Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
Does anybody still have some popcorn left? They ran out of it in the tax free zone in here due to this thread... Kind regards, Yvan Janssens Sent from my PDA - excuse me for my brevity > On 14 Mar 2014, at 18:40, "Nicholas Lemonias." > wrote: > > We have many PoC's including video clips. We may upload for the security > world to see. > > However, this is not the way to treat security vulnerabilities. Attacking the > researcher and bringing you friends to do aswell, won't mitigate the problem. > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] phrack.org being spammed
Seems that there is a lot of SPAM going on here: * http://phrack.org/issues.html?issue=29&id=7#comments Is phrack(.org) still maintained? It has been a while since the last one... ~ -- |_|0|_| Yvan Janssens|_|_|0| |0|0|0| ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Cloud Questions
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hello, I will split my answer in two parts, as they represent both views I regularly experience. They aren't all related to security. The first problem is TCO. Cloud services are easy to set up (both as a vendor and as a user), and have little to no "hard" start-up costs. (costs that initially are billed as startup costs, before the service payments start). This results in decisions which aren't really thinked throughly about in a lot of cases, resulting in poor setups both by the vendor and by the end-user/customer. Being able to ship fast also means that you can make mistakes fast - several providers have been caught in the past while I was using them on blatant mistakes. Another problem is that you trust a service to a third party provider, which has full access to the data. I know, there are ways to prevent this/make this difficult, but in the end it will not be feasible on the long term to employ such techniques. Targeted attacks will always succeed, but are easier on cloud services to my opinion. Support services are useful sources for social engineering (check some of the last cases of DNS hijacking), since they are used to handle requests for all customers, and not only internal employees. The other problem is that you share a physical computer with someone you don't know and cannot trust. Information leakage techniques have been discovered [1] and it wouldn't be the first time that someone finds a clever way to break out of the VM. [2] It is also more feasible to DoS your application if the physical hardware is shared with others if they aren't trustworthy. Most providers monitor extensive resource usage, but try a cheap one, put a VM on full RAM capacity, disk I/O requests and CPU usage and see how long it takes to get a notice to ask you to inspect the machine. There is also a huge thing to tell about stuff which used to be conspiracy theories about surveillance, but this is out of scope for this response to avoid indulging trolling. To my opinion cloud services are good for a temporarily burst of CPU resources, not to store data, and not to be used permanently nor as a SPOF. I sometimes use cloud services to launch a build of a large source tree, and then dispose the machine, but I would never put ownCloud on it to store PGP private keys without a password or my credit card numbers and bank PINs. ~/y [1] http://www.cs.cornell.edu/courses/cs6460/2011sp/papers/cloudsec-ccs09.pdf [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0923 On 08/11/13 15:08, David Miller wrote: > I’ve been lurking here for some months now and have seen plenty of > vulnerabilities go by for applications, and the occasional OS level > exploit. > > I don’t think I’ve seen a single post about cloud security. > > Is ‘the cloud’, AWS in particular, believed to be secure? Is it > simply not targeted? Or would it be covered by some other list? > Inquiring minds are, uh, inquiring. > > > TIA, > > — David ___ > Full-Disclosure - We believe in it. Charter: > http://lists.grok.org.uk/full-disclosure-charter.html Hosted and > sponsored by Secunia - http://secunia.com/ > -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) Comment: GPGTools - https://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJSfku5AAoJEElyT3Tqk/Mc21sIAK2gyHpoWd/ggCSNiPgQ+9jW ACjqaJ7NEgGAmxYj+2yphWRHK507As2VjL5CwbyvX26XHE/PkmF2cY+6Np30ar6O FTv3BR+F5kmR/0JNvJWGogr1H1SJb9pcL03biQr8X8pNsLstKbPQ8s2IzMtHWkOF y9HVdeMriaAaCz3wWSS4K4TV+2ePgAm0tAsACHfXqt9OnoY8oplUUpjv52qfv/ZC dplZCtC8yv3M1eehDmjhJgYtcc7oQJnhy2TwWpOtMmDNCAlJ+xUqAP8Sb9FboPDI Dx+PmiF5ed9hopPWi8gpGoIFadwpy/4NDK0ztFB12uG36vYbS+5vIgQTR5KjzJE= =P4pu -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] .NET Runtime packer PoC
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I know there is already a huge ecosystem on runtime packer/obfuscators, but for some pesky problem I was required to roll my own to incorporate in a pipeline-like system. Apart from the obvious idiocracy around runtime packing/obfuscating in the .NET/Java world, I put it on Github to provide a starting point for people to learn using high-level constructs how a runtime packer/encryptor works, so people can learn what their common weaknesses are, that they aren't mitigations to R/E and just for reusability. Code quality: crappy/hackerish Supports: .NET 4.0/2.0 URL: https://github.com/friedkiwi/netcrypt ~/y -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.20 (Darwin) Comment: GPGTools - https://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCgAGBQJSZ9M1AAoJEElyT3Tqk/McwFUH/0cI7uYaEJl5dnF6z6YhqzxN ousYILnDTg3vFT8LkmrTCIXMdIiq02Qmds6cwK4eCskFHGt6xeRUgbejewoEcVpr KzdiALOsWw6g1Vq8P+xLWv1ZQor/BNfAAPLFthyztwU4oGMgDBTJM+TR1gZohEyx oJ2KM3SPwXhhPR2sZjHV5jMbjzQg6cYh6t6i1j5IWiffDO4xEKPVChf6wECrGkMu KFJpOTsBZWFIMXcB9avJP6w+fUhuhG+imceu5spzaIkE5KU2LtJwNkmqw+SlehIB +6sjz3j3xFlzVl1zl8t5V26hYqGE6rwThRI3nttWdLS1VQMUgyx8oDAIzK27WPk= =OeZk -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] XSS vulnerabilty on eenmiljardseconden.frankdeboosere.be
Hello, I found an XSS vulnerability in http://eenmiljardseconden.frankdeboosere.be/ . This vulnerability was possible due to invalid input validation/bad programming. The owner was contacted and a satiric fix was deployed. Affected site: http://eenmiljardseconden.frankdeboosere.be/ (media stunt of Flemish television weather forecast presentator) Details: After entering a message on the "Stuur een bericht naar de toekomst"-page, you are presented an unique number of your request, to track it. You were then redirected to http://eenmiljardseconden.frankdeboosere.be/messagesent/id/[number of your request]. The number could be replaced by any value to inject content into the page. It is now solved, and if you try to execute it again, you get a link to Rick Astley's "Never gonna give you up" on YT. Timeline: 2012-05-29 - discovery and owner notification. 2012-05-30 - Fix 2012-05-31 - Disclosure at 42(at)discuss.hackerspaces.be mailinglist. Regards, Yvan Janssens ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/