stfu idiot.. now go look at your boxes :) and netstats....and enjoy being part of, a much nicer, smaller organisation wich is only here, to destroy you all. :) bye! oh btw, secunia,.com is also, owned. have phun! GLOW
On 26 January 2012 09:19, Dave <m...@propergander.org.uk> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 25/01/2012 20:16, adam wrote: >> If we cared, we'd visit that site of our own volition. Secondly, even if we >> were interested: most of the people on these lists are intelligent enough >> not to click on links from spammers. Third, even if the content were >> interesting, even if this were the place for it and even if you hadn't >> spammed: "pay and register" is incentive enough for me *not* to join and * >> not* to ever visit that site again. >> >> Short version: this purpose of this list isn't for you to spam your new >> state-of-the-art website. Instead, it's typically to discuss/disclose >> issues/concepts related to computer/network security. Once in a while, >> there are discussions about the overflowing stupidity that some site >> owners/coders have. For example, people that stupidly (and blindly) inject >> code (e.g. for tracking purposes) into every single file on their site, >> regardless of extension: >> >> http://www.karmacyberintel.net/robots.txt >> >> Another one is blatantly disclosing paths in robots.txt that aren't even >> linked to and would never be found anyway (at least by bots that honor >> robots.txt, which ends up being the exact opposite of the desired effect). >> An example of how/why this can be a problem: >> >> md5sum of tiny_mce.js off your server is 9754385dabfc67c8b6d49ad4acba25c3, >> if we perform a simple Google search - we can determine that you're likely >> running version 3.3.1 of Wordpress. From there, we have enough information >> to perform a targeted attack on your server. Except, we don't need to >> because you've already made it more than easy enough for us. >> >> Pretty much every single field on http://www.karmacyberintel.net/pay/ is >> vulnerable to SQL injection, which could easily allow anyone to completely >> compromise the database and possibly the entire site. On top of that, >> register.php also allows for session fixation attacks, as a result of >> header/cookie manipulation. If that weren't bad enough, the admin section >> for your karma theme is also vulnerable to cross-site scripting. >> >> Not to mention, all the problems with with how you've configured SSL and >> everything else. If you're going to spam, at least make sure the website >> you're spamming has been tested and determined to be *somewhat* secure. >> > > > > Thanks for the smile. > > If one is not certain that ones own house is not made of glass, it's best to > not throw stones. > > D >> >> On Tue, Jan 24, 2012 at 11:31 PM, karma cyberintel < >> karmacyberint...@gmail.com> wrote: >> >>> *UPDATE* After attacking several government sites to protest >>> controversial US legislation in past weeks, hacktivist group Anonymous is >>> setting its sights on one of the Internet's biggest targets: Facebook. Or >>> maybe not. >>> >>> Sources Form karmacyberintel.net >>> >>> for more details >>> >>> >>> http://www.karmacyberintel.net/2012/01/faux-anonymous-hackers-to-facebook-were-not-playing/ >>> >>> _______________________________________________ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >> >> >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEVAwUBTyB/77Ivn8UFHWSmAQLoYAf8CbOtPVtl7nyo+ujnkf1qeWf7hGzjU5lJ > xWr8kd/N37n50u3a6PXfy9p7TC+wQ2MNoJCZ6Y02sPZ6KxlUXXOC/K8iXigFK1yh > rVrNaDLSR8+WgfOdskl7mYZXvHG7n2u8p3MNOll0D9MG1vn179P/oV3JXawSyHMZ > EhhWPjjiJZfNwPhPBTQnQMhg3HoWYsJKrVR5CIu/EKiAPaS2xG7l+DojADZmPsIU > B9BvSqLzJoVFUQ5zVF3KzPJLqIimqgH6HmK18Nmhs/kcBaxjVRL88XcfP1bYtl/Y > kg22lkaRU5IIxDviy5ztxkBERKu7SyuBjcrE6B23rBia9xeCrloMdQ== > =U0gT > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/