http://addxorrol.blogspot.com/2007/07/ive-been-denied-entry-to-us-essentially.html
http://www.blackhat.com/html/bh-usa-07/train-bh-us-07-hf.html
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
in
mind.
LinkedIn at least uses HTTPS by default, which should deter sniffing.
I don't think MySpace gives you the same luxury...
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
work and I am lazy.
Did you hook in to find what windows code is producing the majority of
this DoS? Maybe some unnecessary loop added in Windows XP SP2? It it
not surprising I guess. But again, a dumb local attack, unless proxy
ARP is configured...
--
Kristian Hermansen
hashes of hashes?
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
that
is absolutely critical to the conclusions, rather than just Other
OS's have more bugs, see, look at my graphs...
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
;
+ break;
case 'i':
intf = optarg;
break;
--
Kristian Hermansen
--- arpspoof.c.orig 2007-06-22 21:24:26.169638763 -0400
+++ arpspoof.c 2007-06-25 23:08:51.786962797 -0400
@@ -31,12 +31,13 @@
static struct ether_addr spoof_mac
An entire month dedicated to denial of service would be quite entertaining...
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
-days?
Heh...good luck :-)
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
conditions. However, I am still interested in how
likely an organization is to try something like this for both
legitimate and illegitimate purposes.
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
-bit ASLR entropy means it is not very likely to
hit your offset :-) Has anyone even attempted a 64-bit XP/Vista ANI
exploit?
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Exactly...
Date: Mon, 12 Mar 2007 11:28:38 -0500
From: Jason Areff [EMAIL PROTECTED]
Subject: Re: [Full-disclosure] firefox 2.0.0.2 crash
To: Kristian Hermansen (khermans) [EMAIL PROTECTED]
Cc: full-disclosure@lists.grok.org.uk
Message-ID:
[EMAIL PROTECTED]
Content-Type: text/plain
OK
Data transfer complete
/usr/bin/firefox '/tmp/ggdfOe/L23367-1095TMP.gif'
lynx: Start file could not be found or is not text/html or text/plain
Exiting...
--
Kristian Hermansen
___
Date: Fri, 09 Mar 2007 20:31:40 +0200
From: T?nu Samuel [EMAIL PROTECTED]
Subject: [Full-disclosure
To have a totally anonymous email, why not use a public email service
like mailinator, combined with TOR to route your HTTP traffic to that
service? Now, mailinator may keep logs, but they can only go back to
the TOR host...
--
Kristian Hermansen
a PacketShaper from Packateer. It is a layer7 filtering
device with a nice web admin tool that allows you to customize any
protocol's bandwidth usage (0 KB/s if you want). So, that is something
else for you to check out...where do you work?
--
Kristian Hermansen [EMAIL PROTECTED]
signature.asc
Description
) Local Denial Of Service
As stated here by many before, if someone has enough time and resources,
they will get at your code. The best you can do is to frustrate them so
much that the analysis consumes their time for friends, beer, wo/men,
etc...
--
Kristian Hermansen [EMAIL PROTECTED]
signature.asc
discovery to please post it here (Nick didn't respond to my
email). I am interested to know more about it, and maybe the original
discoverer found other things as well...thanks
--
Kristian Hermansen [EMAIL PROTECTED]
Cisco Systems, Inc.
___
Full-Disclosure - We
On Thu, 2005-05-26 at 20:36 +0100, [EMAIL PROTECTED] wrote:
Anyone got any ideas how to do this with only alpha numeric chars?
Would dissembler do what you want? It should be able to squeeze the
ascii shellcode for you ;-)
http://www.phiral.com/research/dissembler.html
--
Kristian Hermansen
and is a
horrible rip-off product. Use osCommerce instead, since it is also more
secure and Open Source. If you want to be raped, economically and
mentally, use Miva.
http://www.oscommerce.com/
--
Kristian Hermansen [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
out to Jon Hermansen for a few details which helped with
further exploitations.
--
Kristian Hermansen [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
___
Full-Disclosure - We believe in it.
Charter: http
19 matches
Mail list logo