[Full-disclosure] Month of Random Hashes: DAY SEVENTEEN
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ITEM #1] md5: 4650eefd79a2963a6b819757886a391b sha1: 1d15c6d9890047e725c297976f217bf3f93b7b45 sha256: 6fba8628f72870cf98210a245a4fd0d02ed7883fe8f93e1a4a5969eb765a068e [ITEM #2] md5: c260f9a1aa47e8a324534bab47b2dcf1 sha1: c4973a9c0da8c0a5546e5e48b412047ffce976e2 sha256: 45192f295950c461243196de6d629b1285591bf86c5c858476b2163cb65d9333 [ITEM #3] md5: 7f49126ae18af38d70df3703496bc00d sha1: e03e2dea1e02ce47328e982c88825dfc6f7b959e sha256: b2cf54bf73213e48db2cc9d2e39f79a07c483b734425d430d5c1c88639fa9cad [ITEM #4] md5: 1dc68a2e1316325e2c64aad50e5e2ae0 sha1: a9191b5bcc2360bf09bfbe2b02b601bb555e19a4 sha256: 97ac445d813cd82f3fb51f9ebb43e33c3e33a13d46cb02d3a927cda257ab462a [ITEM #5] md5: 8eca43d5cb36c7face4802c2bafbf773 sha1: b495f928b02430bfbc5ce7ca768560f83cf88df8 sha256: 6c621ac9fde47d8461fe5bc13748ebc8ee48c07891b6e55cb1cb3003528ecc11 [ITEM #6] md5: 7bc61acdef6539bcde8685766318d913 sha1: f15410d4c27ce58ca4ae4aa4a5df537a5abdaa34 sha256: db9aa12b244768104fdaddd10855f1520c932b1de3cbadf03e32dd9eab1bb9b9 [ITEM #7] md5: 44df22e78e6b981eb7bc797b850c2767 sha1: a7a4ea4fd2a15014c821d87be232273b14ae09e0 sha256: 1b4ba45899a4f435dfeba1cc072deef4c684b4c06dfbb73c3ce388be304801b2 [ITEM #8] md5: 3fe54659a92cf7210d25a3e4e1cb9a33 sha1: c26191b15b05fa069403f4af3124aa1944a047c3 sha256: 9ff2f5ad5d9e73bd83ed8785488080fe5c7444d884c1f8e5ce1c8b912e211ab9 [ITEM #9] md5: 1607a3286396c1ff3ae012a7c3c4aa6a sha1: d55b0e3e073ba1e424e5f2f5cf22314a5b67707c sha256: e9af674f3d7decb8dad2cb0079ce42910244c78de70c42640fa067d55c62be27 [ITEM #10] md5: 7d24098bf52ad76f83d185f220281722 sha1: abeea368591c893d6c0bc2de09c56b34cd48994f sha256: 0abef5fd0d5f9b8d820455b768ab35eccc0718aa43d2a11156de1e6ac2df8e09 [ITEM #11] md5: 07fa14eb19b2d5b5dc058e9817f2c7b3 sha1: 9105937b7c823783b035eee930b9256c7d842b43 sha256: 41a8a9eb08cce5f95a0fb55fd40f43ef6b164297807be4948aaa8ade3d4af82a [ITEM #12] md5: 8ec09706bf2c3b3a442997e03bcbc0bc sha1: 06f44bb197acbea5f509ed1acb8d508297a8c636 sha256: 439ba2da738897f88d7a6863148c3213607535da6ac6f0dcd7d2676aab80b909 [ITEM #13] md5: 31887e9595fedc553e24636f3d894314 sha1: a46d7e5017d91afd112a558cb30768aba4caf56a sha256: d7a9ea633cb9b8599b600372854e2e23a4bcf2ff33eb95c51a429d3dbc553ffe [ITEM #14] md5: c5c4fcd7fba5c2e8473a57b4cce56326 sha1: c0a934b2c483419d3f607ade2553e9bb5b9ffc6f sha256: 7814d5505b32e846a26e813257a64a57bac3a2820e2f70661e822c6ee083fb82 [ITEM #15] md5: ee977c9800f3dd1d438bde29af73c195 sha1: 6ef708f5a978b910221ff74a6332616e6e25b2e1 sha256: a73a1d4717a0521a889ac0a5245a1d265b69f2d3805e17890f9ece5872be495f [ITEM #16] md5: 3dc0852435f67a65e8aca9c1f0e9e048 sha1: 81a714c155b1ecff3aca37b4d22be950af7dbecd sha256: 326799f5a90cb1b809a13e0fcc9210b76e90b8e70719f2994974040d151bc761 [ITEM #17] md5: 93691cd5bc0a671a9b87d8d9517db79e sha1: 57212e40d1419f17193028254fdb82c316e1384d sha256: dd53027000c824fa14ac442560fcc91231467705bf01bddb9f2520db86eda6c9 [ITEM #18] md5: be864a82f04ceb62192dd48f3096d3cb sha1: 0a002777b1628b1f36dc98f692ffe67d20fe6cb8 sha256: 17d9d9a6baaff135620c73497cbe17b65f988586e2a7927c4d4a100d5c9061e9 [ITEM #19] md5: 33ae86388d216f5ad00185d247a78ad3 sha1: cbd3d0f4ff8b8e43b63203534cce737ecf290df9 sha256: 64c54af42a62c59c4ec28b619af0257369e4b8ba49e11ffe3f41feec112a8123 [ITEM #20] md5: f287207bfcc334b2e1846c8ace2b639b sha1: 62b39b2a22b4d8e2b77d5b2014c32069ad9565dd sha256: f826d9f0adc236e8b9db763fef3f8b6219ff2fd00cc5eebeadeb602f4f8a0899 [ITEM #21] md5: 7d25007aded800f86cfd839ec3f726a8 sha1: 5d6ae41a228f2ffb1ad9f4008e36d31f92dec2b6 sha256: a8bf814404c98587e4bf2fd5e1410a9a8205d3177891ee3d84a62f65c57cfea9 [ITEM #22] md5: b7a207ec0c128b2f91a0d3cfe51f09c7 sha1: 92fd539e6c0c7f8a2fea686dac3a69b8f2624197 sha256: 55c63b13f5c7c13b2a23917a853b477165fcad233a7ee6daf170f22603f2e8e3 [ITEM #23] md5: 2605b0ffba357c6c0f2ce20c16499fd8 sha1: 178c0bb0c37d927de694e9452bf90673fee0cc3c sha256: bf85fadb12913cedc1135cf6f8ca680f9952c6fbd14aa59b13041735dbe98822 [ITEM #24] md5: 10819e06ad7303ff418392b445ce4c56 sha1: 3f428bed2280e84033bc04aaf337d06d8f2db009 sha256: 5c6c53d55f6ac88a38fed50e98173d9a4299add0564b8976c3c1285379dc9236 [ITEM #25] md5: 0a5008601eaf7e7d6a10638426679ac7 sha1: 711b78ca90ad62464a15a9c416133468b2dc2e70 sha256: dad29b6d5c40bef021adec8fdbdcdd93c6e6a11b8dc92130d9c94c2de8a1db75 [ITEM #26] md5: 369f63ef08b0aac1e50b5c8a2ccb56a7 sha1: ae60f3e6fe51bb717f83d26d7e6b1fec7d1865e8 sha256: 723a592f79387a7d09d667a685bc01cd3668603f0d6a738da7e60a2642cbbcb1 [ITEM #27] md5: 1530623aa2c9f09fed2faee3dd6704e0 sha1: e7a44dd4682073a0a3940db7a1e5bcbfc7e25e23 sha256: 643afd213f821fac71e4689da3f326cb023137b7b64563fab9e244094ee222ba [ITEM #28] md5: 072563be2bf72c473acb20c1e661b865 sha1: bce3b53c61fea807be3d7d9b0bfe1a663ebe4079 sha256: c5ec9a825c6dc992bf88ce753f803cda6302e24d64f653f9da11d1a351c8b3a8 [ITEM #29] md5: 3a2b109bc15a1167f0e71fd4b14e1f98 sha1: 4b20db897dd2f65a79d86fd18a99bdbd34e2be10 sha256: 499401a303cd5885077470e86a38a6b22d450b04e0acc7c7ebe9f8751f4aebe7 [ITEM #30] md5:
Re: [Full-disclosure] Month of Random Hashes: DAY SEVENTEEN
can someone please explain why a bunch of random hashes are posted everyday in this mailing list? what is the significance of the random hashes and why should i read them everday? --- Month of Random Hashes [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [ITEM #1] md5: 4650eefd79a2963a6b819757886a391b sha1: 1d15c6d9890047e725c297976f217bf3f93b7b45 sha256: 6fba8628f72870cf98210a245a4fd0d02ed7883fe8f93e1a4a5969eb765a068e [ITEM #2] md5: c260f9a1aa47e8a324534bab47b2dcf1 sha1: c4973a9c0da8c0a5546e5e48b412047ffce976e2 sha256: 45192f295950c461243196de6d629b1285591bf86c5c858476b2163cb65d9333 [ITEM #3] md5: 7f49126ae18af38d70df3703496bc00d sha1: e03e2dea1e02ce47328e982c88825dfc6f7b959e sha256: b2cf54bf73213e48db2cc9d2e39f79a07c483b734425d430d5c1c88639fa9cad [ITEM #4] md5: 1dc68a2e1316325e2c64aad50e5e2ae0 sha1: a9191b5bcc2360bf09bfbe2b02b601bb555e19a4 sha256: 97ac445d813cd82f3fb51f9ebb43e33c3e33a13d46cb02d3a927cda257ab462a [ITEM #5] md5: 8eca43d5cb36c7face4802c2bafbf773 sha1: b495f928b02430bfbc5ce7ca768560f83cf88df8 sha256: 6c621ac9fde47d8461fe5bc13748ebc8ee48c07891b6e55cb1cb3003528ecc11 [ITEM #6] md5: 7bc61acdef6539bcde8685766318d913 sha1: f15410d4c27ce58ca4ae4aa4a5df537a5abdaa34 sha256: db9aa12b244768104fdaddd10855f1520c932b1de3cbadf03e32dd9eab1bb9b9 [ITEM #7] md5: 44df22e78e6b981eb7bc797b850c2767 sha1: a7a4ea4fd2a15014c821d87be232273b14ae09e0 sha256: 1b4ba45899a4f435dfeba1cc072deef4c684b4c06dfbb73c3ce388be304801b2 [ITEM #8] md5: 3fe54659a92cf7210d25a3e4e1cb9a33 sha1: c26191b15b05fa069403f4af3124aa1944a047c3 sha256: 9ff2f5ad5d9e73bd83ed8785488080fe5c7444d884c1f8e5ce1c8b912e211ab9 [ITEM #9] md5: 1607a3286396c1ff3ae012a7c3c4aa6a sha1: d55b0e3e073ba1e424e5f2f5cf22314a5b67707c sha256: e9af674f3d7decb8dad2cb0079ce42910244c78de70c42640fa067d55c62be27 [ITEM #10] md5: 7d24098bf52ad76f83d185f220281722 sha1: abeea368591c893d6c0bc2de09c56b34cd48994f sha256: 0abef5fd0d5f9b8d820455b768ab35eccc0718aa43d2a11156de1e6ac2df8e09 [ITEM #11] md5: 07fa14eb19b2d5b5dc058e9817f2c7b3 sha1: 9105937b7c823783b035eee930b9256c7d842b43 sha256: 41a8a9eb08cce5f95a0fb55fd40f43ef6b164297807be4948aaa8ade3d4af82a [ITEM #12] md5: 8ec09706bf2c3b3a442997e03bcbc0bc sha1: 06f44bb197acbea5f509ed1acb8d508297a8c636 sha256: 439ba2da738897f88d7a6863148c3213607535da6ac6f0dcd7d2676aab80b909 [ITEM #13] md5: 31887e9595fedc553e24636f3d894314 sha1: a46d7e5017d91afd112a558cb30768aba4caf56a sha256: d7a9ea633cb9b8599b600372854e2e23a4bcf2ff33eb95c51a429d3dbc553ffe [ITEM #14] md5: c5c4fcd7fba5c2e8473a57b4cce56326 sha1: c0a934b2c483419d3f607ade2553e9bb5b9ffc6f sha256: 7814d5505b32e846a26e813257a64a57bac3a2820e2f70661e822c6ee083fb82 [ITEM #15] md5: ee977c9800f3dd1d438bde29af73c195 sha1: 6ef708f5a978b910221ff74a6332616e6e25b2e1 sha256: a73a1d4717a0521a889ac0a5245a1d265b69f2d3805e17890f9ece5872be495f [ITEM #16] md5: 3dc0852435f67a65e8aca9c1f0e9e048 sha1: 81a714c155b1ecff3aca37b4d22be950af7dbecd sha256: 326799f5a90cb1b809a13e0fcc9210b76e90b8e70719f2994974040d151bc761 [ITEM #17] md5: 93691cd5bc0a671a9b87d8d9517db79e sha1: 57212e40d1419f17193028254fdb82c316e1384d sha256: dd53027000c824fa14ac442560fcc91231467705bf01bddb9f2520db86eda6c9 [ITEM #18] md5: be864a82f04ceb62192dd48f3096d3cb sha1: 0a002777b1628b1f36dc98f692ffe67d20fe6cb8 sha256: 17d9d9a6baaff135620c73497cbe17b65f988586e2a7927c4d4a100d5c9061e9 [ITEM #19] md5: 33ae86388d216f5ad00185d247a78ad3 sha1: cbd3d0f4ff8b8e43b63203534cce737ecf290df9 sha256: 64c54af42a62c59c4ec28b619af0257369e4b8ba49e11ffe3f41feec112a8123 [ITEM #20] md5: f287207bfcc334b2e1846c8ace2b639b sha1: 62b39b2a22b4d8e2b77d5b2014c32069ad9565dd sha256: f826d9f0adc236e8b9db763fef3f8b6219ff2fd00cc5eebeadeb602f4f8a0899 [ITEM #21] md5: 7d25007aded800f86cfd839ec3f726a8 sha1: 5d6ae41a228f2ffb1ad9f4008e36d31f92dec2b6 sha256: a8bf814404c98587e4bf2fd5e1410a9a8205d3177891ee3d84a62f65c57cfea9 [ITEM #22] md5: b7a207ec0c128b2f91a0d3cfe51f09c7 sha1: 92fd539e6c0c7f8a2fea686dac3a69b8f2624197 sha256: 55c63b13f5c7c13b2a23917a853b477165fcad233a7ee6daf170f22603f2e8e3 [ITEM #23] md5: 2605b0ffba357c6c0f2ce20c16499fd8 sha1: 178c0bb0c37d927de694e9452bf90673fee0cc3c sha256: bf85fadb12913cedc1135cf6f8ca680f9952c6fbd14aa59b13041735dbe98822 [ITEM #24] md5: 10819e06ad7303ff418392b445ce4c56 sha1: 3f428bed2280e84033bc04aaf337d06d8f2db009 sha256: 5c6c53d55f6ac88a38fed50e98173d9a4299add0564b8976c3c1285379dc9236 [ITEM #25] md5: 0a5008601eaf7e7d6a10638426679ac7 sha1: 711b78ca90ad62464a15a9c416133468b2dc2e70 sha256: dad29b6d5c40bef021adec8fdbdcdd93c6e6a11b8dc92130d9c94c2de8a1db75 [ITEM #26] md5: 369f63ef08b0aac1e50b5c8a2ccb56a7 sha1: ae60f3e6fe51bb717f83d26d7e6b1fec7d1865e8 sha256: 723a592f79387a7d09d667a685bc01cd3668603f0d6a738da7e60a2642cbbcb1 [ITEM #27] md5: 1530623aa2c9f09fed2faee3dd6704e0 sha1: e7a44dd4682073a0a3940db7a1e5bcbfc7e25e23 sha256:
Re: [Full-disclosure] Month of Random Hashes: DAY SEVENTEEN
i think the real question is why didn't the month of random hashes start on the first day of the month? because by my count it should be DAY THIRTY today. Anyway, FAQ is coming soon apparently. We eagerly await it. On 6/30/07, Leet Sixteen [EMAIL PROTECTED] wrote: can someone please explain why a bunch of random hashes are posted everyday in this mailing list? what is the significance of the random hashes and why should i read them everday? -- xor eax, eax ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
i didn't understand your poc. you are copying the value of textarea into the file input yourself using this code. document.getElementById(text1).value=document.getElementById(file1).value; document.getElementById(text1).focus(); so how is it a flaw? --- carl hardwick [EMAIL PROTECTED] wrote: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities: This demo is very simple. when you input some text in the textarea, the file input element's value will also change to it. I tested it on Firefox 1.5.0.12 and 2.0.0.4. PoC here: http://yathong.googlepages.com/FirefoxFocusBug.html credits by - Hong ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ Get the Yahoo! toolbar and be alerted to new email wherever you're surfing. http://new.toolbar.yahoo.com/toolbar/features/mail/index.php ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
PoC here: http://yathong.googlepages.com/FirefoxFocusBug.html The vulnerability allows the attacker to silently redirect focus of selected key press events to an otherwise protected file upload form field. This is possible because of how onKeyDown event is handled, allowing the focus to be moved between the two. This enables the attacker to read arbitrary files on victim's system. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] DOS on phrack?
seems up to me as of this moment, -nik - Original Message - From: Aditya K Sood [EMAIL PROTECTED] To: scott [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk Sent: Sunday, July 01, 2007 9:59 PM Subject: Re: [Full-disclosure] DOS on phrack? Yup scott the problem is there. Regards Aditya K Sood http://www.secniche.org scott wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 It seems that Phrack.org is experiencing a serious DoS.I tried a few times to connect today to no avail. Not to increase traffic to the DoS,is anyone else also experiencing the same? Regards, Scott -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGhfOkelSgjADJQKsRAlD5AKCNo2L7RsiiERAyDYZ53i61duWA6QCdEtqw NeYfdpD6AZEoMSGVmClNCWA= =nimg -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Rutkowska faces ‘100% undet ectable malware’ challenge, teasing?
hi guys, ref: http://blogs.zdnet.com/security/?p=334 so are they teasing by making her the impossible challenge at this date? :) honeypot developers have been trying to battle the same issue of making the virtual machine emulate guest OS like the it is run in real hardware since some years now. ref: http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf But if Rutkowska or anyone is able to succeed to make it undetectable in current hardware that would be genius! -bipin ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Month of Random Hashes: DAY SEVENTEEN
On 6/30/07, Michael Silk [EMAIL PROTECTED] wrote: i think the real question is why didn't the month of random hashes start on the first day of the month? because by my count it should be DAY THIRTY today. More like the month of lazy hashers :-P Oh, and where are the hashes of hashes of random hashes of hashes? -- Kristian Hermansen ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Rutkowska faces ‘100% unde tectable malware’ challenge, teasing?
Joanna has stated her technical requirements for the challenge and Thom and group has accepted them, so why not turn this into what it really is... a bet. The losing team agrees to pay the other $350,000 - if both groups are really so confident there shouldn't be any issue. On 6/30/07, Bipin Gautam [EMAIL PROTECTED] wrote: hi guys, ref: http://blogs.zdnet.com/security/?p=334 so are they teasing by making her the impossible challenge at this date? :) honeypot developers have been trying to battle the same issue of making the virtual machine emulate guest OS like the it is run in real hardware since some years now. ref: http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf But if Rutkowska or anyone is able to succeed to make it undetectable in current hardware that would be genius! -bipin ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Google/Orkut Authentication Issue PoC
This is a proof of concept for Google Authentication issues posted in the threads... 1.) http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064143.html (Orkut Server Side Management Error by Susam Pal Vipul Agarwal) 2.) http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/064300.html (Google Re-authentication Bypass by Susam Pal) I found that after logging out Google session doesn't expire in 24 hours. It is longer. I am doing this experiment to see how long the session remains alive after logging out. I am posting a session cookie for my account. Name: orkut_state Cookie: ORKUTPREF=ID=11190574376736842125:INF=0:SET=111236436:LNG=1:CNT=0:RM=0:USR=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:PHS=:TS=1183210062:LCL=en-US:NET=1:TOS=1:GC=DQAAAIMrC-mJYqsrCOnv8uVQHdFUccRFQX8-ibRerEzrie5sOWNc06zs4z4fMNpovLUyRcNXHwxk8WzY6Z6SmvxcSmL1hAW4Mrdvazzkssq5VjSO70oE1HSFR4KOkSb3ZLg-U7k0x8c7ZuLHwu_qY2Umy8oobckg9UctWXYd1qoerXUTzsFSuLNXHdiAEVCSw7fUO00:PE=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:GTI=0:GID=aGlqYWNrbWVwbGVhc2VAZ29vZ2xlbWFpbC5jb20=:VER=2:S=1Ah7VcA0JetHQ0Mgyfp4Jb6meXw=: Domain: .www.orkut.com Path: / Send for: Any type of session Expires: Expire at end of session I have logged out but you can use this cookie in this way... (anyone can try this. You don't need Orkut account to try this) 1.) Open Firefox, etc. which allows cookie editing. This extension is required... https://addons.mozilla.org/en-US/firefox/addon/573 2.) Set the given cookie. 3.) Try to visit http://www.orkut.com/Home.aspx 4.) You will be automatically logged in with my account. It will not ask for any user-name or password. 5.) Logout 6.) Repeat steps 1. to 4. You can log in again. I want to see how long this session remains alive after multiple logout. If you try this POC leave a message in the scrapbook of the account here ... http://www.orkut.com/Scrapbook.aspx Thanks Joseph Moody friends. Drama queens. Your life? Nope! - their life, your story. Play Sims Stories at Yahoo! Games. http://sims.yahoo.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
This doesn't seem like a security flaw to me.
input type=file id=file1 name=file1
onkeydown=restore(); onkeyup=restore() /
label for=file1 id=label1 name=label1/label
br
textarea name=text1 id=text1
onkeydown=doKeyDown()
function doKeyDown()
{
document.getElementById(label1).focus();
}
onkeydown, you are focusing on label1 which is tied to
file1. so onkeydown, file1 gets focus. so the keyup
event happens on file1 which triggers restore().
restore() copies text1 into file1.
function restore()
{
document.getElementById(text1).value=document.getElementById(file1).value;
document.getElementById(text1).focus();
}
so why is this a security flaw? could you please
explain?
--- carl hardwick [EMAIL PROTECTED] wrote:
PoC here:
http://yathong.googlepages.com/FirefoxFocusBug.html
The vulnerability allows the attacker to silently
redirect focus of
selected key press events to an otherwise protected
file upload form
field. This is possible because of how onKeyDown
event is handled,
allowing the focus to be moved between the two. This
enables the
attacker to read arbitrary files on victim's system.
The fish are biting.
Get more visitors on your site using Yahoo! Search Marketing.
http://searchmarketing.yahoo.com/arp/sponsoredsearch_v2.php
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
On Sat, 30 Jun 2007, carl hardwick wrote: The vulnerability allows the attacker to silently redirect focus of selected key press events to an otherwise protected file upload form field. This is possible because of how onKeyDown event is handled, allowing the focus to be moved between the two. This enables the attacker to read arbitrary files on victim's system. Hey, that's a copypaste from my post! ;-) /mz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
On Sat, 30 Jun 2007, Joseph Hick wrote: This doesn't seem like a security flaw to me. This is somewhat similar to my focus stealing bugs described here: http://lcamtuf.coredump.cx/focusbug/ ...though seems to work on patched Firefox because of a clever use of label-based aliasing. Now, the vulnerability For security reasons, value of file input field cannot be specified in HTML or set scriptually (otherwise, you could then just do submit() and have a file uploaded without user's consent) - and we want it to stay that way. Still, file input field can be hidden off-screen and the victim might be not aware of its presence or contents. Now, if a malicious web page can selectively redirect certain keystrokes to a hidden field of this type, while giving the user an impression he's actually typing a web forum post, playing a game, performing a search, or whatnot, with a visible feedback elsewhere on the webpage - we're in trouble: once a desired file name is collected, the script can have the form submitted, complete with victim's file of attacker's liking. Non-trivial user interaction is required, of course, but it's not terribly difficult to solicit some. Cheers, /mz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
On 6/30/07, carl hardwick [EMAIL PROTECTED] wrote: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities: This demo is very simple. when you input some text in the textarea, the file input element's value will also change to it. I tested it on Firefox 1.5.0.12 and 2.0.0.4. PoC here: http://yathong.googlepages.com/FirefoxFocusBug.html Is there a link between your POC and this : http://lcamtuf.coredump.cx/focusbug/ ? credits by - Hong mmmhh... -- Guasconi Vincent Etudiant. http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities
On 7/1/07, ascii [EMAIL PROTECTED] wrote: carl hardwick wrote: PoC here: http://yathong.googlepages.com/FirefoxFocusBug.html The vulnerability allows the attacker to silently redirect focus [...] many thanks for sharing this : ) it's a pretty serious vulnerability as said by Zalewski Pretty serious for you, me, and some others. 0.02$ that it will never be patched. -- Guasconi Vincent Etudiant. http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Month of Random Hashes: DAY SEVENTEEN
On 6/30/07, Leet Sixteen [EMAIL PROTECTED] wrote: can someone please explain why a bunch of random hashes are posted everyday in this mailing list? what is the significance of the random hashes and why should i read them everday? 42 -- Guasconi Vincent Etudiant. http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] DOS on phrack?
On Saturday 30 June 2007 2:09 am, scott wrote: It seems that Phrack.org is experiencing a serious DoS.I tried a few times to connect today to no avail. why is it that when a website is unavailable, the immediate assumption is that is being attacked? regards, -- Jeff MacDonald, Zoid Technologies http://zoidtechnologies.com/ Web Applications That Suck Less ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] iPhone Roadblock
I'm one of the lucky (or possibly crazy) people that managed to get an iPhone yesterday. If you're curious, I'm very happy with it so far. I'm not an Apple nut that buys all things Apple, but after years of smartphones that never seemed quite right, the iPhone really seems to have hit the mark. My biggest worry was that it used Edge rather than 3G. While at some points this is noticeable, the caching and windowing mechanisms really make up for the difference. On the whole it's the best smartphone experience I've had. But you can read all the reviews in a more appropriate forum... I'm really interested in hacking up my iPhone. Anything with a *nix OS underneath is just too tempting to leave alone. Unfortunately Apple threw a curve ball that's outside my skill set. The iPhone doesn't mount as a harddrive. I couldn't find any options in iTunes and in linux I only got: Jun 30 21:25:42 lothlorien kernel: usb 1-4: new full speed USB device using ehci_hcd and address 15 Jun 30 21:25:42 lothlorien kernel: usb 1-4: Product: iPhone Jun 30 21:25:42 lothlorien kernel: usb 1-4: Manufacturer: Apple Inc. Jun 30 21:25:42 lothlorien kernel: usb 1-4: SerialNumber: XYZ123456789 Jun 30 21:25:42 lothlorien kernel: usb 1-4: configuration #1 chosen from 3 choices USB device drivers aren't my thing. Anyone have any suggestions on how to get the thing mounted or to go about figuring out how to do so? Thanks for any help. -- Matthew Wollenweber [EMAIL PROTECTED] | [EMAIL PROTECTED] www.cyberwart.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
