a1m fear
accuracy
afextz
africanninjas
aim tempy
aimbionet
aimnymike
airtuh ily
almost tipsy
ambidextrism
atb
azz
Extracting Web Server Information using Telnet / by R a v e N
<===========================================================>
http://blacksun.box.sk
Welcome to yet another BSRF tutorial. This time, I will teach you most basic command in the HTTP protocol, and how it is possible to extract tons of web server information and other pieces of info using this command only and a telnet client.
Okay, you are about to learn what your browser does when you type in, say, blacksun.box.sk. First of all, it connects to blacksun.box.sk on port 80. If there is an answer on the other hand, which means that the port is open (the port is not closed or blocked by any filtering software, such as a firewall) and a TCP session can start, your browser would usually type this:
get url HTTP/1.1
(followed by a blank line)
T H E H A C K E R ‘ S H A N D B O O K
Copyright (c) Hugo Cornwall
All rights reserved
First published in Great Britain in 1985 by Century Communications Ltd
Portland House, 12-13 Greek Street, London W1V 5LE.
International Journal of Network Security & Its Applications (IJNSA), Vol.5, No.4, July 2013
DOI : 10.5121/ijnsa.2013.5402 23
Marc A. Rader1 and Syed (Shawon) M. Rahman2, *
1CapellaUniversity, Minneapolis, MN, USA and Associate Faculty, Cochise CollegeAZ, USA
Mrader3@CapellaUniversity.edu
Associate Professor of Computer Science at the University of Hawaii-Hilo, Hawaii,
USA and Part-time Faculty at Capella University, Minneapolis, USA
*SRahman@hawaii.edu
ABSTRACT
Organizations invest heavily in technical controls for their Information Assurance (IA) infrastructure.
These technical controls mitigate and reduce the risk of damage caused by outsider attacks. Most
organizations rely on training to mitigate and reduce risk of non-technical attacks such as social
engineering. Organizations lump IA training into small modules that personnel typically rush through
because the training programs lack enough depth and creativity to keep a trainee engaged. The key to
retaining knowledge is making the information memorable. This paper describes common and emerging
attack vectors and how to lower and mitigate the associated risks.
KEY WORDS
Security Risks, Phishing, Social Engineering, Cross Site Scripting, Emerging Attack Vectors, DNS poising.
1. INTRODUCTION
Phishing is a social engineering technique that is used to bypass technical controls implemented
to mitigate security risks in information systems. People are the weakest link in any security
program. Phishing capitalizes on this weakness and exploits human nature in order to gain access
to a system or to defraud a person of their assets.
A 19-year-old hacker who published provocative photos of teen queen Miley Cyrus earlier this year was raided by the FBI Monday morning in Murfreesboro, Tennessee.
The hacker, Josh Holly, repeatedly bragged online about breaking into the Disney star’s e-mail account and stealing her photos. He also gave interviews to bloggers and others and boasted that authorities would never find him because he moved so often. [Last month, Holly contacted Threat Level seeking to have an article written about him here.]
But this morning the FBI did find him and, after talking with him for more than an hour about his exploits, served him with a search warrant and a list of items to be seized (which was posted at the hacking site digitalgangster.com after Holly showed it to a friend).








![VooDoo ProgZ [Read Me]](https://i0.wp.com/justinakapaste.com/wp-content/uploads/2014/10/2014-10-01-22_02_29-VooDoo-ProgZ-Notepad.png?fit=601%2C148&ssl=1)