Email address | private |
---|---|
First Active | 2005-03-24 |
Last Active | 2006-01-21 |
Small write up discussing reverse proxy cross site scripting.
eae37617973a2892bf4ac789d799e0b8a3209e0ea2ccda63640fab3a48f15ca5
The default POP3 server installed on iSeries boxes allows for username enumeration. This PDF contains a table converting POP3 login errorcodes to their actual meanings.
4d267c5719f82f3364c7ebc3a98ea3abbcbf5823e3324094c48771565765e12e
AS/400 servers suffer from a user account disclosure flaw due to a symbolic link vulnerability.
56f7a4240acf2236ffb5d2182829895933929bdd93a94c2baa3c1456bf52cfc0
A reverse shell can be obtained using netcat on an AS/400 with PASE installed.
9e78ffcdd03fc9efdee0e3b370eea2d426fcdbb31edeaa8a406ac70e72a9221d
The LDAP service on an iSeries server can be used to enumerate the AS400 user profiles.
c2b8bdaf2439c1b48e6be48182c9ebeacfaefa836bef1783fbc6e7ad751c62b1
Attacking PC based 5250 terminal emulations from an iSeries server. Paper describing how insertion of commands inside an AS/400 application allows them to be executed as a command on the connected PC.
217d0c1b9f177df1e380748a230cda90e51eeffaca5ecf0c5331199b95d7e20e