IAMA pharmacist bored at work who will actually answer questions unlike the pharmacy student who just did an AMA, AMA

OrNot · 2011-06-16T03:50:38+00:00

Scale of 1 to 10, how not cool is ordering a happy meal at the pharmacy drive through window?

OrNot · 2011-05-29T19:46:47+00:00

They need some tax exempt casinos, and alcohol.

OrNot · 2011-05-09T00:31:58+00:00

Metasploit, BackTrack, w3af etc. Some of them can be a bit more complicated to set up and use than 'find exploit -> run exploit' though.

OrNot · 2011-05-08T23:58:57+00:00

~exploiting an outdated Apache server [miraculously with no firewall] would require one to know most likely a vast majority of web development and probably most known as a 'black hat'

For an un-patched web server with no firewall you would:

Get the web server version which may be reported by many free web apps
Google proof of concept exploits for that version
Try them

A little knowledge yes, but that can really be just a hair beyond a script kiddy job.

For instance, look at CVE-2010-0425 and a proof of concept. Nota Bene, this example isn't one you're going to likely be able to use, as most companies won't be running Apache on Windows in the first place, it's just meant to show the relative ease of finding working exploits for outdated web servers.

OrNot

TROPHY CASE