Meeting: 2007.07.25 0x000a

Our eleventh technical meeting will be held July 25th, 2007, from 7pm to 9pm, in a meeting room at Mangia. Mangia is located at 8012 Mesa Dr, Austin, Texas (map).

Food and drinks are permissible at the meeting, provided you purchase said food and drink from Mangia.

Speaker Notes


I spoke briefly about the (mostly) finished RTP steganography tool that I was brainstorming on a few meetings ago. I'll be releasing the tool at DEFCON on August 4th which will be available at it's Sourceforge project page. Slides from the full presentation will also be released at the same time at the locations below.

Slides: HTML | PDF | Flash


My talk was about using Non-HTTP attack vectors for XSS attacks against the administrative interfaces of multiple networking devices. The DNS and Telnet protocols were discussed and shown in examples. After starting with some basic XSS, a persistent XSS attack that creates a fully priviledged user is shown.

Due to the unpatched status of these bugs, slides will not be provided.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-Share Alike 2.5 License.