[olug] luser trickery
Brian Roberson
roberson at olug.org
Sat May 18 01:33:06 UTC 2002
Slow Down there! the html page that said "stupid exploit" is exactly that,
a plain text message, There is not an exploit in this AT ALL. This is simply
an example of social engineering, or "smoke and mirrors" if you will. the
issue is that the look of the initial web page makes the in-experienced web
surfer think that the actual content of their c:\ drive is available over
the internet, at which time you would be more than interested into not
making that possible, hence the link to a html page with ( in this case a
harmless text/html page ) some 888 number or pirate software or SOMETHING
other than what is originally being portrayed. If you have something
listening on 666 that you don't know what it is, it was there before you
clicked on the link to look at something I pointed out. I can understand
your concerns thinking that there actually was a real exploit here, however
my point was to get you thinking about what the truth is, look at the actual
HTML/JavaScript code, as that is ALL it is... HTML/JavaScript
----- Original Message -----
From: "Mark Martin" <mmartin at amath.washington.edu>
To: <olug at olug.org>
Sent: Friday, May 17, 2002 4:15 PM
Subject: Re: [olug] luser trickery
> Okay, Brian. For those of us who were naive enough to trust you and
followed
> your link believing that you wouldn't risk damaging our systems and were
> providing a link to a description of an exploit that we should avoid
rather
> than enticing us into compromising our systems with a cryptic "warning",
> would you please explain what the (insert favorite expletive here) you
have
> done to our systems? Galeon showed an almost completely blank page but I
> found an uninvited server listening on the doom port (666) thereafter,
which
> I am guessing came from your exploit. Do those of us who trusted you have
to
> waste more of our lives cleaning up after your joke? Maybe the first
> security lesson to learn from your message is not to trust you.
>
> Also, I'm guessing that "luser" is really "loser". Ha, Ha. I'm a loser.
> Now, can you please tell us slower students what you did so we can stop
> wasting our time and stop worrying about what nefarious code is covertly
> running on our boxes?
>
> Mark
>
> On Friday 17 May 2002 07:00, Mark Martin wrote:
> > Dear Brian,
> >
> > Does this URL point to a description of the exploit or an implementation
of
> > the exploit?
> >
> > Mark
> >
> > On Wednesday 15 May 2002 23:08, Jonathan Warren wrote:
> > > I just had to try it. I got some stupid exploit on my box now. :)
> > >
> > > On Wed, May 15, 2002 at 10:16:58PM -0500, Brian Roberson wrote:
> > > > Sadly enough... people fall for this.. ( dont try it unless you are
> > > > running windoze )
> > > >
> > > >
> > > > http://olug.org/~roberson/windoze/stupid_trick1.php
> > >
>
> -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
> For help contact olug-help at olug.org - run by ezmlm
> to unsubscribe, send mail to olug-unsubscribe at olug.org
> or `mail olug-unsubscribe at olug.org < /dev/null`
> (c)1998-2002 OLUG http://www.olug.org
>
> -_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
>
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
For help contact olug-help at olug.org - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at olug.org
or `mail olug-unsubscribe at olug.org < /dev/null`
(c)1998-2002 OLUG http://www.olug.org
-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_
More information about the OLUG
mailing list