Re: [Full-disclosure] Absolute Sownage (A concise history of recent Sony hacks)

2011-06-12 Thread Georgi Guninski
On Sun, Jun 12, 2011 at 11:06:33AM -0600, Bruce Ediger wrote:
> On Sat, 11 Jun 2011, Nick FitzGerald wrote:
> 
> > Nowadays the big, noisy, obvious, "own the net" type "outbreak" of
> > yesteryear is not the model of choice for your typical cyber-thug (you
> > know, those running virtually all malware these days)..
> >
> > In fact, _avoiding_ exactly that is pretty much top of their list of
> > desiderata.
> 
> How do we know this?
> 
> I mean, it seems kind of circular to say "We haven't seen another Code
> Red II for a while, so the malware writers are doing other things."  Of
> course they are off doing other things: we haven't seen another Code Red
> II in years.
> 
> What other evidence exists?
>

Some evidence:

Conficker was long ago in the past 2008.

i heard script kiddie mentality changed so much they prefer to brag about XSS 
instead of pwning the interwebs :)

stuxnet didn't target the interwebs either - this might mean Valdis'
constant is more like 95.999%.

strongly suspect all the 404 for cgis in my httpd logs are requested by
hand :)

-- 
joro

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread adam
So much for that Ryan guy "editing" secn3t's emails. He *just* sent me this
because he's completely upset over his "major exploit" turning out to be a
"simple feature" :(

On Sat, Jun 11, 2011 at 10:40 PM, -= Glowing Doom =- wrote:

> Only took you , what 15 flame emails and, i have UNsubbed from list,
> and will NOT be posting nor ccing it.
> screw yourself.
> you wanted Fd , now you have 1 less Fd :)
> bye!
> and, your domain, papsy.net... is going down for maintenance i
> believesomeone just told me.. idk..
> you should not abuse ppl, before looking into the actual email, why would
> there be x41's in it.. i am guessing you have not studied the other side,
> wich is hyperlink with OUT html...
> there is many ways to code inject.,... its called, make a nice colorful
> email...with a bad link.
> now fuckoff retard.
>
>
>
> On 12 June 2011 13:37, -= Glowing Doom =-  wrote:
>
>> there is ANOTHER method idiot
>>
>> ut, you wont figue it :)
>>
>> and how ?
>> what if made a damn email with ALL text as a bad-link...and, say you open
>> it, and, just happen to accidnetally hover and, click.. wich, many ppl do...
>> it is not some spam email with a link, and NO it is NOT a feature.. idiot
>> again.
>>
>>
>>
>> On 12 June 2011 13:34, adam  wrote:
>>
>>> #1 - No one has replied since I reproduced your "proof of concept."
>>>
>>> #2 - Even if they had, you're replying directly to me - not the list.
>>>
>>> #3 - None of that is necessary. Type in text, highlight it and then click
>>> the anchor/link icon. From there, you can insert the target URL (and use the
>>> text of your choice). This is possible across most (all?) mail clients, as
>>> well as forums. It's an intentional feature that let's you specify anchor
>>> text.
>>>
>>> Assuming you're using a mail client that doesn't allow that (which I'd
>>> find very hard to believe that it has an anchor/link icon and doesn't have
>>> that feature) but even if that were the case: who is really vulnerable here
>>> (and to what? specifying anchor text != code injection).
>>>
>>> On Sat, Jun 11, 2011 at 10:29 PM, -= Glowing Doom =- 
>>> wrote:
>>>
 now, you guys loose see why you should NOT flame people...
 now, try find the REAL problem, wich, exists NOt in server...
 anyhow.. have fun flaming ppl...
 you finally work it out, then your all nice...
 screw you.
 and, screw your domain.



 On 12 June 2011 13:28, -= Glowing Doom =-  wrote:

> This is what i tried to explain...
>
> enter text, darken it, and then link , i said this 3 times..yet one
> person managed to finally do it, after having tospell it.
> no , i am, not a smartarse. and the other method, i should just have
> left out.
> now, nomore fd for me,.
> thanks,.
>
>
>
> On 12 June 2011 13:25, adam  wrote:
>
>> The reason why no one understood your ground-breaking vulnerability
>> (broken English aside) is because it's a *feature*. Whether you're
>> being a smartass right now or not is irrelevant, being that my email
>> generated the exact same thing as yours did (view source on both of 
>> them).
>> The difference is, you're doing some backspace *trick* whereas I'm
>> entering text, highlighting it and then clicking the link icon.
>>
>> Congratulations on wasting everyone's time, they were right to have
>> abandoned this thread from the start.
>>
>>
>> On Sat, Jun 11, 2011 at 10:20 PM, -= Glowing Doom =- <
>> sec...@gmail.com> wrote:
>>
>>> wow, ONE person finally can do it, after only having top basically
>>> SPELL it for you.. why did you not do it from the start >
>>> Lame team.
>>>
>>> Sorry but, have fun.. I wont be cc'd, I will just filter all of the
>>> fd :)
>>> BYE!
>>>
>>>
>>>
>>>
>>> On 12 June 2011 13:16, adam  wrote:
>>>
 You do realize you're still going to be CC'd, don't 
 you?

 And OH MY GOD, my text somehow became a clickable link. Did you guys
 see that? Did you see my ground breaking exploit? I demand your respect
 right this second!@


 On Sat, Jun 11, 2011 at 10:13 PM, -= Glowing Doom =- <
 sec...@gmail.com> wrote:

> done.. bye!
>
>
>
> On 12 June 2011 13:12, -= Glowing Doom =- wrote:
>
>> Yet i now stop... enjoy your pathetic,useless luist.. i will now
>> unsubscribe :)
>> thanks.
>>
>>
>>
>> On 12 June 2011 13:09, -= Glowing Doom =- wrote:
>>
>>> Here again
>>>
>>> I will write a sentence now, and, i will just copy, so it is
>>> 'darkened' text , then with NO backspace just leave the text 
>>> darkened, and
>>> goto 'link' , and enter a link.. the text will turn to red.
>>>
>>>

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread adam
#1 - No one has replied since I reproduced your "proof of concept."

#2 - Even if they had, you're replying directly to me - not the list.

#3 - None of that is necessary. Type in text, highlight it and then click
the anchor/link icon. From there, you can insert the target URL (and use the
text of your choice). This is possible across most (all?) mail clients, as
well as forums. It's an intentional feature that let's you specify anchor
text.

Assuming you're using a mail client that doesn't allow that (which I'd find
very hard to believe that it has an anchor/link icon and doesn't have that
feature) but even if that were the case: who is really vulnerable here (and
to what? specifying anchor text != code injection).

On Sat, Jun 11, 2011 at 10:29 PM, -= Glowing Doom =- wrote:

> now, you guys loose see why you should NOT flame people...
> now, try find the REAL problem, wich, exists NOt in server...
> anyhow.. have fun flaming ppl...
> you finally work it out, then your all nice...
> screw you.
> and, screw your domain.
>
>
>
> On 12 June 2011 13:28, -= Glowing Doom =-  wrote:
>
>> This is what i tried to explain...
>>
>> enter text, darken it, and then link , i said this 3 times..yet one person
>> managed to finally do it, after having tospell it.
>> no , i am, not a smartarse. and the other method, i should just have left
>> out.
>> now, nomore fd for me,.
>> thanks,.
>>
>>
>>
>> On 12 June 2011 13:25, adam  wrote:
>>
>>> The reason why no one understood your ground-breaking vulnerability
>>> (broken English aside) is because it's a *feature*. Whether you're being
>>> a smartass right now or not is irrelevant, being that my email generated the
>>> exact same thing as yours did (view source on both of them). The difference
>>> is, you're doing some backspace *trick* whereas I'm entering text,
>>> highlighting it and then clicking the link icon.
>>>
>>> Congratulations on wasting everyone's time, they were right to have
>>> abandoned this thread from the start.
>>>
>>>
>>> On Sat, Jun 11, 2011 at 10:20 PM, -= Glowing Doom =- 
>>> wrote:
>>>
 wow, ONE person finally can do it, after only having top basically SPELL
 it for you.. why did you not do it from the start >
 Lame team.

 Sorry but, have fun.. I wont be cc'd, I will just filter all of the fd
 :)
 BYE!




 On 12 June 2011 13:16, adam  wrote:

> You do realize you're still going to be CC'd, don't 
> you?
>
> And OH MY GOD, my text somehow became a clickable link. Did you guys
> see that? Did you see my ground breaking exploit? I demand your respect
> right this second!@
>
>
> On Sat, Jun 11, 2011 at 10:13 PM, -= Glowing Doom =-  > wrote:
>
>> done.. bye!
>>
>>
>>
>> On 12 June 2011 13:12, -= Glowing Doom =-  wrote:
>>
>>> Yet i now stop... enjoy your pathetic,useless luist.. i will now
>>> unsubscribe :)
>>> thanks.
>>>
>>>
>>>
>>> On 12 June 2011 13:09, -= Glowing Doom =-  wrote:
>>>
 Here again

 I will write a sentence now, and, i will just copy, so it is
 'darkened' text , then with NO backspace just leave the text darkened, 
 and
 goto 'link' , and enter a link.. the text will turn to red.


 (this is the easiest way to reproduce it...)





 On 12 June 2011 13:07, -= Glowing Doom =-  wrote:

> I should have said just 'copy, then hit link... because the other
> one, is actually VERY hard to explain..but yes... backspace... has a 
> bug
> with emails. Is this so hard for 50 ppl to understand ?
> I am really shocked at the brubbish talk i have copped from this.
>
>
>
> On 12 June 2011 13:06, -= Glowing Doom =- wrote:
>
>> Do the research... then call yourself a 'team'...please :s
>>
>> The PoC, is easy as hell to reproduce. I am shocked a team, cannot
>> do it..
>>
>> even the easy one wich is just copy/backspace, and, hit link and
>> enter a link!
>> simple ?
>>
>>
>>
>> On 12 June 2011 12:52, Haxxor Security  wrote:
>>
>>> As I (painfully tried to) understand it, secn3t can fool his own
>>> email client to create malformed links by pressing backspace...
>>>
>>>
>>> 2011/6/12 adam 
>>>
 At the end of the day, you're going to be treated like a child
 as long as you continue to type like one.

 The entertaining part for me is how each of your replies
 contradicts a previous one. According to you, this *
 vulnerability* *has existed for years*. And also according to
 you, the reason why the original 

Re: [Full-disclosure] (no subject)

2011-06-12 Thread adam
Baseless assumption is baseless. While you're breaking stuff in your
mother's basement, I'm making a living. I've *opted* to reply to these
emails because it's free amusement.

Why are you so upset anyway? The world isn't going to end just because you
thought a feature was a bug.

On Sun, Jun 12, 2011 at 12:41 AM, -= Glowing Doom =- wrote:

> your a deeadset fool... whats worse, you cannot even find the actual bug i
> am speaking of... and, you have wasted ALL day ojn this.. then ppl wonder
> why fd lists is nowdays a joke, indeedm, with idiots like you around.
> go back to your bridge fool. your going down, HARD.
>
>
>
> On 12 June 2011 15:38, adam  wrote:
>
>> LOL, it contains [rendered] HTML code but you're telling us that it's
>> plain-text?
>>
>> In case you missed it, here are *your* email headers:
>>
>>
>> Content-Type: text/html; charset=ISO-8859-1
>> Content-Transfer-Encoding: quoted-printable
>>
>>
>> On Sun, Jun 12, 2011 at 12:32 AM, -= Glowing Doom =- wrote:
>>
>>> yea... watch and learn fool.. your nothing but a troll..like others have
>>> shown, all you  know is about the what, hilight+link, after it being raised
>>> as an issue... wich, would never show the links i was able to put, in PLAIN
>>> text in yo9ur mail.. explain how i did that  then smartie ? It was plain
>>> text in between two links HINT HINT... your anchor bs , is BUGGY!]
>>> Dont try to act all high and mighty now, it took 25 emails for you to
>>> even work out thwe word anchor...fool.
>>> now enjoy port 25 on your domain it should work great,,... you just
>>> got yourself owned idiot.
>>> bye bye...adam.
>>>
>>> Show them the real shit, dont sho them JUST rage, show the BUG go
>>> on... have some balls , and then, explain why the link, is there, hidden
>>> under PLAIN TEXT!
>>>
>>> It is no exploit ATM , it is a simple PoC, of a bug.
>>> Issue or no issue..you could not work ut what itwas, until i made demos
>>> of it, and the last demo, is NOT anchor.. go on and sow the carriage return
>>> on it.. idiot.
>>>
>>>
>>>
>>>
>>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (no subject)

2011-06-12 Thread adam
You got me, my session ID *is 1234567. *Please don't steal money out of my
bank account.

The only part that I'll bother replying to is what a *joke this list is*.
It's so much of a joke that you not only subscribed once, but TWICE.

That speaks volumes about you :D

On Sun, Jun 12, 2011 at 12:52 AM, -= Glowing Doom =- wrote:

> Oh it only took yu, what, 8hours to explain 'anchor' t someone who already
> knows what that is.. i showed something much different, explain the links..
> dont show ppl bllshit.. what a damn joke, YOU are a joke, i cannot believe
> your on FD lists, you are what makes it a joke, im laughing AT you because,
> you still have NOT FOUND crap, yet admits to it being used in
> unconventional' way... g and write some bs to fd more.. i aint replying..
> ppllcan look themselfs if they like, you are only seeing one small piece of
> a MUCh bigger pic..and, ontop, it tok you only a day,. and defaming someone,
> who was raising an issue.. your why people hate fd.
> go fk yourself adam .
> your a tool , and soon, your nulled.dont blame me when your nulled btw...
> there are others who CAN see the bug... like say, spammers..
> you are doing a great ob of that tho, without undrerstanding the bug
> atall... you said it, unconbventional..now,. so ahead and explain how i mak
> it show http://googl_1234567/ , ie: your sessid :)
> you cant, so you sit here trolling.
> now, thats enough for me. what a joke this list has become. seriously, your
> pathetic.
> your the only one whos talking, so i assume, your the only one who cannot
> see the further picture...good :)
> have fun with it. when you show me the x41's , then ill start to take you
> seriously.
> enjoy the exploit :)
> bacvkspace - backspace...and then...swhat... no link entered... gf ahead,
> explain... you say this is normal...sorry, i havent seen it till today
> online anywhere... until it showed up on MS about backspace issues... you do
> not understand carriage line return it seems, so resort to dfaming , and ,
> what a life you have, allday and your STILL going.. i will now stfu... i
> know when to stop, i have prooven what i had to you hav eprooven, your
> an idiot.
> and a troll, and a shame your on fdlists.
> you m,ust lead a damn sad life...  really.. you must.
> bye bye... and, dont blame me when your papsy goes down for the countm,
> some ppl understand CLR , others dont, i guess thats just intellect tho.
> Whos talking adam >??? you.
> no one else BUT you.
> and still canntn explain how i put your session id, in the link, or my
> sessid for that matter..and your claiming thats 'normal'''pathetic
> man..really .
> bnow, please stop it, or ill start to fuck with your domainso bad, you will
> not exist online, on any fd, by morning.
> ok :)
> have fun trying to STILL fgure the PRPER bug, NOT anchring.
> You know your a troll tho.. what a boring fuck life you must lead...man...
> you wasted a dday fighting about a pissy issue,. wich you have admitted , is
> not 'conventional' well, sorry but, i had not seen this before, not in
> LEGITIMATE emails.. not the backspace tricks, wich you still cannot explain,
> keep harping abiout anchor, your about 1005 off.
> later, dont bother me, i will just flter you, and all of fd.. simple. you
> going to tell me i cant ? watch me.
>
>
>
> On 12 June 2011 15:41, -= Glowing Doom =-  wrote:
>
>> your a deeadset fool... whats worse, you cannot even find the actual bug i
>> am speaking of... and, you have wasted ALL day ojn this.. then ppl wonder
>> why fd lists is nowdays a joke, indeedm, with idiots like you around.
>> go back to your bridge fool. your going down, HARD.
>>
>>
>>
>> On 12 June 2011 15:38, adam  wrote:
>>
>>> LOL, it contains [rendered] HTML code but you're telling us that it's
>>> plain-text?
>>>
>>> In case you missed it, here are *your* email headers:
>>>
>>>
>>> Content-Type: text/html; charset=ISO-8859-1
>>> Content-Transfer-Encoding: quoted-printable
>>>
>>>
>>> On Sun, Jun 12, 2011 at 12:32 AM, -= Glowing Doom =- 
>>> wrote:
>>>
 yea... watch and learn fool.. your nothing but a troll..like others have
 shown, all you  know is about the what, hilight+link, after it being raised
 as an issue... wich, would never show the links i was able to put, in PLAIN
 text in yo9ur mail.. explain how i did that  then smartie ? It was plain
 text in between two links HINT HINT... your anchor bs , is BUGGY!]
 Dont try to act all high and mighty now, it took 25 emails for you to
 even work out thwe word anchor...fool.
 now enjoy port 25 on your domain it should work great,,... you just
 got yourself owned idiot.
 bye bye...adam.

 Show them the real shit, dont sho them JUST rage, show the BUG go
 on... have some balls , and then, explain why the link, is there, hidden
 under PLAIN TEXT!

 It is no exploit ATM , it is a simple PoC, of a bug.
 Issue or no issue..you could not work ut what itwas, until i made demos
 

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread adam
You do realize you're still going to be CC'd, don't you?

And OH MY GOD, my text somehow became a clickable link. Did you guys see
that? Did you see my ground breaking exploit? I demand your respect right
this second!@

On Sat, Jun 11, 2011 at 10:13 PM, -= Glowing Doom =- wrote:

> done.. bye!
>
>
>
> On 12 June 2011 13:12, -= Glowing Doom =-  wrote:
>
>> Yet i now stop... enjoy your pathetic,useless luist.. i will now
>> unsubscribe :)
>> thanks.
>>
>>
>>
>> On 12 June 2011 13:09, -= Glowing Doom =-  wrote:
>>
>>> Here again
>>>
>>> I will write a sentence now, and, i will just copy, so it is 'darkened'
>>> text , then with NO backspace just leave the text darkened, and goto 'link'
>>> , and enter a link.. the text will turn to red.
>>>
>>>
>>> (this is the easiest way to reproduce it...) 
>>>
>>>
>>>
>>>
>>>
>>> On 12 June 2011 13:07, -= Glowing Doom =-  wrote:
>>>
 I should have said just 'copy, then hit link... because the other one,
 is actually VERY hard to explain..but yes... backspace... has a bug with
 emails. Is this so hard for 50 ppl to understand ?
 I am really shocked at the brubbish talk i have copped from this.



 On 12 June 2011 13:06, -= Glowing Doom =-  wrote:

> Do the research... then call yourself a 'team'...please :s
>
> The PoC, is easy as hell to reproduce. I am shocked a team, cannot do
> it..
>
> even the easy one wich is just copy/backspace, and, hit link and enter
> a link!
> simple ?
>
>
>
> On 12 June 2011 12:52, Haxxor Security  wrote:
>
>> As I (painfully tried to) understand it, secn3t can fool his own email
>> client to create malformed links by pressing backspace...
>>
>>
>> 2011/6/12 adam 
>>
>>> At the end of the day, you're going to be treated like a child as
>>> long as you continue to type like one.
>>>
>>> The entertaining part for me is how each of your replies contradicts
>>> a previous one. According to you, this *vulnerability* *has existed
>>> for years*. And also according to you, the reason why the original
>>> email was filled with spelling errors is because it *was rushed out
>>> due to you being "awake" at 6AM.* Do you see the inconsistency
>>> between those two statements? Your response to Christian also indicated 
>>> that
>>> you* **didn't just discover this*.
>>>
>>> IF this is an old vulnerability and IF you've known about it for an
>>> extended period of time - WHY did you have to post it right when you 
>>> did?
>>> It's old, you've known about it for a while, it's existed for years, 
>>> yet it
>>> couldn't wait until later in the day? It couldn't wait until you had 
>>> time to
>>> skim over the email and correct any spelling/grammar mistakes? It 
>>> absolutely
>>> had to be posted right then and there?
>>>
>>> On Sat, Jun 11, 2011 at 9:14 PM, -= Glowing Doom =- <
>>> sec...@gmail.com> wrote:
>>>
 Thats why i the people who do understand it, can see that it is
 there... yes, VERY hard to expalin, id LOVE to see you try.



 On 12 June 2011 12:11, adam  wrote:

> Furthermore, pretending that we [the readers] are somehow at fault
> here (for not understanding) isn't going to get you very far. The 
> only thing
> consistent in this entire thread is that people *kind of* want to
> know what you're talking about, but aren't able to due to the poor 
> writing
> style and spelling/grammar errors.
>
> It should be noted that no one is being anal about typos, I fully
> understand that people make mistakes. The difference is that it 
> appears you
> didn't even so much as proof read the original email.
>
>
> On Sat, Jun 11, 2011 at 9:04 PM, phocean <0...@phocean.net> wrote:
>
>> Hi n3td3v... oops!... secn3t (that is close),
>>
>> Sorry but I don't understand anything to this thread.
>> Each of your emails is such a pain to read, that I stop at the
>> first
>> sentence.
>> We are all busy and don't want to take 20 min to decipher your
>> writing
>> with the risk that it is not deserving it.
>> Please clarify and give consistent technical facts.
>>
>> Thanks.
>>
>> Le 12/06/2011 03:33, -= Glowing Doom =- a écrit :
>> > This is NOT coded..  the PoC i am explaining, is possible with
>> simply
>> > copyying text,then using a sequence of keys, to make the actual
>> > sentence/s, appear.
>> > This code is not what shows up when it is dissected.
>> > It shows up with many x41 all over the email when it is done
>> properly .
>> > Regards.
>>

Re: [Full-disclosure] (no subject)

2011-06-12 Thread adam
It's really kinda sad that you're *still* going. There are thousands of *
features* in all kinds of software that *can* be exploited, but that doesn't
mean the feature itself was completely unintentional. You were originally
describing anchor text and now you're simply describing multi-line anchor
text. There is nothing fancy or innovative here, it's a basic feature being
used in an *unconventional* way (and I use that term loosely).

*How* you're going about it may be interesting to you or a handful of others
- but the end result is possible using an *existing feature [that's present
in most mail clients]*.

I do find it amusing that you keep making threats though. I *hope* that my
server does go offline, since you've given me more than enough evidence to
have a field day with this. Most people wouldn't bother, but I work from
home, so I have all the time in the world to pursue this and have you
forcefully drug out of your mother's basement.

On Sun, Jun 12, 2011 at 12:25 AM, -= Glowing Doom =- wrote:

> Yea yea... this is not about anchor text... if you want more demonstations,
> of a REAL exploit.. bad luck.. ive already shown adam how this 'anchor'
> text, is buggy... but, he would not show those links i guess... wich come
> from session ID... anchor anchr...whatever... have fun on fd... you loose,
> not me.. cc me, ill just keep your lame papsy.net nulled then... simple,
> and complain to gmail for attaching pam, then filter you :)
>
> Your an idiot.
>
> You could not work the thing out, then your all about anchor, when ive said
> the problem is a backspace... there was 2 pcs.. i raised an issuie... one of
> 2 ... and, you cannot try telling me this is a 'feature' , go ahead and show
> me where this is used, LEGALLY and, why... i dont see it until i raised this
> issue today.
> go fk yourselfs.
> fd my arse. now is hack fd.
> bye bye.
>
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread adam
That about sums it up, although he unsubscribed from the list so I've CC'd
him.

If you're bored, look at the quoted conversation below. He went into a
complete nerd rage after unsubscribing, all because we wouldn't take his *
exploit* seriously.

On Sun, Jun 12, 2011 at 12:01 AM, ghost  wrote:

> >From what i've gathered... you believe that Anchor 
> >Text is
> an exploit ? ..cereal
>  ?
>
>
> On Sat, Jun 11, 2011 at 8:09 PM, -= Glowing Doom =- wrote:
>
>> Here again
>>
>> I will write a sentence now, and, i will just copy, so it is 'darkened'
>> text , then with NO backspace just leave the text darkened, and goto 'link'
>> , and enter a link.. the text will turn to red.
>>
>>
>> (this is the easiest way to reproduce it...) 
>>
>>
>>
>>
>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (no subject)

2011-06-12 Thread adam
LOL, it contains [rendered] HTML code but you're telling us that it's
plain-text?

In case you missed it, here are *your* email headers:


Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable


On Sun, Jun 12, 2011 at 12:32 AM, -= Glowing Doom =- wrote:

> yea... watch and learn fool.. your nothing but a troll..like others have
> shown, all you  know is about the what, hilight+link, after it being raised
> as an issue... wich, would never show the links i was able to put, in PLAIN
> text in yo9ur mail.. explain how i did that  then smartie ? It was plain
> text in between two links HINT HINT... your anchor bs , is BUGGY!]
> Dont try to act all high and mighty now, it took 25 emails for you to even
> work out thwe word anchor...fool.
> now enjoy port 25 on your domain it should work great,,... you just got
> yourself owned idiot.
> bye bye...adam.
>
> Show them the real shit, dont sho them JUST rage, show the BUG go on...
> have some balls , and then, explain why the link, is there, hidden under
> PLAIN TEXT!
>
> It is no exploit ATM , it is a simple PoC, of a bug.
> Issue or no issue..you could not work ut what itwas, until i made demos of
> it, and the last demo, is NOT anchor.. go on and sow the carriage return on
> it.. idiot.
>
>
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread Haxxor Security
Haha, holy mother of...
-=Glowing Dumb=- made my day...  To be honest, he made my whole week.

Adam, I can't thank you enough for CCing the list.


2011/6/12 adam 

> I'm not sure how you can keep insisting that it's not a feature when it's
> clearly been shown to be one. You either need to pay more attention, or get
> a better dictionary.
>
> What you're describing is possible directly through the anchor/link
> feature. Even if it weren't, you could just as easily switch over to plain
> text and insert the anchor tag manually. There is no exploit involved, as
> the ability to use hyperlinks is an email isn't an *unintentional bug* but
> a very popular *feature*.
>
> On Sat, Jun 11, 2011 at 10:37 PM, -= Glowing Doom =- wrote:
>
>> there is ANOTHER method idiot
>>
>> ut, you wont figue it :)
>>
>> and how ?
>> what if made a damn email with ALL text as a bad-link...and, say you open
>> it, and, just happen to accidnetally hover and, click.. wich, many ppl do...
>> it is not some spam email with a link, and NO it is NOT a feature.. idiot
>> again.
>>
>>
>>
>> On 12 June 2011 13:34, adam  wrote:
>>
>>> #1 - No one has replied since I reproduced your "proof of concept."
>>>
>>> #2 - Even if they had, you're replying directly to me - not the list.
>>>
>>> #3 - None of that is necessary. Type in text, highlight it and then click
>>> the anchor/link icon. From there, you can insert the target URL (and use the
>>> text of your choice). This is possible across most (all?) mail clients, as
>>> well as forums. It's an intentional feature that let's you specify anchor
>>> text.
>>>
>>> Assuming you're using a mail client that doesn't allow that (which I'd
>>> find very hard to believe that it has an anchor/link icon and doesn't have
>>> that feature) but even if that were the case: who is really vulnerable here
>>> (and to what? specifying anchor text != code injection).
>>>
>>> On Sat, Jun 11, 2011 at 10:29 PM, -= Glowing Doom =- 
>>> wrote:
>>>
 now, you guys loose see why you should NOT flame people...
 now, try find the REAL problem, wich, exists NOt in server...
 anyhow.. have fun flaming ppl...
 you finally work it out, then your all nice...
 screw you.
 and, screw your domain.



 On 12 June 2011 13:28, -= Glowing Doom =-  wrote:

> This is what i tried to explain...
>
> enter text, darken it, and then link , i said this 3 times..yet one
> person managed to finally do it, after having tospell it.
> no , i am, not a smartarse. and the other method, i should just have
> left out.
> now, nomore fd for me,.
> thanks,.
>
>
>
> On 12 June 2011 13:25, adam  wrote:
>
>> The reason why no one understood your ground-breaking vulnerability
>> (broken English aside) is because it's a *feature*. Whether you're
>> being a smartass right now or not is irrelevant, being that my email
>> generated the exact same thing as yours did (view source on both of 
>> them).
>> The difference is, you're doing some backspace *trick* whereas I'm
>> entering text, highlighting it and then clicking the link icon.
>>
>> Congratulations on wasting everyone's time, they were right to have
>> abandoned this thread from the start.
>>
>>
>> On Sat, Jun 11, 2011 at 10:20 PM, -= Glowing Doom =- <
>> sec...@gmail.com> wrote:
>>
>>> wow, ONE person finally can do it, after only having top basically
>>> SPELL it for you.. why did you not do it from the start >
>>> Lame team.
>>>
>>> Sorry but, have fun.. I wont be cc'd, I will just filter all of the
>>> fd :)
>>> BYE!
>>>
>>>
>>>
>>>
>>> On 12 June 2011 13:16, adam  wrote:
>>>
 You do realize you're still going to be CC'd, don't 
 you?

 And OH MY GOD, my text somehow became a clickable link. Did you guys
 see that? Did you see my ground breaking exploit? I demand your respect
 right this second!@


 On Sat, Jun 11, 2011 at 10:13 PM, -= Glowing Doom =- <
 sec...@gmail.com> wrote:

> done.. bye!
>
>
>
> On 12 June 2011 13:12, -= Glowing Doom =- wrote:
>
>> Yet i now stop... enjoy your pathetic,useless luist.. i will now
>> unsubscribe :)
>> thanks.
>>
>>
>>
>> On 12 June 2011 13:09, -= Glowing Doom =- wrote:
>>
>>> Here again
>>>
>>> I will write a sentence now, and, i will just copy, so it is
>>> 'darkened' text , then with NO backspace just leave the text 
>>> darkened, and
>>> goto 'link' , and enter a link.. the text will turn to red.
>>>
>>>
>>> (this is the easiest way to reproduce 
>>> it...)
>>>
>>>
>>>
>>>
>>>
>

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread adam
I'm not sure how you can keep insisting that it's not a feature when it's
clearly been shown to be one. You either need to pay more attention, or get
a better dictionary.

What you're describing is possible directly through the anchor/link feature.
Even if it weren't, you could just as easily switch over to plain text and
insert the anchor tag manually. There is no exploit involved, as the ability
to use hyperlinks is an email isn't an *unintentional bug* but a very
popular *feature*.

On Sat, Jun 11, 2011 at 10:37 PM, -= Glowing Doom =- wrote:

> there is ANOTHER method idiot
>
> ut, you wont figue it :)
>
> and how ?
> what if made a damn email with ALL text as a bad-link...and, say you open
> it, and, just happen to accidnetally hover and, click.. wich, many ppl do...
> it is not some spam email with a link, and NO it is NOT a feature.. idiot
> again.
>
>
>
> On 12 June 2011 13:34, adam  wrote:
>
>> #1 - No one has replied since I reproduced your "proof of concept."
>>
>> #2 - Even if they had, you're replying directly to me - not the list.
>>
>> #3 - None of that is necessary. Type in text, highlight it and then click
>> the anchor/link icon. From there, you can insert the target URL (and use the
>> text of your choice). This is possible across most (all?) mail clients, as
>> well as forums. It's an intentional feature that let's you specify anchor
>> text.
>>
>> Assuming you're using a mail client that doesn't allow that (which I'd
>> find very hard to believe that it has an anchor/link icon and doesn't have
>> that feature) but even if that were the case: who is really vulnerable here
>> (and to what? specifying anchor text != code injection).
>>
>> On Sat, Jun 11, 2011 at 10:29 PM, -= Glowing Doom =- wrote:
>>
>>> now, you guys loose see why you should NOT flame people...
>>> now, try find the REAL problem, wich, exists NOt in server...
>>> anyhow.. have fun flaming ppl...
>>> you finally work it out, then your all nice...
>>> screw you.
>>> and, screw your domain.
>>>
>>>
>>>
>>> On 12 June 2011 13:28, -= Glowing Doom =-  wrote:
>>>
 This is what i tried to explain...

 enter text, darken it, and then link , i said this 3 times..yet one
 person managed to finally do it, after having tospell it.
 no , i am, not a smartarse. and the other method, i should just have
 left out.
 now, nomore fd for me,.
 thanks,.



 On 12 June 2011 13:25, adam  wrote:

> The reason why no one understood your ground-breaking vulnerability
> (broken English aside) is because it's a *feature*. Whether you're
> being a smartass right now or not is irrelevant, being that my email
> generated the exact same thing as yours did (view source on both of them).
> The difference is, you're doing some backspace *trick* whereas I'm
> entering text, highlighting it and then clicking the link icon.
>
> Congratulations on wasting everyone's time, they were right to have
> abandoned this thread from the start.
>
>
> On Sat, Jun 11, 2011 at 10:20 PM, -= Glowing Doom =-  > wrote:
>
>> wow, ONE person finally can do it, after only having top basically
>> SPELL it for you.. why did you not do it from the start >
>> Lame team.
>>
>> Sorry but, have fun.. I wont be cc'd, I will just filter all of the fd
>> :)
>> BYE!
>>
>>
>>
>>
>> On 12 June 2011 13:16, adam  wrote:
>>
>>> You do realize you're still going to be CC'd, don't 
>>> you?
>>>
>>> And OH MY GOD, my text somehow became a clickable link. Did you guys
>>> see that? Did you see my ground breaking exploit? I demand your respect
>>> right this second!@
>>>
>>>
>>> On Sat, Jun 11, 2011 at 10:13 PM, -= Glowing Doom =- <
>>> sec...@gmail.com> wrote:
>>>
 done.. bye!



 On 12 June 2011 13:12, -= Glowing Doom =-  wrote:

> Yet i now stop... enjoy your pathetic,useless luist.. i will now
> unsubscribe :)
> thanks.
>
>
>
> On 12 June 2011 13:09, -= Glowing Doom =- wrote:
>
>> Here again
>>
>> I will write a sentence now, and, i will just copy, so it is
>> 'darkened' text , then with NO backspace just leave the text 
>> darkened, and
>> goto 'link' , and enter a link.. the text will turn to red.
>>
>>
>> (this is the easiest way to reproduce 
>> it...)
>>
>>
>>
>>
>>
>> On 12 June 2011 13:07, -= Glowing Doom =- wrote:
>>
>>> I should have said just 'copy, then hit link... because the other
>>> one, is actually VERY hard to explain..but yes... backspace... has 
>>> a bug
>>> with emails. Is this so hard for 50 ppl to understand ?
>>> I am real

Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread adam
I'm not sure why you insist on continuing this, but you're not really
helping your case.

The bottom line is that it's an intentional feature. That is why it A)
consistently works and B) works across most mail clients.

On Sat, Jun 11, 2011 at 10:46 PM, -= Glowing Doom =- wrote:

> upset...lma...
> you had NO idea before you fool...
>
> now you finally work it out... after flaming me..and , thats a
> feature...rightt... thats why i see emails, covered in
> links,daily...and, it is ommal...
> your a fool.
>
> and show the email instead of hiding the thing..
> idiot.
> what major exploit ?
> you still have not even worked it out properly.. fool.
>
>
>
>
> On 12 June 2011 13:44, adam  wrote:
>
>> So much for that Ryan guy "editing" secn3t's emails. He *just* sent me
>> this because he's completely upset over his "major exploit" turning out to
>> be a "simple feature" :(
>>
>>
>> On Sat, Jun 11, 2011 at 10:40 PM, -= Glowing Doom =- wrote:
>>
>>> Only took you , what 15 flame emails and, i have UNsubbed from list,
>>> and will NOT be posting nor ccing it.
>>> screw yourself.
>>> you wanted Fd , now you have 1 less Fd :)
>>> bye!
>>> and, your domain, papsy.net... is going down for maintenance i
>>> believesomeone just told me.. idk..
>>> you should not abuse ppl, before looking into the actual email, why would
>>> there be x41's in it.. i am guessing you have not studied the other side,
>>> wich is hyperlink with OUT html...
>>> there is many ways to code inject.,... its called, make a nice colorful
>>> email...with a bad link.
>>> now fuckoff retard.
>>>
>>>
>>>
>>> On 12 June 2011 13:37, -= Glowing Doom =-  wrote:
>>>
 there is ANOTHER method idiot

 ut, you wont figue it :)

 and how ?
 what if made a damn email with ALL text as a bad-link...and, say you
 open it, and, just happen to accidnetally hover and, click.. wich, many ppl
 do... it is not some spam email with a link, and NO it is NOT a feature..
 idiot again.



 On 12 June 2011 13:34, adam  wrote:

> #1 - No one has replied since I reproduced your "proof of concept."
>
> #2 - Even if they had, you're replying directly to me - not the list.
>
> #3 - None of that is necessary. Type in text, highlight it and then
> click the anchor/link icon. From there, you can insert the target URL (and
> use the text of your choice). This is possible across most (all?) mail
> clients, as well as forums. It's an intentional feature that let's you
> specify anchor text.
>
> Assuming you're using a mail client that doesn't allow that (which I'd
> find very hard to believe that it has an anchor/link icon and doesn't have
> that feature) but even if that were the case: who is really vulnerable 
> here
> (and to what? specifying anchor text != code injection).
>
> On Sat, Jun 11, 2011 at 10:29 PM, -= Glowing Doom =-  > wrote:
>
>> now, you guys loose see why you should NOT flame people...
>> now, try find the REAL problem, wich, exists NOt in server...
>> anyhow.. have fun flaming ppl...
>> you finally work it out, then your all nice...
>> screw you.
>> and, screw your domain.
>>
>>
>>
>> On 12 June 2011 13:28, -= Glowing Doom =-  wrote:
>>
>>> This is what i tried to explain...
>>>
>>> enter text, darken it, and then link , i said this 3 times..yet one
>>> person managed to finally do it, after having tospell it.
>>> no , i am, not a smartarse. and the other method, i should just have
>>> left out.
>>> now, nomore fd for me,.
>>> thanks,.
>>>
>>>
>>>
>>> On 12 June 2011 13:25, adam  wrote:
>>>
 The reason why no one understood your ground-breaking vulnerability
 (broken English aside) is because it's a *feature*. Whether you're
 being a smartass right now or not is irrelevant, being that my email
 generated the exact same thing as yours did (view source on both of 
 them).
 The difference is, you're doing some backspace *trick* whereas I'm
 entering text, highlighting it and then clicking the link icon.

 Congratulations on wasting everyone's time, they were right to have
 abandoned this thread from the start.


 On Sat, Jun 11, 2011 at 10:20 PM, -= Glowing Doom =- <
 sec...@gmail.com> wrote:

> wow, ONE person finally can do it, after only having top basically
> SPELL it for you.. why did you not do it from the start >
> Lame team.
>
> Sorry but, have fun.. I wont be cc'd, I will just filter all of the
> fd :)
> BYE!
>
>
>
>
> On 12 June 2011 13:16, adam  wrote:
>
>> You do realize you're still going to be CC'd, don't 
>> you?
>>
>> And OH MY G

Re: [Full-disclosure] (fractal-Self__) : A theoretical introduction to Universe, Conscious Machines and Programming Ur-cells !!!

2011-06-12 Thread Christian Sciberras
Fractal fractal fractal, even us that coined the concept can't keep it going
forever.
Seems evident that each subsystem looses key aspects of its parent, this
might turn out to be a system flaw, or a constrained space.
We might have discovered this flaw already and we might have been using all
this time since nothing tells us the laws of our universe are true to its
container (if at all).

Chris.



On Sun, Jun 12, 2011 at 10:13 PM, Michal Zalewski wrote:

> > Paradox are way of life... Hence, the goal here is to question every
> > knowledge with reasoning and trying-not to build a static opinion on
> > anything.
>
> But have you tried contacting the vendor first?
>
> /mz
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (fractal-Self__) : A theoretical introduction to Universe, Conscious Machines and Programming Ur-cells !!!

2011-06-12 Thread Michal Zalewski
> Paradox are way of life... Hence, the goal here is to question every
> knowledge with reasoning and trying-not to build a static opinion on
> anything.

But have you tried contacting the vendor first?

/mz

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] (fractal-Self__) : A theoretical introduction to Universe, Conscious Machines and Programming Ur-cells !!!

2011-06-12 Thread Bipin Gautam
[Archival purpose]

Author: Bipin Gautam (All Rights Reserved, Research Paper, 1'st DRAFT)

___
Background:
Any doctrine or philosophy is "complete" on its own rights. But, if we
start from this angle, anyone can defend anything out of anything.
Paradox are way of life... Hence, the goal here is to question every
knowledge with reasoning and trying-not to build a static opinion on
anything.

___
Prologue:  __Self(naked-observer -- that is the mind), fractal-Self__
(observer, strange-loop with free-will in fractal-space),
fractal-space (accessible environment that is the higher level
abstraction that can be observed or experienced by fractal-Self__),
fractal-cycle (Cyclic systems, environment, whose relative motion with
each-other in fractal-space gives rise to "perceivance of Time" to the
"observer", "maya"), fractal-scale (n-dimensional fractal-environment
from void to the infinite), free-will, psychology, Goal, perception,
evolution, intuition, qualias, emotions, feelings, software-mind,
ontology-of-self, Veda, Upanishads, buddha-nature, emergence,
strategy, and a holistic approach to constrain and scale a complex
system until only intelligence is left.

___
Problem Abstraction:

So, what is this body-brain-mind system?... and what makes up, who we are ???

Can information-abstraction (like virtual machine or software
emulators of anything) simulate "physical layout" of any
body-brain-mind system? Or, is it possible for complete
software-simulation of Neuron, synapses, virtual-hormone and any other
chemical or physical interaction individually or as a whole?

Is it possible to simulate a new universe with all its own distinct
characteristic property inside this universe? ( given, unlimited
memory, processing and storage).

Then, WHAT IS REAL and WHAT IS NOT?

___
Introduction to Fractal:
Fractal is "rough or fragmented geometric shape that can be split into
parts, each of which is (at least approximately) a reduced-size copy
of the whole," a property called self-similarity but which gives rise
to emergence-property in fractal-scale.

Roots of the idea of fractal can be seen in forms of "art" that go
back to least few thousand years, as documented, in written history.


Holistic View of this Universe:

Universe is n-dimensional fractal-space sandwich between "intelligent"
(anything with deterministic property, cycle) and "non-intelligent"
part (quantum field, pure-light, void?).
>From a holistic view of YOUR fractal-scale, Scale up or scale down...
and you can assume anything as inert or intelligent.

But, how "tiny" can we scale down in fractal-space and be sure it is
all that it is? We can scale up or scale down, but we could always
miss "the complete picture" (the measurement problem).

Sadly, Our biological architecture is also sandwiched in between such
fractal-design; and we are a sandwich of symbiosis (as-if
social-interaction of fractal-cycle from within the fractal-space) of
parasites within a parasite within a parasite, which can also be
further divided into intelligent properties/systems and inert parts.

Hence, being alive or dead is a matter of probability manifested due
to free-will in its fractal-scale or out of natural fractal-cycle of
infinite possibilities in fractal-space.


Free Will:

Fractal-Self__ in some fractal-cycle tends to "experiences itself" in
all possible (universal) "manifestation" in its fractal-space. Hence,
Free-Will is like natural random-number -- the output from
fractal-information-generator for fractal-Self__ to achieve all
possible intelligent combination by
information-processing-and-exchange with the environment and within
itself,  by some point, in (ever evolving) "fractal-cycle" in its
fractal-space.

Intelligent-being inside this universal manifestation of
fractal-like-cycle "perceive time" because everything seem moving, in
a natural cycle (fractal-cycle) "relative to each other" and
uncertain/unpredictable to the "observer" from its fractal-scale due
to the emergent-manifestation of infinite possibilities or
intelligent-interference of fractal-cycle in its fractal-space.


Time:

( Different biological or Computing architecture opens up new
dimension for "perception" -- Compare the ability of fractal-Self__
between a flying insect vs You! )

Time is a subjective-measurement. But, In a true sense, does time really exist?

A Watch only keeps track of time intervals and our subjective view of
time is bounded to our speed of subjective perception. Hence, TRUE
time lapse between two seconds is a "subjective experience" of
fractal-Self__ in a fractal-cycle in its fractal-space.

But, could there be a "mind technique" to, speeding-up or slow-down
"subjective time-lapse" even further? Approach to unlock it? Or even,
ways to measure it? Or, is mental time travel possible?

"cells" can act like "trans-receiver" for inf

Re: [Full-disclosure] Absolute Sownage (A concise history of recent Sony hacks)

2011-06-12 Thread Thor (Hammer of God)
> > Nowadays the big, noisy, obvious, "own the net" type "outbreak" of
> > yesteryear is not the model of choice for your typical cyber-thug (you
> > know, those running virtually all malware these days)..
> >
> > In fact, _avoiding_ exactly that is pretty much top of their list of
> > desiderata.
> 
> How do we know this?
> 
> I mean, it seems kind of circular to say "We haven't seen another Code Red II
> for a while, so the malware writers are doing other things."  Of course they
> are off doing other things: we haven't seen another Code Red II in years.
> 
> What other evidence exists?

This is a business now - albeit illegal, but a well-established, organized, 
"professional" business.   The compromised machine (or browser) is the 
commodity.  The longer one can extend the life of the commodity, the more 
useful and profitable it is.  Probably the best source of evidence of this is 
the fact that there are currently millions of compromised machines that could 
easily be exposed via a "Code Red III" event, but they are not - they are being 
used for fraud instead.   You can only skin a sheep once, but you can fleece it 
over and over. 

I'm sure Nick can come up with precise examples if he wants to.  He knows what 
he's talking about in this space. 

t

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Absolute Sownage (A concise history of recent Sony hacks)

2011-06-12 Thread Bruce Ediger
On Sat, 11 Jun 2011, Nick FitzGerald wrote:

> Nowadays the big, noisy, obvious, "own the net" type "outbreak" of
> yesteryear is not the model of choice for your typical cyber-thug (you
> know, those running virtually all malware these days)..
>
> In fact, _avoiding_ exactly that is pretty much top of their list of
> desiderata.

How do we know this?

I mean, it seems kind of circular to say "We haven't seen another Code
Red II for a while, so the malware writers are doing other things."  Of
course they are off doing other things: we haven't seen another Code Red
II in years.

What other evidence exists?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] POC for a simple gmail/possible code injection into html wich can be executed in an email, i will make the PoC code and explain how here and now...

2011-06-12 Thread phocean
Before asking others to learn reading, learn writing yourself.

By the way, just a hint concerning this whole thread: maybe if you first
start by understanding very well what you want to explain, it will sure
become much easier.
So you shouldn't blame others for the consequences of your own lacks.

--phocean


Le 12/06/2011 04:34, -= Glowing Doom =- a écrit :
> Umm... someone ELSE showed the fact that, there is something with
> backspace, and MS... Learn to read, ill prmise to learn to speeel :)
> 
> To many IF's, do some research, instead of flaming.
> 
> 
> 
> On 12 June 2011 12:31, adam mailto:a...@papsy.net>> wrote:
> 
> At the end of the day, you're going to be treated like a child as
> long as you continue to type like one. 
> 
> The entertaining part for me is how each of your replies contradicts
> a previous one. According to you, this /vulnerability/ *has existed
> for years*. And also according to you, the reason why the original
> email was filled with spelling errors is because it *was rushed out
> due to you being "awake" at 6AM.* Do you see the inconsistency
> between those two statements? Your response to Christian also
> indicated that you/ /*/didn't/ just discover this*.
> 
> IF this is an old vulnerability and IF you've known about it for an
> extended period of time - WHY did you have to post it right when you
> did? It's old, you've known about it for a while, it's existed for
> years, yet it couldn't wait until later in the day? It couldn't wait
> until you had time to skim over the email and correct any
> spelling/grammar mistakes? It absolutely had to be posted right then
> and there? 
> 
> On Sat, Jun 11, 2011 at 9:14 PM, -= Glowing Doom =-
> mailto:sec...@gmail.com>> wrote:
> 
> Thats why i the people who do understand it, can see that it is
> there... yes, VERY hard to expalin, id LOVE to see you try.
> 
> 
> 
> On 12 June 2011 12:11, adam  > wrote:
> 
> Furthermore, pretending that we [the readers] are somehow at
> fault here (for not understanding) isn't going to get you
> very far. The only thing consistent in this entire thread is
> that people /kind of/ want to know what you're talking
> about, but aren't able to due to the poor writing style and
> spelling/grammar errors.
> 
> It should be noted that no one is being anal about typos, I
> fully understand that people make mistakes. The difference
> is that it appears you didn't even so much as proof read the
> original email.
> 
> 
> On Sat, Jun 11, 2011 at 9:04 PM, phocean <0...@phocean.net
> > wrote:
> 
> Hi n3td3v... oops!... secn3t (that is close),
> 
> Sorry but I don't understand anything to this thread.
> Each of your emails is such a pain to read, that I stop
> at the first
> sentence.
> We are all busy and don't want to take 20 min to
> decipher your writing
> with the risk that it is not deserving it.
> Please clarify and give consistent technical facts.
> 
> Thanks.
> 
> Le 12/06/2011 03:33, -= Glowing Doom =- a écrit :
> > This is NOT coded..  the PoC i am explaining, is
> possible with simply
> > copyying text,then using a sequence of keys, to make
> the actual
> > sentence/s, appear.
> > This code is not what shows up when it is dissected.
> > It shows up with many x41 all over the email when it
> is done properly .
> > Regards.
> >
> >
> >
> > On 12 June 2011 11:29, Christian Sciberras
> mailto:uuf6...@gmail.com>
> > >>
> wrote:
> >
> > For those lazy enough to search:
> >
> >
> 
> https://www.owasp.org/index.php/The_CSRSS_Backspace_Bug_still_works_in_windows_2003_sp1
> >
> >
> > Excerpt:
> >
> > Basicaly just compile this and you will get a 100%
> processor usage
> > by the compiled exploit and Csrss.exe
> >
> > #include 
> > int main(void)
> > {
> > while(1)
> > printf("\t\t\b\b\b\b\b\b");
> > return 0;
> > }
> >
> >
> > How this he