.

Anyone know Thomas Wilhelm?

<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Jan 04, 2012 10:34 am

Anyone know Thomas Wilhelm?

Anyone know how to contact Thomas W from heorot.net?

His site is coming up on google as compromised. Any1 care to check it out for themselves? :devil
sectestanalysis.blogspot.com/‎
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Wed Jan 04, 2012 10:44 am

Re: Anyone know Thomas Wilhelm?

I just sent him an email.  Good looking out, SephStorm :)
GSEC, eCPPT, Sec+
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Jan 04, 2012 10:53 am

Re: Anyone know Thomas Wilhelm?

He's a member here (Grendel)

Cheers!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

Triban

User avatar

Hero Member
Hero Member

Posts: 620

Joined: Fri Feb 19, 2010 4:17 pm

Post Wed Jan 04, 2012 12:14 pm

Re: Anyone know Thomas Wilhelm?

Is it hosted on 1and1? :D 
Certs: GCWN
(@)Dewser
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Wed Jan 04, 2012 12:15 pm

Re: Anyone know Thomas Wilhelm?

Yeah, I saw that. Not sure how it's coming to that conclusion.
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Wed Jan 04, 2012 12:19 pm

Re: Anyone know Thomas Wilhelm?

...and if you follow their recommendation to see what the compromise is, it comes back negative.

http://www.google.com/safebrowsing/diag ... heorot.net
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Jan 04, 2012 12:31 pm

Re: Anyone know Thomas Wilhelm?

Not surprising (on the negative,) both because you're on top of things, and because I've seen a few of these reported, lately, on my clients' servers, and have proven otherwise to Google.

Have you pinged Google to have the alert removed, Thomas?

(Edit: I know they can un-flag it, because they did, for my customers)
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Wed Jan 04, 2012 12:36 pm

Re: Anyone know Thomas Wilhelm?

hayabusa wrote:
Have you pinged Google to have the alert removed, Thomas?

(Edit: I know they can un-flag it, because they did, for my customers)


Not yet - I need to still do a full pentest to make sure I'm not missing something. If there is an issue, I'd like to find it. If there is not an issue, I'd like to know for certain. If anyone sees anything, please let me know - thanks!
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Wed Jan 04, 2012 3:28 pm

Re: Anyone know Thomas Wilhelm?

Grendel wrote:
hayabusa wrote:
Have you pinged Google to have the alert removed, Thomas?

(Edit: I know they can un-flag it, because they did, for my customers)


Not yet - I need to still do a full pentest to make sure I'm not missing something. If there is an issue, I'd like to find it. If there is not an issue, I'd like to know for certain. If anyone sees anything, please let me know - thanks!


I guess I can take a look  ;D
I'm an InterN0T'er
<<

SephStorm

User avatar

Hero Member
Hero Member

Posts: 569

Joined: Sat Apr 17, 2010 12:12 pm

Post Wed Jan 04, 2012 3:53 pm

Re: Anyone know Thomas Wilhelm?

Very interesting indeed... thanks for the safebrowsing lookup link. And Grendel, I personally think thats an awesome attitude to have. :)
sectestanalysis.blogspot.com/‎
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Wed Jan 04, 2012 4:32 pm

Re: Anyone know Thomas Wilhelm?

@MaXe - I started looking as well.  So far, didn't see anything (nothing in a basic source code review, as if malware links got planted or anything...)  ;D
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Jan 04, 2012 4:48 pm

Re: Anyone know Thomas Wilhelm?

I went to the home page while logged into my bank in another tab, and all my money got transferred to Tom.

I hope you use that $20 wisely...
The day you stop learning is the day you start becoming obsolete.
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Wed Jan 04, 2012 4:51 pm

Re: Anyone know Thomas Wilhelm?

hayabusa wrote:@MaXe - I started looking as well.  So far, didn't see anything (nothing in a basic source code review, as if malware links got planted or anything...)  ;D


Naturally that was what I did initially as well where I didn't see any signs of compromise  :) However, there are a few notes I've sent to Tom.  ;D
I'm an InterN0T'er
<<

Grendel

User avatar

Full Member
Full Member

Posts: 246

Joined: Thu Aug 28, 2008 8:48 am

Location: Colorado Springs, CO

Post Wed Jan 04, 2012 4:52 pm

Re: Anyone know Thomas Wilhelm?

dynamik wrote:I went to the home page while logged into my bank in another tab, and all my money got transferred to Tom.

I hope you use that $20 wisely...


It'll go to my "replenish the bourbon" fund. ;-)
- Thomas Wilhelm, MSCS MSM
ISSMP CISSP SCSECA SCNA IEM

Web Site:
  • http://HackingDojo.com
Author:
  • Professional Penetration Testing
  • Ninja Hacking
  • Penetration Tester's Open Source Toolkit
  • Metasploit Toolkit for Penetration Testing
  • Netcat Power Tools
<<

rattis

User avatar

Hero Member
Hero Member

Posts: 1172

Joined: Mon Jul 27, 2009 1:25 pm

Post Wed Jan 04, 2012 11:35 pm

Re: Anyone know Thomas Wilhelm?

Grendel wrote:
dynamik wrote:I went to the home page while logged into my bank in another tab, and all my money got transferred to Tom.

I hope you use that $20 wisely...


It'll go to my "replenish the bourbon" fund. ;-)


Is that how they pay for Bourbon con? (the con before derby con in Louisville Ky).
OSWP, Sec+
Next

Return to Other

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software