Documents

Web Forum Exploitation Using XKS

Jul. 1 2015 — 9:52 a.m.

1/7
Download
Page 1 from Web Forum Exploitation Using XKS
Web Forum Exploitation using XKEYSCRE 5217 July 2009
Page 2 from Web Forum Exploitation Using XKS
What forum data do we _ _have in I FISA full takei< for U.S. web forum servers under FISA coverage I Passive collection for OCONUS web forum server traffic I Passive collection for individual forum users located OCONUS
Page 3 from Web Forum Exploitation Using XKS
Content - Posts and private messages When FISA is available PINWALE is best for content (large amount of traffic) Time sensitive threats XKEYSCORE may be faster
Page 4 from Web Forum Exploitation Using XKS
All posts/ threads on one forum I HTTP Activity query form - Fingerprints: maiI/WebmaiI/vbulletin/post* - IP address (either): web forum server IP
Page 5 from Web Forum Exploitation Using XKS
All Private Messages for a Forum I HTTP Activity query form - Fingerprints: - IP address (either): web forum server IP
Page 6 from Web Forum Exploitation Using XKS
SysAdmin Activity I CPanek All web forum IP addresses AND Ports for CPaneI (2082 or 2083 or 2086 or 2087) - AdminCP: All web forum IP addresses AND - Application Info - *adminCp*
Page 7 from Web Forum Exploitation Using XKS
Applications Used on Forums I Example: all forum users with MS V2.0 private messages: And