer Security Professional ?, XSS Worm XSS Security Information Portal
Next by Thread:  Re: [Full-disclosure] How to become a Computer Security Professional ?, rchrafe
Indexes:  [Date] [Thread] [Top] [All Lists]