Veille Technologique Sécurité - cert devoteam

More documents

Recommendations

Info

Avril 2001 02/04/01 06:43a 0 yay.txt 13 File(s) 78,643,522 bytes 1,690,861,056 bytes free 1,690,861,056 bytes free C:\>dir (Résultats identiques - Aucun changement) C:\>dir' The name specified is not recognized as an internal or external command, operable program or batchfile. C:\>dir (Résultats identiques - Aucun changement) C:\>cat yay The name specified is not recognized as an internal or external command, operable program or batchfile. C:\>type yay. The system cannot find the file specified. C:\>type yay.txt C:\>net session System error 5 has occurred. Access is denied. C:\>net users User accounts for \\ --------------------------------------------------- Administrator Guest IUSR_KENNY IWAM_KENNY The command completed with one or more errors. C:\>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p 0 CONFIG.SYS 12/26/00 07:36p exploits 12/07/00 03:30p InetPub 12/07/00 03:12p Multimedia Files 12/26/00 07:10p New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p Program Files 12/21/00 08:59p TEMP 02/04/01 06:46a WINNT 12/26/00 07:09p wiretrip 02/04/01 06:43a 0 yay.txt 02/04/01 06:46a 38 yay2.txt 14 File(s) 78,643,560 bytes 1,690,861,056 bytes free C:\>type yay2.txt There are no entries in the list. C:\>del yay2.txt del yay2.txt C:\>net session >>yay3.txt System error 5 has occurred. Access is denied. C:\>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p 0 CONFIG.SYS 12/26/00 07:36p exploits 12/07/00 03:30p InetPub 12/07/00 03:12p Multimedia Files 12/26/00 07:10p New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p Program Files 12/21/00 08:59p TEMP 02/04/01 06:46a WINNT 12/26/00 07:09p wiretrip 02/04/01 06:43a 0 yay.txt 02/04/01 06:48a 0 yay3.txt 14 File(s) 78,643,522 bytes 1,690,861,056 bytes free C:\>del yay& * Could Not Find C:\yay The name specified is not recognized as an internal or external command, operable program or batchfile. C:\>dir (Résultats identiques - Aucun changement) C:\>del yay* The process cannot access the file because it is being used by another process. C:\>del yay3.txt Could Not Find C:\yay3.txt C:\>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p 0 CONFIG.SYS 12/26/00 07:36p exploits 12/07/00 03:30p InetPub 12/07/00 03:12p Multimedia Files 12/26/00 07:10p New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p Program Files 12/21/00 08:59p TEMP 02/04/01 06:46a WINNT 12/26/00 07:09p wiretrip 02/04/01 06:43a 0 yay.txt 13 File(s) 78,643,522 bytes 1,690,861,056 bytes free C:\>dir (Résultats identiques - Aucun changement) C:\>yuper The name specified is not recognized as an internal or external command, operable program or batch file. C:\>type heh.txt User accounts for \\ --------------------------------------------------- Administrator Guest IUSR_KENNY IWAM_KENNY The command completed with one or more errors. C:\>del heh.txt C:\>cd program files C:\Program Files>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\Program Files 12/21/00 08:59p . 12/21/00 08:59p .. 12/07/00 03:11p Common Files 12/21/00 08:59p D4 12/07/00 03:23p ICW-Internet Connection 12/07/00 03:37p Microsoft FrontPage 12/07/00 03:34p Mts 12/07/00 03:23p Outlook Express 11/26/00 06:42p Plus! 12/16/00 06:54p Syslogd 11/26/00 06:56p Windows NT 11 File(s) 0 bytes 1,690,861,056 bytes free C:\Program Files>cd .. C:\dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p 0 CONFIG.SYS 12/26/00 07:36p exploits 12/07/00 03:30p InetPub 12/07/00 03:12p Multimedia Files 12/26/00 07:10p New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p Program Files 12/21/00 08:59p TEMP 02/04/01 06:48a WINNT 12/26/00 07:09p wiretrip 02/04/01 06:43a 0 yay.txt 13 File(s) 78,643,522 bytes 1,690,861,056 bytes free C:\>echo Hi, i know that this a is a lab server, but patch the holes! :-) >>README.NOW.Hax0r echo Hi, i know that this a is a lab server, but patch the holes! :-) >>README.NOW.Hax0r C:\>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p 0 CONFIG.SYS 12/26/00 07:36p exploits 12/07/00 03:30p InetPub 12/07/00 03:12p Multimedia Files Veille Technologique Sécurité N°33 Page 50/59 © APOGEE Communications - Tous droits réservés Diffusion restreinte aux clients abonnés aux services VTS-RAPPORT et VTS-ENTREPRISE
Avril 2001 12/26/00 07:10p New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p Program Files 02/04/01 06:49a 69 README.NOW.Hax0r 12/21/00 08:59p TEMP 02/04/01 06:48a WINNT 12/26/00 07:09p wiretrip 02/04/01 06:43a 0 yay.txt 14 File(s) 78,643,591 bytes 1,690,861,056 bytes free C:\>dir (Résultats identiques - Aucun changement) C:\>net group Group Accounts for \\ --------------------------------------------------- *Domain Admins *Domain Guests *Domain Users The command completed with one or more errors. C:\>net localgroup System error 1312 has occurred. A specified logon session does not exist.It may already have been terminated. C:\>net group domaine admins The syntax of this command is: NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN] groupname {/ADD [/COMMENT:"text"] | /DELETE [/DOMAIN] groupname username [...] {/ADD | /DELETE} [/DOMAIN] C:\> [Anet group /? The name specified is not recognized as an internal or external command, operable program or batch ile. C:\>net group ?? The syntax of this command is: NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN] groupname {/ADD [/COMMENT:"text"] | /DELETE [/DOMAIN] groupname username [...] {/ADD | /DELETE} [/DOMAIN] C:\>net group /? (Résultats identiques - Aucun changement) C:\>net group Group Accounts for \\ --------------------------------------------------- *Domain Admins *Domain Guests *Domain Users The command completed with one or more errors. C:\>net localgroup System error 1312 has occurred. A specified logon session does not exist. It may already have been terminated. C:\>net localgroup /domain admins (Résultats identiques - Aucun changement) C:\>net localgroup domain admins The syntax of this command is: NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN] groupname {/ADD [/COMMENT:"text"] | /DELETE [/DOMAIN] groupname username [...] {/ADD | /DELETE} [/DOMAIN] C:\>net users User accounts for \\ --------------------------------------------------- Administrator Guest IUSR_KENNY IWAM_KENNY The command completed with one or more errors. C:\>net session System error 5 has occurred. Access is denied. C:\> [A [A [Anet localgroup domain admins The name specified is not recognized as an internal or external command, operable program or batch file. C:\>net group domain admins The syntax of this command is: NET GROUP [groupname [/COMMENT:"text"]] [/DOMAIN] groupname {/ADD [/COMMENT:"text"] | /DELETE [/DOMAIN] groupname username [...] {/ADD | /DELETE} [/DOMAIN] C:\>net localgroup administrators Alias name administrators Comment Members can fully administer the computer/domain Members --------------------------------------------------- Administrator Domain Admins The command completed successfully. C:\> [Anet localgroup administrators The name specified is not recognized as an internal or external command, operable program or batchfile. C:\>net localgroup administrators Alias name administrators Comment Members can fully administer the computer/domain Members --------------------------------------------------- Administrator Domain Admins IUSR_KENNY IWAM_KENNY The command completed successfully. C:\>net session System error 5 has occurred. Access is denied. C:\>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\ 11/26/00 12:34p 0 AUTOEXEC.BAT 11/26/00 06:57p 322 boot.ini 11/26/00 12:34p 0 CONFIG.SYS 12/26/00 07:36p exploits 12/07/00 03:30p InetPub 12/07/00 03:12p Multimedia Files 12/26/00 07:10p New Folder 01/26/01 02:10p 78,643,200 pagefile.sys 12/21/00 08:59p Program Files 02/04/01 06:49a 69 README.NOW.Hax0r 12/21/00 08:59p TEMP 02/04/01 06:55a WINNT 12/26/00 07:09p wiretrip 02/04/01 06:43a 0 yay.txt 14 File(s) 78,643,591 bytes 1,690,852,864 bytes free C:\>cd program files C:\Program Files>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\Program Files 12/21/00 08:59p . 12/21/00 08:59p .. 12/07/00 03:11p Common Files 12/21/00 08:59p D4 12/07/00 03:23p ICW-Internet Connection 12/07/00 03:37p Microsoft FrontPage 12/07/00 03:34p Mts 12/07/00 03:23p Outlook Express 11/26/00 06:42p Plus! 12/16/00 06:54p Syslogd 11/26/00 06:56p Windows NT 11 File(s) 0 bytes 1,690,852,864 bytes free C:\Program Files>cd common files C:\Program Files\Common Files>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\Program Files\Common Files 12/07/00 03:11p . 12/07/00 03:11p .. 12/07/00 03:23p Microsoft Shared 12/07/00 03:35p ODBC 12/07/00 03:23p Services 12/07/00 03:23p System 6 File(s) 0 bytes 1,690,852,864 bytes free C:\Program Files\Common Files>cd obdc The system cannot find the path specified. C:\Program Files\Common Files>dir (Résultats identiques - Aucun changement) C:\Program Files\Common Files>cd microsoft shadr red The filename, directory name, or volume label syntax is incorrect. C:\Program Files\Common Files>cd microsoft shared C:\Program Files\Common Files\Microsoft Shared>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Directory of C:\Program … 12/07/00 03:23p . 12/07/00 03:23p .. 12/07/00 03:23p Stationery 12/07/00 03:09p TextConv 4 File(s) 0 bytes 1,690,852,864 bytes free C:\Program Files\Common Files\Microsoft Shared>cd .. C:\Program Files\Common Files>cd odbc C:\Program Files\Common Files\ODBC>dir Volume in drive C has no label. Volume Serial Number is 8403-6A0E Veille Technologique Sécurité N°33 Page 51/59 © APOGEE Communications - Tous droits réservés Diffusion restreinte aux clients abonnés aux services VTS-RAPPORT et VTS-ENTREPRISE
Page 1 and 2: APOGEE Communications Rapport de Ve
Page 3 and 4: Avril 2001 MICROSOFT 27 NCM 27 NETS
Page 5 and 6: Avril 2001 LES PRODUITS TELEPHONIE
Page 7 and 8: Avril 2001 LES TECHNOLOGIES SYSTEME
Page 9 and 10: Avril 2001 LES INFORMATIONS CERT IN
Page 11 and 12: Avril 2001 technologiques avec des
Page 13 and 14: Avril 2001 LES SERVICES DE BASE LOG
Page 15 and 16: Avril 2001 NORMES ET STANDARDS LES
Page 17 and 18: Avril 2001 Thème Nom du Draft Date
Page 19 and 20: Avril 2001 SIP draft-ietf-simple-im
Page 21 and 22: Avril 2001 IPv6, en l'absence d'une
Page 23 and 24: Avril 2001 FORMAT DE LA PRESENTATIO
Page 25 and 26: Avril 2001 Déni de service sur les
Page 27 and 28: Avril 2001 MICROSOFT Débordement d
Page 29 and 30: Avril 2001 WATCHGUARD Déni de serv
Page 31 and 32: Avril 2001 PGP Exposition de clé p
Page 33 and 34: Avril 2001 Reprise de l'avis CERT C
Page 35 and 36: Avril 2001 OpenBSD Disponibilité d
Page 37 and 38: Avril 2001 LINUX REDHAT Annonce de
Page 39 and 40: Avril 2001 MS00-098 Indexing Servic
Page 41 and 42: Avril 2001 y a quelques années ave
Page 43 and 44: Avril 2001 GET /guest/default.asp/.
Page 45 and 46: Avril 2001 Une synthèse commentée
Page 47 and 48: Avril 2001 NC 6969 3149 3163 'del s
Page 49: Avril 2001 Microsoft(R) Windows NT(
Page 53 and 54: Avril 2001 C:\Program Files\Common
Page 55 and 56: Avril 2001 12/15/00 07:05p 673 lrfp
Page 57 and 58: Avril 2001 11/26/00 12:34p 0 AUTOEX
Page 59: Avril 2001 Conclusion 1. Deux vague

Veille Technologique Sécurité - cert devoteam

Create successful ePaper yourself

Delete template?

Save as template?