On Mon, 9 Dec 2013 10:55:29 -0800 Phil Smith <[email protected]> wrote:
:>One of our folks sent me this YouTube video of a presentation from BayThreat. Metasploit allegedly used to compromise a z/OS machine. Looks like it uses ftp and a legit user credential to maybe escalate privileges, but not clear. No sound on the video (~ 3 mins). :>http://www.youtube.com/watch?v=hTfgFSbvkHU :>Thoughts? I suspect this is either BS or is based on a vanilla system with no ESM. Don't see the exploit. He has a userid/password, and submits a job that listens. No big deal. -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel Should you use the mailblocks package and expect a response from me, you should preauthorize the dissensoftware.com domain. I very rarely bother responding to challenge/response systems, especially those from irresponsible companies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
