Big hole in dhiraagu internet service....
When you are using dail up..actually..every time u connect.. dhiraagu assigns an ip for u...but we can modify and spoof...if we use a manual setting...so tht means we can get any ip we want..when we change it do dhiraagus proxy server...202.1.201.237 (proxy.dhivehinet.net.mv)..things get mcuh better....
every single request made by each and every internet user goes through this proxy...so if we use tht as an ip.. and capture all the incoming packets your gonna see a lot nice information...
This flaw can be used to do any thing...even u can be www.dhivehinet.net.mv... and sniff there ftp or any password..or be a mail server and log mail passwords..
i have learn this bug from jaa blog and have tested by myself using ethereal...
we can even use msn sniffer...ace pasword sniffer...etc..... to caputre password & conversations
....till last time i checked..dhiraaagu havnt fix this bug .. 3.59 12 nov 2005
soo all ur data can be viewed by almost anyone..heeee
This bug was discoverd by jaa...blog...
http://jaa.technova.com.mv/archives/31-I,-Dhiraagu-proxy-server.html
every single request made by each and every internet user goes through this proxy...so if we use tht as an ip.. and capture all the incoming packets your gonna see a lot nice information...
This flaw can be used to do any thing...even u can be www.dhivehinet.net.mv... and sniff there ftp or any password..or be a mail server and log mail passwords..
i have learn this bug from jaa blog and have tested by myself using ethereal...
we can even use msn sniffer...ace pasword sniffer...etc..... to caputre password & conversations
....till last time i checked..dhiraaagu havnt fix this bug .. 3.59 12 nov 2005
soo all ur data can be viewed by almost anyone..heeee
This bug was discoverd by jaa...blog...
http://jaa.technova.com.mv/archives/31-I,-Dhiraagu-proxy-server.html
0 Comments:
Post a Comment
<< Home