[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <122827b9050609011814b71f13@mail.gmail.com>
Date: Thu Jun 9 09:19:01 2005
From: stan.bubrouski at gmail.com (Stan Bubrouski)
Subject: Microsoft Windows and *nix Telnet Port Number
Argument Obfuscation
>From the charter:
"Any information pertaining to vulnerabilities is acceptable, for
instance announcement and discussion thereof, exploit techniques and
code, related tools and papers, and other useful information."
Clearly this thread started as "useful information" as many people pointed out.
Also from the charter:
"Humour is acceptable in moderation, providing it is inoffensive.
Politics should be avoided at all costs."
So Nick maybe you should read the charter before flaming someone who
posted useful information?
-sb
On 6/7/05, Nick FitzGerald <nick@...us-l.demon.co.uk> wrote:
> Kristian Hermansen wrote:
>
> > The second argument to the telnet executable, the port number, does not
> > need to conform to the standard available port conventions (ie.
> > 0-65535). It is actually possible to specify a port number very far out
> > of the effective range, and still be able to connect to the "wrapped"
> > port value. On Windows, it is even possible to specify negative port
> > values. Following is a short demonstration:
>
> Did you come down in the last shower?
>
> This has been known since Adam was a cowboy.
>
> On some OSes and depending on the tool parsing the cmdline, you can
> also do similar things with octets within dotted IPs and other similar,
> funky stuff.
>
> Oh, and did you think to play around with expressing some of the values
> in hex? Or even weirder, octal?
>
> At least you note it is not a vulnerability -- I guess there is some
> hope after all...
>
>
> Regards,
>
> Nick FitzGerald
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
Powered by blists - more mailing lists