the first email from simon asking about where i work following a succesful troll of some random kiddie....<br><br><div class="gmail_quote">On Oct 31, 2007 4:37 PM, Simon Smith <<a href="mailto:simon@snosoft.com">simon@snosoft.com
</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: SHA1<br><br>Reepex,<br> What company are you with? I'm actually interested in finding infosec
<br>companies that perform real work as opposed to doing everything<br>automated. Nice to hear that you're a real tester.<br><br> With respect to your question, doesn't msf3 have some of that<br>functionality already built into it? Have you already hit all their
<br>web-apps?<br><div><div></div><div class="Wj3C7c"><br>reepex wrote:<br>> resulting to se in a pen test cuz you cant break any of the actual machines?<br>><br>> lulz<br>><br>> On 10/31/07, Joshua Tagnore <
<a href="mailto:joshua.tagnore@gmail.com">joshua.tagnore@gmail.com</a>> wrote:<br>>> List,<br>>><br>>> Some time ago I remember that someone posted a PoC of a small site that<br>>> had a really nice looking flash animation that "performed a virus scan" and
<br>>> after the "virus scan" was finished, the user was prompted for a "Download<br>>> virus fix?" question. After that, of course, a file is sent to the user and<br>>> he got infected with some malware. Right now I'm performing a penetration
<br>>> test, and I would like to target some of the users of the corporate LAN, so<br>>> I think this approach is the best in order to penetrate to the LAN.<br>>><br>>> I searched google but failed to find the URL, could someone send it to
<br>>> me ? Thanks!<br>>><br>>> Cheers,<br>>> --<br>>> Joshua Tagnore<br>>> _______________________________________________<br>>> Full-Disclosure - We believe in it.<br>>> Charter:
<br>>> <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html</a><br>>> Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">
http://secunia.com/</a><br>>><br>><br>> _______________________________________________<br>> Full-Disclosure - We believe in it.<br>> Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>> Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br><br><br></div></div>- --<br><br>- - simon<br><br>
- ----------------------<br><a href="http://www.snosoft.com" target="_blank">http://www.snosoft.com</a><br><br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.5 (Darwin)<br><br>iD8DBQFHKQOLf3Elv1PhzXgRAo+EAJwJ0eI/2XkWBxMWalEBNSYkYh+YqQCgh49q
<br>XaNATfPu4PAuP8vnVF8/eyw=<br>=yy5T<br>-----END PGP SIGNATURE-----<br></blockquote></div><br>