fun with the web and security
Bill Stewart
stewarts at ix.netcom.com
Thu Feb 29 13:50:42 PST 1996
At 06:38 PM 2/27/96 -0800, you wrote:
>Here's a fun way to exploit security holes via the web:
> http://www.cs.berkeley.edu/~daw/js1.html
>A rough representation of its contents follow.
Well, that was amusing. (It gophered to localhost:25 and sent
some mail and attempted to exploit a traditional sendmail bug.)
I was wondering what would happen, since I'm behind a firewall
and don't _have_ an SMTP listener on port 25, nor does my PC really
do localhost in any useful manner. What happened, of course,
was that Netscape used my proxy settings for gopher,
sent the request to the firewall, and tried to connect to localhost:25 there;
it answered, accepted some mail for delivery, then
503 Need MAIL before RCPT
503 Need MAIL command
500 Command unrecognized
... many of these
500 Command unrecognized
501 Syntax error in parameters scanning "root at localhost"
500 Command unrecognized
500 Command unrecognized
500 Command unrecognized
221 [MY PROXY MACHINE'S NAME]. closing connection
Good stuff. (And I assume the proxy server had the debug hole blocked...)
#--
# Thanks; Bill
# Bill Stewart, stewarts at ix.netcom.com / billstewart at attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs Pager +1-408-787-1281
More information about the cypherpunks-legacy
mailing list