[Full-disclosure] [ GLSA 200705-18 ] PPTPD: Denial of Service attack
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200705-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: PPTPD: Denial of Service attack Date: May 20, 2007 Bugs: #176936 ID: 200705-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis A vulnerability has been reported in PPTPD which could lead to a Denial of Service. Background == PPTPD is a Point-to-Point Tunnelling Protocol Daemon for Linux. Affected packages = --- Package / Vulnerable / Unaffected --- 1 net-dialup/pptpd1.3.4 = 1.3.4 Description === James Cameron from HP has reported a vulnerability in PPTPD caused by malformed GRE packets. Impact == A remote attacker could exploit this vulnerability to cause a Denial of Service on the PPTPD connection. Workaround == There is no known workaround at this time. Resolution == All PPTPD users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =net-dialup/pptpd-1.3.4 References == [ 1 ] CVE-2007-0244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0244 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200705-18.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to [EMAIL PROTECTED] or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 pgpAS8MCV1J6P.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] A Story about my Childhood: Destionation Whitehat
blabla gobbles did this gobbles did that shut up On 5/18/07, Edward Norton [EMAIL PROTECTED] wrote: On 5/18/07, jt5944-27a [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 18 May 2007 08:00:23 -0600 Technocrat [EMAIL PROTECTED] wrote: Please note the Googlemail address, which is from the UK. This most likely is not the Ross Brown. So in the last week, someone has spoofed Pedram, David and now Ross. gobbles has been a very busy turkey. you forgot to mention the sixapart outting. gobbles posted that too. congrats on moving up from moron to retard. when is the graduation party? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- smile tomorrow will be worse ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] SQL-Injection in IP-TRACKING Mod for phpBB2.0.x
Information: The IP-Tracking Mod is a Extension for phpBB2.0.x which logs all Page hits the user of the Boards do including Referer, IP and Username. It contains a SQL-Injection on Admin-Level. You can get it from: http://www.phpbb.de/viewtopic.php?t=63690postdays=0postorder=ascstart=0 Steps to reproduce: Go into your ACP, select under IP-Tracking IP-Search, select no at use wildcards and enter in Search Query what you want. It is direct passed through the Query. As Search Type I used IP. PoC: enter ' UNION SELECT user_password as ip,user_id,username,user_active,user_regdate,user_level,user_posts from phpbb_users# as Search-Query. This will display you all the hashed Userpasswords in IP ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
Good evening list members, Here is Larry Seltzer, your beloved on-field journalist reporting about the latest iDEFENSE challenge. An internal source who wishes to remain anonymous, provided information about possible bankruptcy of the VA-based cyberintelligence company, which offers monetary rewards for exploits, vulnerability information (Cross Site Scripting, LD_PRELOAD mis-use and VCP member list leakage issues). The confidential information shows certain inconsistencies in the financial department, possibly caused by the increasing money laundering crime from eGold and the other payment methods they accept. Anonymous sources comment that the company could be investing in pleasing slave Russian wifes since December of past year, with the departure of Richard Johnson and Pedram Amini (working at Microsoft and 3Com's ZDI, respectively). The remaining employees are known to have leaked CANVAS exploits as their own, causing major struggle in the Miami-based basement of the ImmunitySec team (which I hate so much, due to my affiliations with Matasano and some old @Stake people). This all might be the cause for the low prices offered by the continuous VCP challenges that the company launches on quarterly basis. The current one, offering as much as 16K USD dollars for flaws in OpenSSH, Apache, etc. Security experts from all over the world, consider the price value fair after rumors of potential pre-authentication flaws in the listed applications. Possible reasons include the retirement of GOBBLES Security, the groundbreaking revelations of the well known Dr. Neal Krawetz, the relaunch of SNOSOFT or even the raising of a new neo-luddite terrorist organization known as The Rogue Parrot Squadron, which could be linked to the tsunami disasters and 11th September. The FBI is reportedly investigating a security compromise of the systems used by the Gibson Research Corporation to host and sponsor the OpenBSD project, after DARPA stopped their funding (due to Theo De Raadt's comments to a Calgary based publication, regarding the War on Terror and gay marriages involving parrot sex and plastic surgery). This could be connected to the aforementioned underground neo-luddite organizations as well as the mysterious Internet identity known as n3td3v or it's counterpart, v3dt3n. In a conference call with Gandhi Evron, details about unsuspected botnets taking over control of Israeli nuclear facilities have been made available. A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. Other sources confirm the compromise of individuals connected to the kidnapping of the world most well known whitehat expert, Andre Protas, who still works at eEye and obtains IDA Pro bulk licenses (albeit Ilfak Guilfanov publicly refuses to support him) for the now infamous CRACKlab.ru Similar conditions seem to surround GOBBLES Security operatives, after they were forced out of retirement by the Krawetz HackerFactor gang (in retardement since circa 100 years ago). Anonymous sources agree that this message will be flagged as 'Made in GOBBLES, 100% Mighty Turkey meat' by the well known Doctor. Rumors say he will soon move to a remote, lone Island in the middle of nowhere, to create a new race portraying thick nerdy glasses, fat faces and a desperate need of publishing utterly scientifically-flawed crap in security conferences, forums, blogs and Ranum's podcast. Finally, Matasano LLC., managed to make a world out of a single Quicktime exploit. This crack commando, known for bashing the LMH/IPU identity (known to be a group of desperate gangsters willing to do real mayhem over whitehats' wifes) arguing they are publicity stunts. Drugs must be working, meds still in pharmacy. Anonymous sources comment that this desperate move for publicity might be a sign of serious financial problems in the consulting firm, which is being managed by a real moron from outer-space, Thomas P-ee-tacek (phonetic emphasis is mine). Known for publishing an IDS evasion paper circa 10 years ago, he possesses strong management skills, as well as a talent for pissing off the wrong people. He also forgot that IDS evasion is more than your own version of 'hping'. They were also stupid enough for getting as much as 10K USD from the ZDI, when they could have sold it to iDEFENSE for a higher value and fingerprinting. The consulting firm denied negotiations with Apple Computer Inc. for a possible Leopard-related contract, which could explain the absolute lameness and faggotry shown in all the public mentions of the Cupertino-based manufacturer as pleasing to work with, absolutely reliable and honest, smooth and tight as the ass of a 7-year old. Shall the world end in major struggle, fire and massive ruckuz, your beloved journalist-on-field, Larry Seltzer, will continue to bring unbiased news reports and save
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
Wow What is with all the junk mail over the last few days on the list? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Sunday, May 20, 2007 7:16 PM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies Good evening list members, Here is Larry Seltzer, your beloved on-field journalist reporting about the latest iDEFENSE challenge. An internal source who wishes to remain anonymous, provided information about possible bankruptcy of the VA-based cyberintelligence company, which offers monetary rewards for exploits, vulnerability information (Cross Site Scripting, LD_PRELOAD mis-use and VCP member list leakage issues). The confidential information shows certain inconsistencies in the financial department, possibly caused by the increasing money laundering crime from eGold and the other payment methods they accept. Anonymous sources comment that the company could be investing in pleasing slave Russian wifes since December of past year, with the departure of Richard Johnson and Pedram Amini (working at Microsoft and 3Com's ZDI, respectively). The remaining employees are known to have leaked CANVAS exploits as their own, causing major struggle in the Miami-based basement of the ImmunitySec team (which I hate so much, due to my affiliations with Matasano and some old @Stake people). This all might be the cause for the low prices offered by the continuous VCP challenges that the company launches on quarterly basis. The current one, offering as much as 16K USD dollars for flaws in OpenSSH, Apache, etc. Security experts from all over the world, consider the price value fair after rumors of potential pre-authentication flaws in the listed applications. Possible reasons include the retirement of GOBBLES Security, the groundbreaking revelations of the well known Dr. Neal Krawetz, the relaunch of SNOSOFT or even the raising of a new neo-luddite terrorist organization known as The Rogue Parrot Squadron, which could be linked to the tsunami disasters and 11th September. The FBI is reportedly investigating a security compromise of the systems used by the Gibson Research Corporation to host and sponsor the OpenBSD project, after DARPA stopped their funding (due to Theo De Raadt's comments to a Calgary based publication, regarding the War on Terror and gay marriages involving parrot sex and plastic surgery). This could be connected to the aforementioned underground neo-luddite organizations as well as the mysterious Internet identity known as n3td3v or it's counterpart, v3dt3n. In a conference call with Gandhi Evron, details about unsuspected botnets taking over control of Israeli nuclear facilities have been made available. A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. Other sources confirm the compromise of individuals connected to the kidnapping of the world most well known whitehat expert, Andre Protas, who still works at eEye and obtains IDA Pro bulk licenses (albeit Ilfak Guilfanov publicly refuses to support him) for the now infamous CRACKlab.ru Similar conditions seem to surround GOBBLES Security operatives, after they were forced out of retirement by the Krawetz HackerFactor gang (in retardement since circa 100 years ago). Anonymous sources agree that this message will be flagged as 'Made in GOBBLES, 100% Mighty Turkey meat' by the well known Doctor. Rumors say he will soon move to a remote, lone Island in the middle of nowhere, to create a new race portraying thick nerdy glasses, fat faces and a desperate need of publishing utterly scientifically-flawed crap in security conferences, forums, blogs and Ranum's podcast. Finally, Matasano LLC., managed to make a world out of a single Quicktime exploit. This crack commando, known for bashing the LMH/IPU identity (known to be a group of desperate gangsters willing to do real mayhem over whitehats' wifes) arguing they are publicity stunts. Drugs must be working, meds still in pharmacy. Anonymous sources comment that this desperate move for publicity might be a sign of serious financial problems in the consulting firm, which is being managed by a real moron from outer-space, Thomas P-ee-tacek (phonetic emphasis is mine). Known for publishing an IDS evasion paper circa 10 years ago, he possesses strong management skills, as well as a talent for pissing off the wrong people. He also forgot that IDS evasion is more than your own version of 'hping'. They were also stupid enough for getting as much as 10K USD from the ZDI, when they could have sold it to iDEFENSE for a higher value and fingerprinting. The consulting firm denied negotiations with Apple Computer Inc. for a possible Leopard-related contract, which could explain the absolute lameness and faggotry shown in
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. But how did he destroy the building is the real question? /str0ke ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. But how did he destroy the building is the real question? /str0ke Gandhi has been known to be secretly developing a bot intra transformation chromatifier, or BITCh, for short. This appears to actualy harness the power of teh bots DoS functions, via a fiber optic link to power a wave disruptor, being co developed by MI6. Digging further, reports are that an engineer by the aformentioned code name v3dt3n has been a major player in this. This is all the info I can find for now... hope it helps, M.Wood ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
Thanks for the info MW, If you have anymore info on this new and highly technical BITCh let me know. /str0ke On 5/20/07, Morning Wood [EMAIL PROTECTED] wrote: A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. But how did he destroy the building is the real question? /str0ke Gandhi has been known to be secretly developing a bot intra transformation chromatifier, or BITCh, for short. This appears to actualy harness the power of teh bots DoS functions, via a fiber optic link to power a wave disruptor, being co developed by MI6. Digging further, reports are that an engineer by the aformentioned code name v3dt3n has been a major player in this. This is all the info I can find for now... hope it helps, M.Wood ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
can any of you wankers tell if this is the same moron with no life that keeps posting on FD or if it is a bunch of copy-catters now? unfortunately it appears the ever increasing noise on this list is coming from dumb-shits that havent an idea that theyre failing to embarass anyone and theyre just continuing to prove what a sad pathetic waste of life they are. while equally as lame and useless, this last post wasnt anything like the other spoofs. i might assume this larry seltzer post is just a copy-cat of a new loser making a try to be the centre of attention. in either case you have miserably failed at getting any sort of message across other than youre a bumbling fucktard with no life. mentioning n3td3v and gobbles-they might be one and the same. it wouldnt surprise me if these past posts were the work of the same group of morons. its quite obvious that there is some form of mental deficiency with the lot of you. im not sure why anyone even mentions gobbles these days. you just give the shit-head some happiness. remember youre dealing with a person that down syndrome or something similar. its amazing he could ever function. ive seen the specials on the television about this. those with down syndrome have some function they can latch on to and work well with,,like playing piano or math. it appears in the case of you all,,especially gobbles that using a computer seems to be your area of focus. have you seen this bloody guy? its a surprise to me his tongue doesnt just hang from his mouth. i believe this is a picture of him now,, http://static.flickr.com/75/195983063_e380efd610.jpg please just be advised you are a useless piece of shit along with those you are copy-catting. i know you will read this and most likely not reply. but i do hope you know you are very much so useless in life and most of us might delete your mail or laugh it off,,but we all mostly feel bad for you and how pathetic you are. --jMcD Good evening list members, Here is Larry Seltzer, your beloved on-field journalist reporting about the latest iDEFENSE challenge. An internal source who wishes to remain anonymous, provided information about possible bankruptcy of the VA-based cyberintelligence company, which offers monetary rewards for exploits, vulnerability information (Cross Site Scripting, LD_PRELOAD mis-use and VCP member list leakage issues). The confidential information shows certain inconsistencies in the financial department, possibly caused by the increasing money laundering crime from eGold and the other payment methods they accept. Anonymous sources comment that the company could be investing in pleasing slave Russian wifes since December of past year, with the departure of Richard Johnson and Pedram Amini (working at Microsoft and 3Com's ZDI, respectively). The remaining employees are known to have leaked CANVAS exploits as their own, causing major struggle in the Miami-based basement of the ImmunitySec team (which I hate so much, due to my affiliations with Matasano and some old @Stake people). This all might be the cause for the low prices offered by the continuous VCP challenges that the company launches on quarterly basis. The current one, offering as much as 16K USD dollars for flaws in OpenSSH, Apache, etc. Security experts from all over the world, consider the price value fair after rumors of potential pre-authentication flaws in the listed applications. Possible reasons include the retirement of GOBBLES Security, the groundbreaking revelations of the well known Dr. Neal Krawetz, the relaunch of SNOSOFT or even the raising of a new neo-luddite terrorist organization known as The Rogue Parrot Squadron, which could be linked to the tsunami disasters and 11th September. The FBI is reportedly investigating a security compromise of the systems used by the Gibson Research Corporation to host and sponsor the OpenBSD project, after DARPA stopped their funding (due to Theo De Raadt's comments to a Calgary based publication, regarding the War on Terror and gay marriages involving parrot sex and plastic surgery). This could be connected to the aforementioned underground neo-luddite organizations as well as the mysterious Internet identity known as n3td3v or it's counterpart, v3dt3n. In a conference call with Gandhi Evron, details about unsuspected botnets taking over control of Israeli nuclear facilities have been made available. A crack commando lead by Gandhi (who showed up in boxing gloves and elastic pants) managed to destroy an Iranian building complex used to conduct Denial of Service attacks against str0ke's private IRC intelligence service. Other sources confirm the compromise of individuals connected to the kidnapping of the world most well known whitehat expert, Andre Protas, who still works at eEye and obtains IDA Pro bulk licenses (albeit Ilfak Guilfanov publicly refuses to support him) for the now
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
Hi Johnny McDanger, Could you take a piece of hose, fairly thick and hollow right, wipe it over with a bit of lube and put it pretty deep up your ass. Now get one or ur or ur neighbors kids to grab some barbed wire, feed it up the hose ok and then when ur right up the end of ur bowels can u slowly pull the hose back out over the barbed wire. You can discard this hose now u dont need it anymore. Then maybe just tie off the other end of the barbed wire to a segway and get one or ur fagot mates to go for a ride. Thanks, gaz On 5/21/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: can any of you wankers tell if this is the same moron with no life that keeps posting on FD or if it is a bunch of copy-catters now? unfortunately it appears the ever increasing noise on this list is coming from dumb-shits that havent an idea that theyre failing to embarass anyone and theyre just continuing to prove what a sad pathetic waste of life they are. while equally as lame and useless, this last post wasnt anything like the other spoofs. i might assume this larry seltzer post is just a copy-cat of a new loser making a try to be the centre of attention. in either case you have miserably failed at getting any sort of message across other than youre a bumbling fucktard with no life. mentioning n3td3v and gobbles-they might be one and the same. it wouldnt surprise me if these past posts were the work of the same group of morons. its quite obvious that there is some form of mental deficiency with the lot of you. im not sure why anyone even mentions gobbles these days. you just give the shit-head some happiness. remember youre dealing with a person that down syndrome or something similar. its amazing he could ever function. ive seen the specials on the television about this. those with down syndrome have some function they can latch on to and work well with,,like playing piano or math. it appears in the case of you all,,especially gobbles that using a computer seems to be your area of focus. have you seen this bloody guy? its a surprise to me his tongue doesnt just hang from his mouth. i believe this is a picture of him now,, http://static.flickr.com/75/195983063_e380efd610.jpg please just be advised you are a useless piece of shit along with those you are copy-catting. i know you will read this and most likely not reply. but i do hope you know you are very much so useless in life and most of us might delete your mail or laugh it off,,but we all mostly feel bad for you and how pathetic you are. --jMcD Good evening list members, Here is Larry Seltzer, your beloved on-field journalist reporting about the latest iDEFENSE challenge. An internal source who wishes to remain anonymous, provided information about possible bankruptcy of the VA-based cyberintelligence company, which offers monetary rewards for exploits, vulnerability information (Cross Site Scripting, LD_PRELOAD mis-use and VCP member list leakage issues). The confidential information shows certain inconsistencies in the financial department, possibly caused by the increasing money laundering crime from eGold and the other payment methods they accept. Anonymous sources comment that the company could be investing in pleasing slave Russian wifes since December of past year, with the departure of Richard Johnson and Pedram Amini (working at Microsoft and 3Com's ZDI, respectively). The remaining employees are known to have leaked CANVAS exploits as their own, causing major struggle in the Miami-based basement of the ImmunitySec team (which I hate so much, due to my affiliations with Matasano and some old @Stake people). This all might be the cause for the low prices offered by the continuous VCP challenges that the company launches on quarterly basis. The current one, offering as much as 16K USD dollars for flaws in OpenSSH, Apache, etc. Security experts from all over the world, consider the price value fair after rumors of potential pre-authentication flaws in the listed applications. Possible reasons include the retirement of GOBBLES Security, the groundbreaking revelations of the well known Dr. Neal Krawetz, the relaunch of SNOSOFT or even the raising of a new neo-luddite terrorist organization known as The Rogue Parrot Squadron, which could be linked to the tsunami disasters and 11th September. The FBI is reportedly investigating a security compromise of the systems used by the Gibson Research Corporation to host and sponsor the OpenBSD project, after DARPA stopped their funding (due to Theo De Raadt's comments to a Calgary based publication, regarding the War on Terror and gay marriages involving parrot sex and plastic surgery). This could be connected to the aforementioned underground neo-luddite organizations as well as the mysterious Internet identity known as n3td3v or it's counterpart, v3dt3n. In a conference call with
Re: [Full-disclosure] Retrieving deleted sms/mms from Nokia phone (Symbian S60)
gd, You can also recover SMS from flash memory cards used in these Nokia phones. The phones has a feature wherein you can archive or backup SMS to the cards. So even if they delete the backup you could just undelete the .dat files using something like Testdisk to recover the messages. On 5/16/07, Davide Del Vecchio [EMAIL PROTECTED] wrote: Hello list, During some research, I found an intersting feature on my Nokia mobile phone; I was able to retrieve any apparently deleted sms/mms. Letting aside some paranoid thoughts about WHY this sms are not deleted, I think that, while this represents an high risk for our privacy, this discover could give some hint into mobile phone forensics and anti-forensics field. First, I would like to tell you that I tested this on my Nokia N-gage and on a Nokia 6600 but I am quiete sure that this procedure works on every Nokia Symbian S60 (maybe other vendors). So I strongly incite you to test it on your mobile phone and share the results. Tested products: Nokia N-gage, firmware version: V 4.03 26-11-2003 NEM-4 Nokia 6600 Maybe the whole S60 series. Procedure: Download the Nokia PC Suite for your mobile phone and make a backup on your local hd. I used PC Suite for Nokia N-Gage Version 1.0.0 http://www.nokia.com/pcsuite It will create a huge number of .dat files in a specified directory. Download, install and start Cygwin. This is not required but suggested, you could use an hexadecimal editor and a bit of patience but using Cygwin is surely faster. http://www.cygwin.com Move into the backup directory. $ ls -al | less total 6016 drwx--+ 2 Administrator Nessuno 0 Feb 6 01:35 . drwx--+ 7 Administrator Nessuno 0 Feb 5 23:00 .. -rwx--+ 1 Administrator Nessuno 2972 Nov 27 2003 1.dat -rwx--+ 1 Administrator Nessuno 22913 Nov 27 2003 10.dat -rwx--+ 1 Administrator Nessuno 1062 Feb 16 2005 100.dat -rwx--+ 1 Administrator Nessuno 3912 Aug 9 2005 1000.dat -rwx--+ 1 Administrator Nessuno 2750 Aug 25 2005 1001.dat -rwx--+ 1 Administrator Nessuno 8741 Dec 15 2005 1002.dat -rwx--+ 1 Administrator Nessuno 9926 Dec 20 2005 1003.dat -rwx--+ 1 Administrator Nessuno 63 Dec 30 2005 1004.dat -rwx--+ 1 Administrator Nessuno 23988 Jan 13 2006 1005.dat -rwx--+ 1 Administrator Nessuno 18 Jan 23 2006 1006.dat ... ... etc etc (files created by the nokia pc suite). Choose a file to examine. $ ls -al 3102.dat -rwx--+ 1 Administrator Nessuno 666569 Feb 5 23:59 3102.dat Use the command strings to find printable characters. $ strings 3102.dat | less Ciao! Auguro a te ed alla tua [EMAIL PROTECTED] Farlonesi ... ... etc etc This is part of an sms I deleted and that I don't see on my phone. So, just grep every file in the directory to find the complete sms: $ grep -i Auguro a te ed alla * Binary file 1770.dat matches Binary file 3102.dat matches The sms has been found in 1770.dat file, let's see what's inside it: $ strings 1770.dat Ciao! Auguro a te ed alla tua famiglia un felice anno nuovo! E. 4+393915253350 4+393922378986 Got it! The complete sms, with the phone number of the sender (phone numbers have been changed). In earlier versions of Nokia PC Suite it just creates a .nbu file and you can just edit it with an hexadecimal editor. I mailed the Nokia support and they told me they didn't know about this bug and would like to know more informations about impacted models but they don't have any intention to release some kind of patch. I contacted Symbian too, they told me that Symbian sources are distributed to mobile phone vendors and so they cannot release any final-user patch. This description is also avaiable here: http://www.alighieri.org/advisories/retrieving_deleted_sms.txt (ENG) http://www.alighieri.org/advisories/recuperare_sms_cancellati.txt (ITA) Regards, Davide Del Vecchio. -- http://www.alighieri.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] POC CODE - TI89 Titanium Resident EPO Calculator Virus (T89.GAARA)
Hey, I would like to introduce, world's first resident EPO calculator virus - t89.Gaara, the source code and few other things like .89z file format viewing utility or disabling the TI calcs FlashROM write protection can be found at: http://piotrbania.com/all/ti89/ *EDUCATIONAL PURPOSES ONLY WHATSOEVER* best regards, pb -- Piotr Bania - [EMAIL PROTECTED] - 0xCD, 0x19 Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33 http://www.piotrbania.com - Key ID: 0xBE43AC33 - The more I learn about men, the more I love dogs. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Remider: VNSECON 07 Call for Papers ends on June 08
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, A reminder to everyone that the Call for Papers for the VNSECON 2007 conference in Saigon, Vietnam this August ends on the first week of next month (June 08). Thanks and looking forward to seeing you all there. - -- VNSECON 07 http://conf.vnsecurity.net - Original Message `` ~ @@ ==VNSECURITY== CALL FOR PAPERS |=-=[ VNSECON 2007 ]=--=| |=-=| |=---=[ August 3-4, 2007 ]==| |=--=[ Ho Chi Minh City, Vietnam ]==| cfp @ vnsecurity.net [ http://conf.vnsecurity.net/cfp2007.txt ] The Call for Papers for VNSECON Security Conference 2007 is now open. VNSECON 2007 is a security conference taking place downtown in Ho Chi Minh City (aka Saigon), Vietnam from the 3rd to 4th of August 2007. Some invited papers have been confirmed, but a limited number of speaking slots are still available. - --[ Introduction VNSECON 2007 aims to be an event that enables the dissemination, discussion and sharing of security information between security communities. We organize a conference that gathers security experts, from the mainstream network security arena as well as the underground community, to share their researches, discoveries and experiences. We promise to make VNSECON a great and fun event for all security enthusiasts, regardless the colors on their hats. - --[ The Venue Ho Chi Minh City, fondly referred to as Saigon - The Pearl of the Orient, still retains a charm reminiscent of its French- European heritage in the midst of rapid commercialization. The city promises an endless fascination for travelers wanting to explore Vietnam's rich 4,000-year history. It is a bustling, dynamic and industrious center, the largest city in the country, the economic capital and the cultural trendsetter. The streets, where much of the city's life takes place, is a myriad of street markets, shops, pavement cafes, stands-on-wheels and vendors selling wares spread out on sidewalks. More info: http://conf.vnsecurity.net/venue - --[ Topics Topics that will be considered include, but are not limited to: - 0dayz - Web Security - Criminal Laws - GSM, GPRS and CDMA Security - VoIP Security / Hacking - Wireless Security / Hacking - Exploitation - Attack and Defense Techniques - Access Control and Authentication - Reverse Engineering - Application Security, Testing, Fuzzing - Code Auditing - Virtualization - Malicious Code - Viruses, Worms, and Trojans - Spyware, Phishing and Botnets - Banking Security - Phreaking - Cryptography - Forensics - --[ Submissions Deadline for abstract submission: June 08th, 2007 Deadline for panel submission: June 15th, 2007 Deadline for paper submission: July 07th, 2007 Paper proposals should consist of the following information: 1) Topic synopsis, title, and a one paragraph description. 2) Presenter information (name, handler, country of origin / passport) and contact information (e-mail, postal address, phone, fax). 3) Employer and/or affiliations. 4) Brief biography, list of publications and papers. 5) Any significant presentation and educational experience / background. 6) Reason why this material is innovative, significant or an important tutorial. 7) Will you have full text available or only slides? Please send your submission to cfp @ vnsecurity.net. Please include the plain text version of this information in your email as well as any file, pdf, doc, sxw, ppt, or html attachments. Note that all speakers will be allocated 50 minutes of presentation time. If you require more time, please inform us in your submission. - --[ Speakers' Privileges 1) Accommodation will be provided (03 nights). We may be able to cover your traveling expense, but only if you let us know in advance in your submission. 2) Conference party. 3) Half-day tour after conference to Cu Chi Tunnels, an immense network of connecting underground tunnels from the Vietnam War (http://en.wikipedia.org/wiki/Cu_Chi_tunnels) Bonus: 5 rounds of firing AK-47 in the shooting range. 4) A large amount of free beer! - --[ Program Committee (alphabet order) 1) Andrew Griffiths (Ruxcon, pulltheplug.org) 2) Dug Song, (Arbor Networks, monkey.org) 3) HD Moore (BreakingPoint Systems, Metasploit Project) 4) Nguyen Anh Quynh (AIST Japan, VNSECURITY) 5) Red Dragon (THC, HERT, VNSECURITY) 6) SeekZero - Le Dinh Long (VNSECURITY) 7) SK Chong (SCAN Associates) 8) Skyper - Ralf Kaiser (ex-Phrack, THC) 9) van Hauser (The Hackers Choice - THC) - --[ Capture the Flag As part of VNSECON 2007, we organize an attack and defense Capture The Flag challenge. We are inviting
Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies
On 5/20/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: can any of you wankers tell if this is the same moron with no life that keeps posting on FD or if it is a bunch of copy-catters now? unfortunately it appears the ever increasing noise on this list is coming from dumb-shits that havent an idea that theyre failing to embarass anyone and theyre just continuing to prove what a sad pathetic waste of life they are. while equally as lame and useless, this last post wasnt anything like the other spoofs. i might assume this larry seltzer post is just a copy-cat of a new loser making a try to be the centre of attention. in either case you have miserably failed at getting any sort of message across other than youre a bumbling fucktard with no life. mentioning n3td3v and gobbles-they might be one and the same. it wouldnt surprise me if these past posts were the work of the same group of morons. its quite obvious that there is some form of mental deficiency with the lot of you. im not sure why anyone even mentions gobbles these days. you just give the shit-head some happiness. remember youre dealing with a person that down syndrome or something similar. its amazing he could ever function. ive seen the specials on the television about this. those with down syndrome have some function they can latch on to and work well with,,like playing piano or math. it appears in the case of you all,,especially gobbles that using a computer seems to be your area of focus. have you seen this bloody guy? its a surprise to me his tongue doesnt just hang from his mouth. i believe this is a picture of him now,, http://static.flickr.com/75/195983063_e380efd610.jpg please just be advised you are a useless piece of shit along with those you are copy-catting. i know you will read this and most likely not reply. but i do hope you know you are very much so useless in life and most of us might delete your mail or laugh it off,,but we all mostly feel bad for you and how pathetic you are. --jMcD Is that a hint^H^H^H^H large amount of jealousy I sense, jMcD? you're rant is almost as long as larry's. h4h4. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
