Re: [Full-disclosure] n3td3v profile...
.. and given that the only Jesus that isn't a fictional character is the latino guy who cuts my lawn and cleans my gutters, you are out of luck because he doesn't have a psych degree. On Mon, Jan 12, 2009 at :35 PM, Ed Carp e...@pobox.com wrote: Y'all need Jesus in your life - there's no one else that can fix your emotional issues, I'm afraid... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v profile...
I don't need to turn people against you.. you do that better than I could ever hope to. I merely express my own hate for you and sure, I could ignore you but that would be passive encouragement. If I don't say something it says to others that I think you are OK... when you are far from OK. You claim to be a researcher, yet you research nothing and only ever theorize about things (and often your theories are impractical and/or just plain crazy). Researching requires a practical effort to understand things and move them forward. Do you really believe you are a researcher? Do you actually believe your own hype? You classing yourself as a researcher belittles the effort of all the REAL researches out there. This is just one of my many issues with you. Also, it is interesting that despite lots of people saying YOU are the problem, you seem to consistently blame others for your current predicament. Call me whatever you like, it doesn't detract from the fact you are a delusional fruitcake. Seriously.. seek professional help or at the very least get the fuck off this list. On Mon, Jan 12, 2009 at :58 PM, n3td3v xploita...@gmail.com wrote: I don't think anyone on full-disclosure is a troll apart from urel...@gmail.com, the rest of us are pretty serious about security and what we talk about. I know i'm serious about what I say and i'm strong in my convictions about what I say, even if you don't always agree with my points of view. There is no need to go around abusing me and say you hate me and turning a list against me, just because you don't agree with my opinion, how fucked up is that? Look at your own conduct if you want to talk about mental illness. The amount of bullshit that is made up about me just because you don't agree with my opinions on security is amazing. Have you nothing better to do than do what you do with serious researchers like me? If you don't agree with my opinion about a security industry software license, just ignore. If you don't agree on anything I say, just ignore. Don't send out a hate campaign and rally people against me, thats the real fuck up. On Mon, Jan 12, 2009 at :35 AM, Biz Marqee biz.mar...@gmail.com wrote: Informative, interesting and more to the point - its spot on. His self medicating with illegal drugs also falls right in line with this.. and even assuming that this profile is all incorrect and this IS some troll winding us all up, he invariably has some mental illness. no one sane - whether a joke or not - rants on and on and on to a bunch of people who detest him.. maybe for a while but not for years on end. n3td3v, get help or exit life. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] It's time for me to go now
You definitely deserved a place in Bethlem Royal Hospital. On Mon, Jan 12, 2009 at 9:45 AM, n3td3v xploita...@gmail.com wrote: I don't know how to hack and I don't have any technical abilities I must go now before MI5 take me away in a van and dump my body in the sea. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Wildest ideas?
Something I've always wanted to do is a virtual free-for-all hackworld. A wargame with a twist: Basicly a VPN or something like that, once you connect to it you're in a seperate 'internet' and all that (the matrix? :p), but the other systems have either some kind of vulnerability or are other people logged in there. Then it's standard wargames from there, you try to take over certain systems to gain control of the 'internet' I imagine most of the hosts would be VM/VPS hosted on a bigger server. Maybe there could be fake domain registrars and hosting providers, then people can get their own websites in this sub-internet (and see if they can keep them from getting wrecked). IDK, just thought it'd be a cool idea...no idea how to start building something like this though. (shouts out to fellow ds/hh out there!) On Mon, Jan 12, 2009 at 6:43 AM, Will McAfee sec-commun...@thegoodhacker.com wrote: Face it. If you're serious about security, you've been laying in bed one night and gotten an Idea, which you never bothered to develop. Throw 'em out there, if it's good maybe someone will develop it for you! Sent from my iPhone ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You are in no position to translate what we said here in clear English, and it is not about getting on a plane, because you _cannot_ just take a plane to Palestine / Israel... We still disagree, _every_ damage, no matter how small / big, it does affect people, Israeli people and that is the main point.. We don't think IDF will stop because of some artists and lawyers websites hacked, but We do believe that this damage, no matter how small, is actually affecting Israeli people, servers, data, etc... We expected to be called by a script-kiddie by people like you because that is all you can possibly think against us, first thing that pops in a limited mind like yours when a web-hack occurs is omg script kiddies, maybe you should lookup the meaning of a script kiddie, we don't use public scripts ( yet we don't try to reinvent the wheel ), and we are not kids. We are not looking for fame, we are talking from one alias, we only want one thing and that is as much damage as possible for .co.il boxes. We did not claim that we are helping hamas, only reason we are behind an 'unknown' email / identity, is because we are not aiming for publicity. You say you have no skin in this game, and yet you try to rant on full-disc lists, hypocrite much? Our actions to this situation got nothing to do with replying to your emails. ... And are you really serious about thinking of a creative and expressive name for an anonymous signature of a group that's main objective is damage of .co.il servers?, Hitler killed alot of Jews, and the holocaust was a huge event to Jews and Palestinians, so we used both names, if you can think of a better name for this operation, please forward it to /dev/null. On Sun, 11 Jan 2009 22:30:35 +0300 Rants nRaves rantsnr...@gmail.com wrote: On Sun, Jan 11, 2009 at 1:38 AM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We are pretty far away from them, if it was possible for us to go and fight, we would. Translation: I'm too comfortable sitting on a couch in my mothers basement watching porn on the internet to get on a plane and put my life at risk like the other 1.4 million people who live in Gaza. If you don't have the money, then go get a job at McDonalds flipping burgers until you do. Anything else is just lame excuses considering what is at stake. It is not worthless, it is merely the beginning.. every file, database, email, paypal or bank account... the more damage, the better... maybe one site is worthless for you, but its someone else's job, years of effort to build, etc etc... and as long as that someone is an Israeli, then his site is a target. Yes, it is worthless. Your targets have no military or political value. What you're doing is the internet equivalent of throwing eggs at a passing car- adolescent prank that might piss someone off, but in the end is meaningless. Or are you so delusional that you think the IDF will stop now because some lawyers and artists had their websites hacked? Let's put it to a simple test to determine its value. I've been told Hamas suicide bombers get 72 virgins when they reach heaven for their actions. How many virgins does hacking mynotebook.co.il or refaeli-art.com get you? We expected people to call this script kiddie, but it is alright, that is the typical response from a rants person like yourself, we will overlook that.. Of course you expected to be called a script kiddie- that's what you are. That or you're the stupidest hacker in the world for using a new exploit you designed on such worthless targets. If you really were anything more then a script kiddie why wouldn't you use your awesome power to hack an Israeli government site? Why not steal something embarrassing from the IDF and post it for the world to see? Simple- because you're a pathetic script kiddie. - -- QUOTE -- Then to prove just how pathetic you really are, you don't even have the balls to publicly show your face and have to hide behind an anonymous email address- all while real men are out there on the streets in harms way. - -- / QUOTE -- That is coming from the person who replied to our email from his Rants n Raves email account? please take a seat. Please. I'm not the one making grand claims about helping Hamas fight the IDF. I'm more then happy to admit that I've got no skin in this game. We do have what it takes to make a difference, we believe actions speak louder than words, so you can just sit back and watch. If you believe actions speak louder then words then why the hell are you arguing with me? Do you even read what you type? ~ The E-Holocaust I gotta say, this whole e.hitler and e-holocaust thing makes you sound like you're 9 years old. Couldn't you come up with something more creative and impressive? -Rants On Sun, 11 Jan 2009 06:20:03 +0300 Rants nRaves rantsnr...@gmail.com wrote: Wow, congratulations. While people on
Re: [Full-disclosure] e-Holocaust
Ohhh amazing. After seeing this I've definitely made my mind up about who's side is right in the whole Israel-Palestine thing. Your influence is certainly great. Hey while you're at it you should edit http://en.wikipedia.org/wiki/Holocaust to mention what you did. Hitler killed aprox. six million European Jews during World War II. eHitler (hitlers consciousness that was saved to disk just before he died and haunts the internet to this day) hacked 21 websites, 3 of which where .com domains! Seriously though you make your entire 'side' look like the bad guys, but dumbnesses too. What annoys me is that the media will take things like this, overblow them and then say that there's a big deal ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 First of all, the 21 websites were just used to distribute the message we had, the real damage was done on the servers holding the websites, files deleted, databases wiped, etc... The .com domains were actually Israeli, on Israeli servers... so please do your research before making a complete idiot out of yourself. The media involvement will only be to our side, making a bigger deal of a small website defacement will only help in the bigger picture here, more damage for Israelis. On Mon, 12 Jan 2009 00:26:43 +0300 bert renalds bert9191rena...@googlemail.com wrote: Ohhh amazing. After seeing this I've definitely made my mind up about who's side is right in the whole Israel-Palestine thing. Your influence is certainly great. Hey while you're at it you should edit http://en.wikipedia.org/wiki/Holocaust to mention what you did. Hitler killed aprox. six million European Jews during World War II. eHitler (hitlers consciousness that was saved to disk just before he died and haunts the internet to this day) hacked 21 websites, 3 of which where .com domains! Seriously though you make your entire 'side' look like the bad guys, but dumbnesses too. What annoys me is that the media will take things like this, overblow them and then say that there's a big deal ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklrNBYACgkQiG0lprPxISo6aQP/VYKRgp3oQBlXjV2vXJb8MSVClsGL 6bJjbXWHFjAcOcadRzx5EA6J0d0h/OG7+kqXCcIeDDfkFJ8jlNceXCDtdMWGvVCmaY4D GUvVNQ4m+r/nA9uoif1pZlDsC8Rd4A6hw5cX0UYwtw7ml3KhKaZsWaHjhoitI/l5JRIT I/4tfVM= =CGrZ -END PGP SIGNATURE- -- Need cash? Click to get an emergency loan, bad credit ok http://tagline.hushmail.com/fc/PnY6qxsmmvBVfFjXwwxz40dOzMwanXNA25upvTBb4j3mOyzplCfe4/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] I'm not the troll i've been trolled
I've been the victim of trolls they see me as a good target to pick on because I run the n3td3v intelligence group and i'm going to apply for mi5. your everyday people can't run security because their ideas are too ordinary and they come up with nothing new. don't call me a troll i've been a victim of trolling. groundzero security and ureleet are trolls, they seen someone with an indepth underworld life that i can talk about that others don't believe because the secret world of spooks is often unbelievable to ordinary folks and thats where people think i must be trolling. the fact is i've never trolled the n3td3v group is real and i'll be applying for mi5 real soon. there is no mental illness or anything else, thats just something thought up by trolls to get me to reply even more. they want people to hate me because they don't understand me because lots of what's going on cannot be talked about publicly, so they say why do you think you're a researcher, you don't research anything. trust me i'n reseraching a lot all the time. I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. you choose to troll me because you don't understand me and you probably never will, but make it be clear i'm the victim of trolling i haven't trolled. it's easy to spin me up because you know i will reply to defend myself and my replies you enjoy because they are different from joe the public replies, and once you've managed to spin me up enough, you can say n3td3v is the core problem on the list and everyone hates you and look at your replies talking about intelligence and mi5, maybe thats because i run an intelligence group thats why i'm interested in it and i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats. this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it. have a good time on your mailing list that you and you alone partially destroyed by trolling someone who is not afraid of defending myself publicly and tell people what i do on my real name or under the group name. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can you please explain the 'un-patched' part, have you actually found anything on those servers that is un-patched? and lol at moved to apache. Again, we will repeat the main idea out of this, which is... small or big damage, it is damage against Israeli servers and people, those sites were used to send a message, and believe it or not, the message was sent... Our next message-host will be larger, on a world scale... You will just have to wait and see, while we crack, organize and use the info we found so far... then we will send another message,a bigger one, on a larger scale. On Mon, 12 Jan 2009 16:13:25 +0300 Avraham Schneider avri.schnei...@gmail.com wrote: Of the 21 websites 19 were hosted on 1 un-patched server... http://israelcivillaw.com/ = [ 62.219.19.193 ] http://israelcommerciallaw.com/ = [ 62.219.19.193 ] http://ada-art.co.il/ = [ 62.219.19.193 ] http://harambam.co.il/ = [ 62.219.19.193 ] http://sigalit-studio.co.il/ = [ 62.219.19.193 ] http://sgms.co.il/ = [ 62.219.19.193 ] http://two.org.il/ = [ 62.219.19.193 ] http://magia-li.co.il/ = [ 62.219.19.193 ] http://plastikim.co.il/ = [ 62.219.19.193 ] http://maasik.co.il/ = [ 62.219.19.193 ] http://vision-art.co.il/ = [ 62.219.19.193 ] http://man-go.co.il/ = [ 62.219.19.193 ] http://drabba.co.il/ = [ 62.219.19.193 ] http://gal-alpron.co.il/ = [ 62.219.19.193 ] http://djgazala.com/ = [ 62.219.19.193 ] http://eseknet.biz/ = [ 62.219.19.193 ] http://michlala.co.il/ = [ 62.219.19.193 ] http://yd-albert.co.il/ = [ 62.219.19.193 ] http://refaeli-art.com/ = [ 62.219.19.193 ] I'd bet these last two simply moved since then to Apache... http://www.israel-forum.co.il/ = [ 64.131.69.76 ] http://mynotebook.co.il/ = [ 71.18.148.1 ] On Mon, Jan 12, 2009 at 2:14 PM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 First of all, the 21 websites were just used to distribute the message we had, the real damage was done on the servers holding the websites, files deleted, databases wiped, etc... The .com domains were actually Israeli, on Israeli servers... so please do your research before making a complete idiot out of yourself. The media involvement will only be to our side, making a bigger deal of a small website defacement will only help in the bigger picture here, more damage for Israelis. On Mon, 12 Jan 2009 00:26:43 +0300 bert renalds bert9191rena...@googlemail.com wrote: Ohhh amazing. After seeing this I've definitely made my mind up about who's side is right in the whole Israel-Palestine thing. Your influence is certainly great. Hey while you're at it you should edit http://en.wikipedia.org/wiki/Holocaust to mention what you did. Hitler killed aprox. six million European Jews during World War II. eHitler (hitlers consciousness that was saved to disk just before he died and haunts the internet to this day) hacked 21 websites, 3 of which where .com domains! Seriously though you make your entire 'side' look like the bad guys, but dumbnesses too. What annoys me is that the media will take things like this, overblow them and then say that there's a big deal ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklrNBYACgkQiG0lprPxISo6aQP/VYKRgp3oQBlXjV2vXJb8MSVClsG L 6bJjbXWHFjAcOcadRzx5EA6J0d0h/OG7+kqXCcIeDDfkFJ8jlNceXCDtdMWGvVCmaY4 D GUvVNQ4m+r/nA9uoif1pZlDsC8Rd4A6hw5cX0UYwtw7ml3KhKaZsWaHjhoitI/l5JRI T I/4tfVM= =CGrZ -END PGP SIGNATURE- -- Need cash? Click to get an emergency loan, bad credit ok http://tagline.hushmail.com/fc/PnY6qxsmmvBVfFjXwwxz40dOzMwanXNA25up vTBb4j3mOyzplCfe4/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklrR5gACgkQiG0lprPxISp7KgP+M2aX6gqW9vzFSL+mE3dzfnfj3+XB CvOhtEbI8gCmPPjTUJeMn4WXziTT0PxJ5kLJ1kpY/tbc6s4dZeF9+Vim/QNZpxJJT4D2 gqTZCo2cQ4RiU4YM/kQcnBQQRG3O1ZHXfIu3ULQyD1pKgOtRlKoyd/5m2FTppgg4GdXH S6Og8GM= =mlyu -END PGP SIGNATURE- -- Free information on becoming a Graphic Designer. Click Now! http://tagline.hushmail.com/fc/PnY6qxunKhg3iTbhj9LxivPdJlTobUQ2HzAsKylHh5oHcnGxDzlTy/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
You sound a lot like pinky and the brain... have not watched that for years but thanks for the memory LOL On Mon, Jan 12, 2009 at 3:37 PM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can you please explain the 'un-patched' part, have you actually found anything on those servers that is un-patched? and lol at moved to apache. Again, we will repeat the main idea out of this, which is... small or big damage, it is damage against Israeli servers and people, those sites were used to send a message, and believe it or not, the message was sent... Our next message-host will be larger, on a world scale... You will just have to wait and see, while we crack, organize and use the info we found so far... then we will send another message,a bigger one, on a larger scale. On Mon, 12 Jan 2009 16:13:25 +0300 Avraham Schneider avri.schnei...@gmail.com wrote: Of the 21 websites 19 were hosted on 1 un-patched server... http://israelcivillaw.com/ = [ 62.219.19.193 ] http://israelcommerciallaw.com/ = [ 62.219.19.193 ] http://ada-art.co.il/ = [ 62.219.19.193 ] http://harambam.co.il/ = [ 62.219.19.193 ] http://sigalit-studio.co.il/ = [ 62.219.19.193 ] http://sgms.co.il/ = [ 62.219.19.193 ] http://two.org.il/ = [ 62.219.19.193 ] http://magia-li.co.il/ = [ 62.219.19.193 ] http://plastikim.co.il/ = [ 62.219.19.193 ] http://maasik.co.il/ = [ 62.219.19.193 ] http://vision-art.co.il/ = [ 62.219.19.193 ] http://man-go.co.il/ = [ 62.219.19.193 ] http://drabba.co.il/ = [ 62.219.19.193 ] http://gal-alpron.co.il/ = [ 62.219.19.193 ] http://djgazala.com/ = [ 62.219.19.193 ] http://eseknet.biz/ = [ 62.219.19.193 ] http://michlala.co.il/ = [ 62.219.19.193 ] http://yd-albert.co.il/ = [ 62.219.19.193 ] http://refaeli-art.com/ = [ 62.219.19.193 ] I'd bet these last two simply moved since then to Apache... http://www.israel-forum.co.il/ = [ 64.131.69.76 ] http://mynotebook.co.il/ = [ 71.18.148.1 ] On Mon, Jan 12, 2009 at 2:14 PM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 First of all, the 21 websites were just used to distribute the message we had, the real damage was done on the servers holding the websites, files deleted, databases wiped, etc... The .com domains were actually Israeli, on Israeli servers... so please do your research before making a complete idiot out of yourself. The media involvement will only be to our side, making a bigger deal of a small website defacement will only help in the bigger picture here, more damage for Israelis. On Mon, 12 Jan 2009 00:26:43 +0300 bert renalds bert9191rena...@googlemail.com wrote: Ohhh amazing. After seeing this I've definitely made my mind up about who's side is right in the whole Israel-Palestine thing. Your influence is certainly great. Hey while you're at it you should edit http://en.wikipedia.org/wiki/Holocaust to mention what you did. Hitler killed aprox. six million European Jews during World War II. eHitler (hitlers consciousness that was saved to disk just before he died and haunts the internet to this day) hacked 21 websites, 3 of which where .com domains! Seriously though you make your entire 'side' look like the bad guys, but dumbnesses too. What annoys me is that the media will take things like this, overblow them and then say that there's a big deal ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklrNBYACgkQiG0lprPxISo6aQP/VYKRgp3oQBlXjV2vXJb8MSVClsG L 6bJjbXWHFjAcOcadRzx5EA6J0d0h/OG7+kqXCcIeDDfkFJ8jlNceXCDtdMWGvVCmaY4 D GUvVNQ4m+r/nA9uoif1pZlDsC8Rd4A6hw5cX0UYwtw7ml3KhKaZsWaHjhoitI/l5JRI T I/4tfVM= =CGrZ -END PGP SIGNATURE- -- Need cash? Click to get an emergency loan, bad credit ok http://tagline.hushmail.com/fc/PnY6qxsmmvBVfFjXwwxz40dOzMwanXNA25up vTBb4j3mOyzplCfe4/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklrR5gACgkQiG0lprPxISp7KgP+M2aX6gqW9vzFSL+mE3dzfnfj3+XB CvOhtEbI8gCmPPjTUJeMn4WXziTT0PxJ5kLJ1kpY/tbc6s4dZeF9+Vim/QNZpxJJT4D2 gqTZCo2cQ4RiU4YM/kQcnBQQRG3O1ZHXfIu3ULQyD1pKgOtRlKoyd/5m2FTppgg4GdXH S6Og8GM= =mlyu -END PGP SIGNATURE- -- Free information on becoming a Graphic Designer. Click Now! http://tagline.hushmail.com/fc/PnY6qxunKhgxAUgKhHcoxrxl1imxQoRBGEvU9Lo9er9dHCbdmSBEq/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Re: [Full-disclosure] I'm not the troll i've been trolled
Hahahaha this post is the work of a CRAZY PERSON trying to keep up the charade which is slowly crumbling around them.. could that profile fit you any better. you are joking with this shit right? - Intelligence agency intrigue innuendo is a classic i'll be applying for mi5 real soon i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats - They usually refuse medications to control themselves, because it dulls the essence of what they're trying to portray: someone mysterious, withholding critical information, being the sole-source of knowledge that might somehow change the world. they want people to hate me because they don't understand me because lots of what's going on cannot be talked about publicly this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it - Also notice he hasn't written anything technical -- it's mostly outlandish hypothesis with pointers to..not infosec.. I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. I could go on and virtually connect the dots on everything in that profile with things you have said in the last week alone, but its not worth any more of my time. ps: you are a nobody and we all know it, but at least now we know what the fuck is up with you. go see a doctor or go back to hospital - that week without you was nice. On Tue, Jan 13, 2009 at :01 AM, n3td3v xploita...@gmail.com wrote: I've been the victim of trolls they see me as a good target to pick on because I run the n3td3v intelligence group and i'm going to apply for mi5. your everyday people can't run security because their ideas are too ordinary and they come up with nothing new. don't call me a troll i've been a victim of trolling. groundzero security and ureleet are trolls, they seen someone with an indepth underworld life that i can talk about that others don't believe because the secret world of spooks is often unbelievable to ordinary folks and thats where people think i must be trolling. the fact is i've never trolled the n3td3v group is real and i'll be applying for mi5 real soon. there is no mental illness or anything else, thats just something thought up by trolls to get me to reply even more. they want people to hate me because they don't understand me because lots of what's going on cannot be talked about publicly, so they say why do you think you're a researcher, you don't research anything. trust me i'n reseraching a lot all the time. I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. you choose to troll me because you don't understand me and you probably never will, but make it be clear i'm the victim of trolling i haven't trolled. it's easy to spin me up because you know i will reply to defend myself and my replies you enjoy because they are different from joe the public replies, and once you've managed to spin me up enough, you can say n3td3v is the core problem on the list and everyone hates you and look at your replies talking about intelligence and mi5, maybe thats because i run an intelligence group thats why i'm interested in it and i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats. this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it. have a good time on your mailing list that you and you alone partially destroyed by trolling someone who is not afraid of defending myself publicly and tell people what i do on my real name or under the group name. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
roflol On Mon, Jan 12, 2009 at 3:57 PM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Right, your attempts at ranting, making a very obvious comment, or whatever that is you are doing is pretty stupid.. We decided to put this in a little diagram for people like you to understand better: [ PHASE 1 ] | | -- Gain access on Israeli webservers / websites / databases ( yes, that means that if the website / database / webserver contains any israeli content on it, it is a potential target, so spair us the 'omg this is a US box' 'omg this is a .com' ) [ PHASE 2 ] | | -- Use access to collect information ( Includes databases, source code, emails, etc.. ), and use the access eventually to send a message, if we need to... if not, we will just delete all the information on the server.. [ PHASE 3 ] | | -- Use information collected to make more damage... and repeat... So now unless you have something to add about this, don't waste your time and ours... P.S: that pinky and brain comment, wow... you just destroyed us with that, it was totally demolishing to our goals... good job... - _-\\ On Mon, 12 Jan 2009 16:33:27 +0300 quispiam lepidus quispiam.lepi...@gmail.com wrote: Those last two are also located in the USA. Oops. On Tue, Jan 13, 2009 at 12:13 AM, Avraham Schneider avri.schnei...@gmail.com wrote: Of the 21 websites 19 were hosted on 1 un-patched server... http://israelcivillaw.com/ = [ 62.219.19.193 ] http://israelcommerciallaw.com/ = [ 62.219.19.193 ] http://ada-art.co.il/ = [ 62.219.19.193 ] http://harambam.co.il/ = [ 62.219.19.193 ] http://sigalit-studio.co.il/ = [ 62.219.19.193 ] http://sgms.co.il/ = [ 62.219.19.193 ] http://two.org.il/ = [ 62.219.19.193 ] http://magia-li.co.il/ = [ 62.219.19.193 ] http://plastikim.co.il/ = [ 62.219.19.193 ] http://maasik.co.il/ = [ 62.219.19.193 ] http://vision-art.co.il/ = [ 62.219.19.193 ] http://man-go.co.il/ = [ 62.219.19.193 ] http://drabba.co.il/ = [ 62.219.19.193 ] http://gal-alpron.co.il/ = [ 62.219.19.193 ] http://djgazala.com/ = [ 62.219.19.193 ] http://eseknet.biz/ = [ 62.219.19.193 ] http://michlala.co.il/ = [ 62.219.19.193 ] http://yd-albert.co.il/ = [ 62.219.19.193 ] http://refaeli-art.com/ = [ 62.219.19.193 ] I'd bet these last two simply moved since then to Apache... http://www.israel-forum.co.il/ = [ 64.131.69.76 ] http://mynotebook.co.il/ = [ 71.18.148.1 ] On Mon, Jan 12, 2009 at 2:14 PM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 First of all, the 21 websites were just used to distribute the message we had, the real damage was done on the servers holding the websites, files deleted, databases wiped, etc... The .com domains were actually Israeli, on Israeli servers... so please do your research before making a complete idiot out of yourself. The media involvement will only be to our side, making a bigger deal of a small website defacement will only help in the bigger picture here, more damage for Israelis. On Mon, 12 Jan 2009 00:26:43 +0300 bert renalds bert9191rena...@googlemail.com wrote: Ohhh amazing. After seeing this I've definitely made my mind up about who's side is right in the whole Israel-Palestine thing. Your influence is certainly great. Hey while you're at it you should edit http://en.wikipedia.org/wiki/Holocaust to mention what you did. Hitler killed aprox. six million European Jews during World War II. eHitler (hitlers consciousness that was saved to disk just before he died and haunts the internet to this day) hacked 21 websites, 3 of which where .com domains! Seriously though you make your entire 'side' look like the bad guys, but dumbnesses too. What annoys me is that the media will take things like this, overblow them and then say that there's a big deal ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklrNBYACgkQiG0lprPxISo6aQP/VYKRgp3oQBlXjV2vXJb8MSVClsG L 6bJjbXWHFjAcOcadRzx5EA6J0d0h/OG7+kqXCcIeDDfkFJ8jlNceXCDtdMWGvVCmaY4 D GUvVNQ4m+r/nA9uoif1pZlDsC8Rd4A6hw5cX0UYwtw7ml3KhKaZsWaHjhoitI/l5JRI T I/4tfVM= =CGrZ -END PGP SIGNATURE- -- Need cash? Click to get an emergency loan, bad credit ok http://tagline.hushmail.com/fc/PnY6qxsmmvBVfFjXwwxz40dOzMwanXNA25up vTBb4j3mOyzplCfe4/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored
Re: [Full-disclosure] spam from NASA
Some of us remember Support Intelligence's research in April 2007: http://blog.support-intelligence.com/2007_04_01_support-intelligence_archive.html (covered at 'Corporate spambots named and shamed' http://www.vnunet.com/vnunet/news/2188948/corporate-spambots-named-shamed ) Juha-Matti Tonu Samuel [t...@jes.ee] kirjoitti: Looks this mail went to devnull: --8-- Just interesting spam I got today. It was from and actually originating from NASA. Yet visible here if someone cares: http://www.spamcop.net/sc?id=z2486413060z414e4d86a6a209ebc1682975316af239z Tõnu ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Postings
i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
[ PHASE 1 ] | | -- [ PHASE 2 ] | | -- [ PHASE 3 ] | | -- It's Mini-me ! http://weblog.site5.com/images/photos/minime.jpg ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
It's pleasant to see you sink alone in your own shit you've created :) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [BMSA-2009-01] Authentication bypass in Interspire Shopping Cart v4.0.1 and below
BLUE MOON SECURITY ADVISORY 2009-01 === :Title: Authentication bypass in Interspire Shopping Cart :Severity: Critical :Reporter: Truong Van Tri and Blue Moon Consulting :Products: Interspire Shopping Cart v4.0.1 Ultimate edition :Fixed in: v4.0.2 Description --- Interspire Shopping Cart (ISC) is ecommerce software that includes everything you need to start, run, promote and profit from your online store. It combines easy-to-customize store designs with marketing tools proven to significantly increase your sales. In v4.0.1, ISC suffers from an authentication bypass problem. This allows anyone to login to ISC's control panel without knowing the administrator's password. The problem is with ``class.auth.php``'s ``ProcessLogin`` function. This function sets a HTTPOnly cookie flag ``RememberToken`` too early in the process, even before the user is authenticated. A malicious user could force ``ProcessLogin`` to set this cookie by ticking on ``Remember me`` at the login page, entering targeted username such as ``admin``, and anything as password. This first attemp will fail, but the cookie is already set, and ready to authenticate him/her to the control panel. Blue Moon Consulting has verified the bug in version 4.0.1 Ultimate edition being showcased at http://www.interspire.com/shoppingcart/demo.php. It is highly likely that it also exists in older versions. Workaround -- There is no workaround. Please apply the fix. Fix --- The problem has been fixed in v4.0.2. Disclosure -- Blue Moon Consulting adapts `RFPolicy v2.0 http://www.wiretrip.net/rfp/policy.html`_ in notifying vendors. :Initial vendor contact: January 07, 2009: Initial contact sent to customerserv...@interspire.com and sa...@interspire.com :Vendor response: January 08, 2009: Chris Boulton requested further communications to be addressed to him directly. :Further communication: January 08, 2009: Prepared advisory is sent to Chris and regular update is requested. January 08, 2009: Chris updated us with a proper fix. January 08, 2009: Mitchell Harper updated us with Interspire's notification to their customers. January 08, 2009: Mitchell and Chris requested us to hold off full disclosure in 6 weeks to allow time for Interspire customers to get patched. January 08, 2009: We agreed to hold it off till 4.0.2 was released. January 08, 2009: Draft advisory was sent to Chris and Mitchell. January 08, 2009: Chris clarified that 4.0.2 had been released to address the issue. January 12, 2009: Mitchell requested us not to include full details such as steps to reproduce the bug. January 12, 2009: We explained our disclosure policy again to Mitchell, and sent an updated advisory. :Public disclosure: January 12, 2009 :Exploit code: No exploit code is needed. Disclaimer -- The information provided in this advisory is provided as is without warranty of any kind. Blue Moon Consulting Co., Ltd disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. Your use of the information on the advisory or materials linked from the advisory is at your own risk. Blue Moon Consulting Co., Ltd reserves the right to change or update this notice at any time. pgpg3Zx65CYFX.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
On Mon, Jan 12, 2009 at 2:52 PM, Ureleet urel...@gmail.com wrote: i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. Your nicknames andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. Your nicknames i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace They know me already and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. Unlikely if I have intelligence they want i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. Still here i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. Take your own advice andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. Your nicknames Mine have only ever been: n3td3v xploitable hackthegov worriedsecurity u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. More garbage c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. Hope not ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
N3td3v wrote ... i'll be applying for mi5 real soon ... From MI5 site - Who can I tell about my application? This is where we really are a unique place to work. Owing to the sensitivity of our work, discretion is vital. For this reason, you must limit those you tell about your application to your immediate family (parents and/or siblings) and/or your partner. We will ask you who knows that you have applied during the recruitment process. With the exception of the Director General, the identities of staff are not disclosed publicly. Should your application be successful, you will be given a full briefing on the reasons why it is important not to disclose that you are a member of the Security Service. Ref: https://www.mi5careers.gov.uk/faqs.aspx?subid=4 Yup failed. But you knew that already didn't you... oh shi I've just been trolled. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
On Mon, Jan 12, 2009 at 3:32 PM, Col col...@gmail.com wrote: N3td3v wrote ... i'll be applying for mi5 real soon ... From MI5 site - Who can I tell about my application? This is where we really are a unique place to work. Owing to the sensitivity of our work, discretion is vital. For this reason, you must limit those you tell about your application to your immediate family (parents and/or siblings) and/or your partner. We will ask you who knows that you have applied during the recruitment process. With the exception of the Director General, the identities of staff are not disclosed publicly. Should your application be successful, you will be given a full briefing on the reasons why it is important not to disclose that you are a member of the Security Service. Ref: https://www.mi5careers.gov.uk/faqs.aspx?subid=4 Lot's of intelligence people disclose to people who they are especially with other intelligencers. I don't understand that wording that they use because its not strictly necessary to hide your identity. That statement will just be a general rule for people applying, mi5 wouldn't be able to operate if none of them ever told anyone who they are. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
I will point out the faults in n3td3v's premises, read my last profile statement: On Jan 12, 2009, at 5:01 AM, n3td3v wrote: I've been the victim of trolls they see me as a good target to pick on because I run the n3td3v intelligence group and i'm going to apply for mi5. Victim, martyr fantasies, with the 'intel group' being a self-serve mailing lis that ANYONE can join (as I have under a different alias). It doesn't exist per se, it's all in his head. It's about as useful as tits on a boy. your everyday people can't run security because their ideas are too ordinary and they come up with nothing new. Typical -- exclusivity, it's all one big secret that a normal person cannot understand. they seen someone with an indepth underworld life that i can talk about that others don't believe because the secret world of spooks is often unbelievable to ordinary folks and thats where people think i must be trolling. Secret world of spooks reference, the whole intel agency thing, Mystery! the fact is i've never trolled the n3td3v group is real and i'll be applying for mi5 real soon. Real soon, yep, where have we heard this? there is no mental illness or anything else, thats just something thought up by trolls to get me to reply even more. DENIAL, of course there hasn't been mental illness, nope, not at all...OK, maybe a little... I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. Notice the subtle threat of 'researching and profiling other folks'? Usually when threats occur, this is the attempt to 'one-up' their last drama, just like I wrote about. We're getting to him, so the monkey has to perform a new and better trick. maybe thats because i run an intelligence group thats why i'm interested in it and i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats. MI5 fixation, again! this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it. He has the secret key of the universe that mere mortals cannot understand. OK, now watch what happens, it will be right out of the handbook. Some kind of event will be precipitated. If this is worked right, we can alter the behavior to our liking. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This is WAR!
:q! -- -Kyle kyle dot bader [at] gmail dot com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
On Mon, Jan 12, 2009 at 3:59 PM, - o z - o...@hotmail.com wrote: I will point out the faults in n3td3v's premises, read my last profile statement: On Jan 12, 2009, at 5:01 AM, n3td3v wrote: I've been the victim of trolls they see me as a good target to pick on because I run the n3td3v intelligence group and i'm going to apply for mi5. Victim, martyr fantasies, with the 'intel group' being a self-serve mailing lis that ANYONE can join (as I have under a different alias). It doesn't exist per se, it's all in his head. It's about as useful as tits on a boy. It's the public open source intelligence group you joined your everyday people can't run security because their ideas are too ordinary and they come up with nothing new. Typical -- exclusivity, it's all one big secret that a normal person cannot understand. You're a normal person and you cannot understand, point proven. they seen someone with an indepth underworld life that i can talk about that others don't believe because the secret world of spooks is often unbelievable to ordinary folks and thats where people think i must be trolling. Secret world of spooks reference, the whole intel agency thing, Mystery! Only a mystery to you the fact is i've never trolled the n3td3v group is real and i'll be applying for mi5 real soon. Real soon, yep, where have we heard this? I've been pondering on it for some years there is no mental illness or anything else, thats just something thought up by trolls to get me to reply even more. DENIAL, of course there hasn't been mental illness, nope, not at all...OK, maybe a little... Let's rule out mental illness shall we I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. Notice the subtle threat of 'researching and profiling other folks'? Usually when threats occur, this is the attempt to 'one-up' their last drama, just like I wrote about. We're getting to him, so the monkey has to perform a new and better trick. Actually happening not a trick maybe thats because i run an intelligence group thats why i'm interested in it and i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats. MI5 fixation, again! My future employer this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it. He has the secret key of the universe that mere mortals cannot understand. More garbage OK, now watch what happens, it will be right out of the handbook. Some kind of event will be precipitated. If this is worked right, we can alter the behavior to our liking. -oz More garbage ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
can't stop laughing... lol... 2009/1/12 Pete Licoln pete.lic...@gmail.com: [ PHASE 1 ] | | -- [ PHASE 2 ] | | -- [ PHASE 3 ] | | -- It's Mini-me ! http://weblog.site5.com/images/photos/minime.jpg ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] spam from NASA
It seems that the US Gov loves to keep it's computers secure and prosicit On Mon, Jan 12, 2009 at 4:33 PM, Juha-Matti Laurio juha-matti.lau...@netti.fi wrote: Some of us remember Support Intelligence's research in April 2007: http://blog.support-intelligence.com/2007_04_01_support-intelligence_archive.html (covered at 'Corporate spambots named and shamed' http://www.vnunet.com/vnunet/news/2188948/corporate-spambots-named-shamed) Juha-Matti Tonu Samuel [t...@jes.ee] kirjoitti: Looks this mail went to devnull: --8-- Just interesting spam I got today. It was from and actually originating from NASA. Yet visible here if someone cares: http://www.spamcop.net/sc?id=z2486413060z414e4d86a6a209ebc1682975316af239z Tõnu ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ http://www.jewelerslounge.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
just a question.. didn't n3td3v said I'll stop writing on full.disclosure or am I wrong? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Help with something?
I got started a long time ago writing example code for new security- interested people. I got just one example done, my full time job and school started, and gave up debugging. Just out of curiosity, going to throw it out there. It's the only example up at http://labs.thegoodhacker.com/ let's see where I messed up. It segfaults, if I remember correctly. Sent from my iPhone ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
he did. hes a well known liar. On Mon, Jan 12, 2009 at 12:50 PM, BlackHawk hawkgot...@gmail.com wrote: just a question.. didn't n3td3v said I'll stop writing on full.disclosure or am I wrong? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
no, they are not my nicknames u tard. u r the only 1 that has like 4 nicks. i hate you. i hope you die. fuck. you. On Mon, Jan 12, 2009 at 10:36 AM, n3td3v xploita...@gmail.com wrote: On Mon, Jan 12, 2009 at 2:52 PM, Ureleet urel...@gmail.com wrote: i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. Your nicknames andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. Your nicknames i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace They know me already and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. Unlikely if I have intelligence they want i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. Still here i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. Take your own advice andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. Your nicknames Mine have only ever been: n3td3v xploitable hackthegov worriedsecurity u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. More garbage c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. Hope not ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
o, and dont forget darkmyst. u liar. On Mon, Jan 12, 2009 at 10:36 AM, n3td3v xploita...@gmail.com wrote: On Mon, Jan 12, 2009 at 2:52 PM, Ureleet urel...@gmail.com wrote: i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. Your nicknames andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. Your nicknames i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace They know me already and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. Unlikely if I have intelligence they want i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. Still here i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. Take your own advice andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. Your nicknames Mine have only ever been: n3td3v xploitable hackthegov worriedsecurity u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. More garbage c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. Hope not ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
There has been no darkmyst on full-disclosure, you've just slipped up and closed the gap on who you actually are. On Mon, Jan 12, 2009 at 6:13 PM, Ureleet urel...@gmail.com wrote: o, and dont forget darkmyst. u liar. On Mon, Jan 12, 2009 at 10:36 AM, n3td3v xploita...@gmail.com wrote: On Mon, Jan 12, 2009 at 2:52 PM, Ureleet urel...@gmail.com wrote: i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. Your nicknames andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. Your nicknames i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace They know me already and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. Unlikely if I have intelligence they want i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. Still here i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. Take your own advice andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. Your nicknames Mine have only ever been: n3td3v xploitable hackthegov worriedsecurity u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. More garbage c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. Hope not ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
And you're a well known troll who's info will be found out. On Mon, Jan 12, 2009 at 6:11 PM, Ureleet urel...@gmail.com wrote: he did. hes a well known liar. On Mon, Jan 12, 2009 at 12:50 PM, BlackHawk hawkgot...@gmail.com wrote: just a question.. didn't n3td3v said I'll stop writing on full.disclosure or am I wrong? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
uh, how is it that that information narrows me down? my name is ureleet. i go by no other alias, my mother gave me that name. sorry to tell u and shoot down ur conspiracy theory u nutter. in fact, ive talked 2 u, ON irc, USING THIS NICK. man u r nuts. u used darkmyst on freenode. before you were banned (according 2 ur little google group, u know, be4 u banned me, when u said all were welcome?). information which can be found in any of the channels u used to be in, which youve posted on here for instance, #pauldotcom, which uve mentioned on here. #security, which uve mentioned on here. both of which ive been to in the past, and both of which had bans, all placed at the same time against n3td3v, darkmyst, worried, and cybersec. u suddenly forget that everything u do, u post in ur little group. there r 4000+ ppl reading that group right? how do u know which ones we really r? THE URELEET GROUP STRIKES AGAIN On Mon, Jan 12, 2009 at 1:17 PM, n3td3v xploita...@gmail.com wrote: There has been no darkmyst on full-disclosure, you've just slipped up and closed the gap on who you actually are. On Mon, Jan 12, 2009 at 6:13 PM, Ureleet urel...@gmail.com wrote: o, and dont forget darkmyst. u liar. On Mon, Jan 12, 2009 at 10:36 AM, n3td3v xploita...@gmail.com wrote: On Mon, Jan 12, 2009 at 2:52 PM, Ureleet urel...@gmail.com wrote: i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. Your nicknames andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. Your nicknames i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace They know me already and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. Unlikely if I have intelligence they want i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. Still here i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. Take your own advice andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. Your nicknames Mine have only ever been: n3td3v xploitable hackthegov worriedsecurity u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. More garbage c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. Hope not ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
sure it will. when u join mi5 right? lol. way 2 fuck that up. im a well known troll against 1 thing. u. nothing else. On Mon, Jan 12, 2009 at 1:27 PM, n3td3v xploita...@gmail.com wrote: And you're a well known troll who's info will be found out. On Mon, Jan 12, 2009 at 6:11 PM, Ureleet urel...@gmail.com wrote: he did. hes a well known liar. On Mon, Jan 12, 2009 at 12:50 PM, BlackHawk hawkgot...@gmail.com wrote: just a question.. didn't n3td3v said I'll stop writing on full.disclosure or am I wrong? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] US-CERT Current Activity - Malicious Code Circulating via Israel/Hamas Conflict Spam Messages
Their PGP keys have expired =) No, they haven't .. learn about ISO date formats : http://www.iso.org/iso/date_and_time_format It's called calendar date, and goes from largest element to smallest, eg: -MM-DD Expires: 2009-10-01 That'd be the First day of October, 2009. GPG uses ISO-format dates : $wget ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.9.tar.bz2 tar -jxvf gnupg-1.4.9.tar.bz2 $more ./gnupg-1.4.9/doc/DETAILS All dates are displayed in the format -mm-dd unless you use the option --fixed-list-mode in which case they are displayed as seconds since Epoch. Cheers, Michael Holstein Cleveland State University ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This is WAR!
On Mon, Jan 12, 2009 at 8:18 AM, Kyle Bader kyle.ba...@gmail.com wrote: :q! I think you meant: :wq! After all, you should save this thread for later! -Rants ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
On Mon, Jan 12, 2009 at 1:58 PM, nzerozero p nzeroze...@gmail.com wrote: I thought you said you were going to lay off Andrew. If that is his real name. I wish this would stop on both sides of the aisle, as it were. u r right. i did. in an effort to reduce noise and respect the others on the list's wishes, i will stfu. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
On Mon, Jan 12, 2009 at 7:16 PM, Ureleet urel...@gmail.com wrote: On Mon, Jan 12, 2009 at 1:58 PM, nzerozero p nzeroze...@gmail.com wrote: I thought you said you were going to lay off Andrew. If that is his real name. I wish this would stop on both sides of the aisle, as it were. u r right. i did. in an effort to reduce noise and respect the others on the list's wishes, i will stfu. At last. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
I thought you said you were going to lay off Andrew. If that is his real name. I wish this would stop on both sides of the aisle, as it were. On Mon, Jan 12, 2009 at 1:35 PM, Ureleet urel...@gmail.com wrote: uh, how is it that that information narrows me down? my name is ureleet. i go by no other alias, my mother gave me that name. sorry to tell u and shoot down ur conspiracy theory u nutter. in fact, ive talked 2 u, ON irc, USING THIS NICK. man u r nuts. u used darkmyst on freenode. before you were banned (according 2 ur little google group, u know, be4 u banned me, when u said all were welcome?). information which can be found in any of the channels u used to be in, which youve posted on here for instance, #pauldotcom, which uve mentioned on here. #security, which uve mentioned on here. both of which ive been to in the past, and both of which had bans, all placed at the same time against n3td3v, darkmyst, worried, and cybersec. u suddenly forget that everything u do, u post in ur little group. there r 4000+ ppl reading that group right? how do u know which ones we really r? THE URELEET GROUP STRIKES AGAIN On Mon, Jan 12, 2009 at 1:17 PM, n3td3v xploita...@gmail.com wrote: There has been no darkmyst on full-disclosure, you've just slipped up and closed the gap on who you actually are. On Mon, Jan 12, 2009 at 6:13 PM, Ureleet urel...@gmail.com wrote: o, and dont forget darkmyst. u liar. On Mon, Jan 12, 2009 at 10:36 AM, n3td3v xploita...@gmail.com wrote: On Mon, Jan 12, 2009 at 2:52 PM, Ureleet urel...@gmail.com wrote: i wrote an email last week that said i will lay off of andrew. i did. and it seems like the list has torn him apart without me. further echoing the sentiment that i share. Your nicknames andrew is, in fact, a worthless air sucker.. now, i know that alot of u have me going directly to /dev/null or spam, but 4 those of u that dont. heres my request: no 1 respond 2 n3td3v. not now, not ever. ive done my deed in further pointing out how much i h8 him, and it seems like at least 20-30 others have done so as well. Your nicknames i saw that andrew posted that he was applying 4 mi5. good luck. btw -- when mi5 reviews applications, (of dropouts especially), they tend 2 do a little research. 1 of those steps is to google ur name. andrew wallace They know me already and they will then realize that andrew wallace, is indeed n3td3v. and u then will not have a job. u will fail. Unlikely if I have intelligence they want i also noticed that andrew/n3td3v said that he was leaving the list. again. ...again... but we all know, hell be back in a week or so, if not already. Still here i ask that u all ignore him. no 1 respond 2 him. i wont, j-f, i hope u dont, biz marquee, i hope u dont. every1, i implore u 2 please ignore him. especially those, like j-f said, who feel that they have 2 point out (like me) what a tool he is because if we dont, then that means we accept it. which is wrong. Take your own advice andrew i leave u w/ this thought: i speak for @ least 30 ppl on this list. not every1, (as u undoubtably will point out, like u do in every other fucking thread), and especially all ur aliases such as sexybitch169 or whatever ur name is. we dont like u. we think u have no value. we think that the best thing u can do 4 the community is to leave. we do not value ur opinion. in case u havent noticed, the security community pretty much doesnt value any1s opinion! thats it. Your nicknames Mine have only ever been: n3td3v xploitable hackthegov worriedsecurity u want 2 b legit? try learning, and not regurgitating. u post nothing of value. we read the same stuff u do. and those of us that havent read it by the time u do, need to step up their game because they r falling woefully behind. More garbage c u in 10 years if u listen 2 me. see u in 3-5 days if u dont. Hope not ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
Shut up scyzophrenique punk 2009/1/12 n3td3v xploita...@gmail.com On Mon, Jan 12, 2009 at 7:16 PM, Ureleet urel...@gmail.com wrote: On Mon, Jan 12, 2009 at 1:58 PM, nzerozero p nzeroze...@gmail.com wrote: I thought you said you were going to lay off Andrew. If that is his real name. I wish this would stop on both sides of the aisle, as it were. u r right. i did. in an effort to reduce noise and respect the others on the list's wishes, i will stfu. At last. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
You first. On Mon, Jan 12, 2009 at 7:31 PM, j-f sentier j.sent...@gmail.com wrote: Shut up scyzophrenique punk 2009/1/12 n3td3v xploita...@gmail.com On Mon, Jan 12, 2009 at 7:16 PM, Ureleet urel...@gmail.com wrote: On Mon, Jan 12, 2009 at 1:58 PM, nzerozero p nzeroze...@gmail.com wrote: I thought you said you were going to lay off Andrew. If that is his real name. I wish this would stop on both sides of the aisle, as it were. u r right. i did. in an effort to reduce noise and respect the others on the list's wishes, i will stfu. At last. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200901-07 ] MPlayer: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security AdvisoryGLSA 200901-07:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: MPlayer: Multiple vulnerabilities Date: January 12, 2009 Updated: January 12, 2009 Bugs: #231836, #239130, #251017 ID: 200901-07:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Multiple vulnerabilities in MPlayer may lead to the execution of arbitrary code or a Denial of Service. Background == MPlayer is a media player including support for a wide range of audio and video formats. Affected packages = --- Package / Vulnerable /Unaffected --- 1 mplayer 1.0_rc2_p28058-r1 = 1.0_rc2_p28058-r1 Description === Multiple vulnerabilities have been reported in MPlayer: * A stack-based buffer overflow was found in the str_read_packet() function in libavformat/psxstr.c when processing crafted STR files that interleave audio and video sectors (CVE-2008-3162). * Felipe Andres Manzano reported multiple integer underflows in the demux_real_fill_buffer() function in demux_real.c when processing crafted Real Media files that cause the stream_read() function to read or write arbitrary memory (CVE-2008-3827). * Tobias Klein reported a stack-based buffer overflow in the demux_open_vqf() function in libmpdemux/demux_vqf.c when processing malformed TwinVQ files (CVE-2008-5616). Impact == A remote attacker could entice a user to open a specially crafted STR, Real Media, or TwinVQ file to execute arbitrary code or cause a Denial of Service. Workaround == There is no known workaround at this time. Resolution == All MPlayer users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =media-video/mplayer-1.0_rc2_p28058-r1 References == [ 1 ] CVE-2008-3162 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3162 [ 2 ] CVE-2008-3827 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3827 [ 3 ] CVE-2008-5616 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5616 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200901-07.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This is WAR!
How do I get out of the mailing list, its gone way overboard From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Rants nRaves Sent: Monday, January 12, 2009 2:01 PM To: Kyle Bader Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] This is WAR! On Mon, Jan 12, 2009 at 8:18 AM, Kyle Bader kyle.ba...@gmail.com wrote: :q! I think you meant: :wq! After all, you should save this thread for later! -Rants ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
wow...u people are pathetic.. Ok, enough with all the bullshit. Everyone in here is talking acting like a smartass who actually tried doing any better. I dont know if the so called e.hitler can live up to any of his global scale message claims, nor do i know if he his actions will speak louder than words as he says. All i know is the guy is utilising what he's got, tryina fight for his cause and views, while you guys are making fun of the name :S. Now whether he does that or not, at least he actually tried to make a real difference, instead of posting a i support gaza as a fb status, or as an msn pm. Now if anyone here sees himself capable of doin a better change, i suggest he show us. Anyone arguing he has no skin in this doesnt have to interfere making fun of the people who tried with all the effort and resources they got, no matter how small, to fight for their cause. You either contribute to your side, or stay just stay away and let the people who are interested in the issue serve their side. I respect the guy, whether he succeeds or fails. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Simple request
Ladies and gentlemen, I have a simple request. A lot of people here has already added the usual shitbags to /dev/null, I added them myself recently too. What I ask is simple: could you please stop feeding the trolls and NOT reply to their stupid topics? Most people complain about the noise, but they end up adding to it. You all know who you are. There's also no need to reply to this topic, I'm just asking to cease the useless replies and troll feeding to the usual batshits. Thanks, El Pollo Loco. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1701-1] New OpenSSL packages fix cryptographic weakness
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1701-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq - Package: openssl, openssl097 Vulnerability : interpretation conflict Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-5077 Debian Bug : 511196 It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine (CVE-2008-5077). For the stable distribution (etch), this problem has been fixed in version 0.9.8c-4etch4 of the openssl package, and version 0.9.7k-3.1etch2 of the openssl097 package. For the unstable distribution (sid), this problem has been fixed in version 0.9.8g-15. The testing distribution (lenny) will be fixed soon. We recommend that you upgrade your OpenSSL packages. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Source archives: http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.dsc Size/MD5 checksum: 1069 fb69818a28ead5b3026dcafc1f5e92d5 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c.orig.tar.gz Size/MD5 checksum: 3313857 78454bec556bcb4c45129428a766c886 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.diff.gz Size/MD5 checksum:56230 ad913155fe55d659741976a1be02ee48 http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k.orig.tar.gz Size/MD5 checksum: 3292692 be6bba1d67b26eabb48cf1774925416f http://security.debian.org/pool/updates/main/o/openssl097/openssl097_0.9.7k-3.1etch2.diff.gz Size/MD5 checksum:34518 845a986c8a5170953c1e88c2d9965176 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4.dsc Size/MD5 checksum: 1107 fd0b477d237c473e3f1491e8821b155d alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 2561904 e0499757c84819b0cb4919de45e733c4 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_alpha.deb Size/MD5 checksum: 3822008 a63ea4834f1be21cf7dacd7a60817914 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_alpha.deb Size/MD5 checksum: 2209796 1d008a2d9fcb466c0e1393fd6cf1dced http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 4558410 af0dcd956ae91457c01c5152bea8c775 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 1026098 957ee2ef34a7aa24c41903eea6d1db51 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_alpha.deb Size/MD5 checksum: 2621108 d42a2d70f27723a8dc9aab1dfb83ad10 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_alpha.udeb Size/MD5 checksum: 677162 039dd8968e77f09312fc4e502601b6fe amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 891116 0d771317a58430e6ecea1e38e6889ef4 http://security.debian.org/pool/updates/main/o/openssl/libcrypto0.9.8-udeb_0.9.8c-4etch4_amd64.udeb Size/MD5 checksum: 580208 f08c5d2e4649dd9f077b440d3cd35963 http://security.debian.org/pool/updates/main/o/openssl/libssl0.9.8-dbg_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 1655264 ec946f04aa2fae3a001be8c7ae330839 http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7_0.9.7k-3.1etch2_amd64.deb Size/MD5 checksum: 753788 e5521b844646e69b1b8f2daa872b83b8 http://security.debian.org/pool/updates/main/o/openssl/openssl_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 992378 417077b8de5a56b9dad0667f2ab5b6e2 http://security.debian.org/pool/updates/main/o/openssl/libssl-dev_0.9.8c-4etch4_amd64.deb Size/MD5 checksum: 2178820 effca1afcd65d7e418f3cb75dd875b1d http://security.debian.org/pool/updates/main/o/openssl097/libssl0.9.7-dbg_0.9.7k-3.1etch2_amd64.deb Size/MD5 checksum: 1326428 670a34f7c39343a7939ba43c4658821c hppa
[Full-disclosure] [SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1702-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq - Package: ntp Vulnerability : interpretation conflict Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-0021 Debian Bug : 511227 It has been discovered that NTP, an implementation of the Network Time Protocol, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which may ultimately lead to the acceptance of unauthenticated time information. (Note that cryptographic authentication of time servers is often not enabled in the first place.) For the stable distribution (etch), this problem has been fixed in version 4.2.2.p4+dfsg-2etch1. For the unstable distribution (sid), this problem has been fixed in version 4.2.4p4+dfsg-8. The testing distribution (lenny) will be fixed soon. We recommend that you upgrade your ntp package. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Source archives: http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1.dsc Size/MD5 checksum: 906 e0ae8fa9aad8606ad51a06511159c27d http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz Size/MD5 checksum: 2199764 ad746cda2d90dbb9ed06fe164273c5d0 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1.diff.gz Size/MD5 checksum: 176270 339515bd8d7e653a9fedb2bcad03bb74 Architecture independent packages: http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch1_all.deb Size/MD5 checksum: 910396 fc7d395c11365e371d58da5ab0d34bba http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch1_all.deb Size/MD5 checksum:28380 4b4c4955ecd354a4bc884027786c368f http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch1_all.deb Size/MD5 checksum:28382 31adec52e5d82d9d3026a41b37dc6936 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch1_alpha.deb Size/MD5 checksum:64790 9f577a186d01ad00e9882cd3424d2cac http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_alpha.deb Size/MD5 checksum: 407826 3e07d1ea475302dd39019d1bdc982ce7 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch1_amd64.deb Size/MD5 checksum:61274 0aedd7774998dfb1641860d66821af35 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_amd64.deb Size/MD5 checksum: 359176 a0e6375e933a8e591f34122fdf8b2bb0 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch1_hppa.deb Size/MD5 checksum:61736 9230c434db7c6b89c8ca032262653d91 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_hppa.deb Size/MD5 checksum: 373162 36909f95cddcfda62096aa9052441189 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_i386.deb Size/MD5 checksum: 328564 91103db311d21a9da3fa7fbd3c3d076a http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch1_i386.deb Size/MD5 checksum:57832 fc544d64adaac58dde6aef81a18a70fa ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch1_ia64.deb Size/MD5 checksum:74470 19e2e2b4124a7ca1a82e43a29b3b99b5 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_ia64.deb Size/MD5 checksum: 523072 9b004e17c3541978ee1abdf2e02494bb mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_mipsel.deb Size/MD5 checksum: 389912 45526855df18c76e2eb826983c3d450f http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch1_mipsel.deb Size/MD5 checksum:63888 5bbabab2a3c5571b3c2fd82a80bb5582 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch1_powerpc.deb Size/MD5 checksum: 358632
Re: [Full-disclosure] e-Holocaust
1st of all, his cause and views are summed up as terrorism - worthless terrorism, but still terrorism - therefore he gets no sympathy. The fact that it is worthless, and he is presenting it as valuable and in a way that resembles the brain in 'Pinky and the Brain' cartoon - and/or Mini-me of Austin Powers - makes us laugh. It was clear to anyone with an IQ level greater than that of a mosquito... Now could you please buzz off? On Mon, Jan 12, 2009 at 9:50 PM, Meshinkah Meshinkah meshin...@gmail.com wrote: wow...u people are pathetic.. Ok, enough with all the bullshit. Everyone in here is talking acting like a smartass who actually tried doing any better. I dont know if the so called e.hitler can live up to any of his global scale message claims, nor do i know if he his actions will speak louder than words as he says. All i know is the guy is utilising what he's got, tryina fight for his cause and views, while you guys are making fun of the name :S. Now whether he does that or not, at least he actually tried to make a real difference, instead of posting a i support gaza as a fb status, or as an msn pm. Now if anyone here sees himself capable of doin a better change, i suggest he show us. Anyone arguing he has no skin in this doesnt have to interfere making fun of the people who tried with all the effort and resources they got, no matter how small, to fight for their cause. You either contribute to your side, or stay just stay away and let the people who are interested in the issue serve their side. I respect the guy, whether he succeeds or fails. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [SECURITY] [DSA 1703-1] New bind9 packages fix cryptographic weakness
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1703-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq - Package: bind9 Vulnerability : interpretation conflict Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-0025 It was discovered that BIND, an implementation of the DNS protocol suite, does not properly check the result of an OpenSSL function which is used to verify DSA cryptographic signatures. As a result, incorrect DNS resource records in zones protected by DNSSEC could be accepted as genuine. For the stable distribution (etch), this problem has been fixed in version 9.3.4-2etch4. For the unstable distribution (sid) and the testing distribution (lenny), this problem will be fixed soon. We recommend that you upgrade your BIND packages. Upgrade instructions - wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - --- Source archives: http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch4.dsc Size/MD5 checksum: 1197 aa679c6e3106b422fa8de952556cc98e http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch4.diff.gz Size/MD5 checksum: 302859 12d089f391d6ac1a60e2a7b7b8c49f42 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0 Architecture independent packages: http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch4_all.deb Size/MD5 checksum: 187564 d3609a90363331288018fcdbba29a047 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 226154 9adec25147fa3f2c85cef36c75148335 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch4_alpha.deb Size/MD5 checksum:96576 8ca632cac9163decf3c3dd24a373cc1b http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 112678 273ba2508722416d3a7090153922c01e http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch4_alpha.deb Size/MD5 checksum:98226 eef74b1024e184fcea8a09f3800cf544 http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 190164 7eac73aae4fabfcfec8e9ecdcde45ff5 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 322348 a5a5ea6ddbfaab6c8aeaf247d1c95874 http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 116594 61d56b68f75ef2693169176efa07512e http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 564948 2827fe2266733bd0439ec8a22f167f25 http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 115860 0bb76803abf4d4799c7d2a64cd0af449 http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 1407512 95c550a74d02dbe81886f33499e249cc http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch4_alpha.deb Size/MD5 checksum: 188806 420104ba72fe220ae0e7eff269fc086d amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch4_amd64.deb Size/MD5 checksum: 317636 d5841784354f118901f08f48a0e886e8 http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch4_amd64.deb Size/MD5 checksum:96156 ce4d2168a261c296f6b60dc2c52a0ac0 http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch4_amd64.deb Size/MD5 checksum: 224438 460704b96b0b279f5f54346a02356f18 http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch4_amd64.deb Size/MD5 checksum: 190758 21f6b7f6dca59161cf1ba423b97a013e http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch4_amd64.deb Size/MD5 checksum: 552562 4cdcf10ca2572737e63c6269e4d7ef6b http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch4_amd64.deb Size/MD5 checksum: 117040 24dd657bb0b671a48fb1498948fdca41
Re: [Full-disclosure] I'm not the troll i've been trolled
On Tue, 13 Jan 2009 00:59:50 +1100, Biz Marqee said: i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. I wonder what collaboration he can provide to MI5 if he's looking at the open-source stuff that MI5 presumably *already* monitors if there's anything worthwhile going on. pgpS4vZJC7q2o.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
On Mon, 12 Jan 2009 15:57:42 GMT, n3td3v said: Lot's of intelligence people disclose to people who they are especially with other intelligencers. I don't understand that wording that they use because its not strictly necessary to hide your identity. That statement will just be a general rule for people applying, mi5 wouldn't be able to operate if none of them ever told anyone who they are. Sure. But you missed an important point. If you can't be trusted to keep your damned yap shut about the fact that you applied for a job there because you think you understand the need for secrecy better than the MI5 guys who have been doing it for 3 or 4 times as long as you've been *alive*, why should they trust you to keep your yap shut when you get access to something actually sensitive? pgpisLc5t93WT.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
On Mon, Jan 12, 2009 at 9:18 PM, Avraham Schneider avri.schnei...@gmail.com wrote: 1st of all, his cause and views are summed up as terrorism - worthless terrorism, but still terrorism - therefore he gets no sympathy. You don't get it do you, this is supposedly a mailing list about 'the threats'. Should we not be encouraging terrorists to post to the list not discourage? Think about it. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
On Mon, 12 Jan 2009 13:35:53 EST, Ureleet said: u used darkmyst on freenode. He obviously missed the Slashdot article the other day that pointed at this: http://www.newscientist.com/blogs/shortsharpscience/2009/01/what-your-social-network-can-r.html http://w2spconf.com/2008/papers/s3p2.pdf However, I'm sure the guys at MI5 knew all about it years ago. ;) pgpnvzeRuC1PS.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
If he were to have posted that he hacked this 1 Israeli server - and shown that he was exploiting some new unknown vulnerability and Fully Disclosed the methods he used - it would have fit the Full Disclosure character. The fact that he is 'threatning', does not make it 'newsworthy' - it makes it 'funny' As it is - he fits the scrip-kiddy type that everyone has fun laughing at. On Tue, Jan 13, 2009 at 12:09 AM, andrew. wallace andrew.wall...@rocketmail.com wrote: On Mon, Jan 12, 2009 at 9:18 PM, Avraham Schneider avri.schnei...@gmail.com wrote: 1st of all, his cause and views are summed up as terrorism - worthless terrorism, but still terrorism - therefore he gets no sympathy. You don't get it do you, this is supposedly a mailing list about 'the threats'. Should we not be encouraging terrorists to post to the list not discourage? Think about it. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This is WAR!
--On Monday, January 12, 2009 13:00:30 -0600 Rants nRaves rantsnr...@gmail.com wrote: On Mon, Jan 12, 2009 at 8:18 AM, Kyle Bader kyle.ba...@gmail.com wrote: :q! I think you meant: :wq! Well no. If he meant that, he would have written :x! -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** Check the headers before clicking on Reply. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Postings
On Mon, Jan 12, 2009 at 10:12 PM, valdis.kletni...@vt.edu wrote: On Mon, 12 Jan 2009 13:35:53 EST, Ureleet said: u used darkmyst on freenode. He obviously missed the Slashdot article the other day that pointed at this: http://www.newscientist.com/blogs/shortsharpscience/2009/01/what-your-social-network-can-r.html http://w2spconf.com/2008/papers/s3p2.pdf The point was I was listing my nicknames used on full-disclosure, I thought he was refering that darkmyst was also a nickname on full-disclosure. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
You wasn't supposed to leave this list before MI5 throw your body in the sea ? 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 6:36 PM, Ureleet urel...@gmail.com wrote: im a well known troll against 1 thing. u. nothing else. Let us know if you ever feel angry about anything else apart from me now or in the future. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
I think we'd all have a lot more respect if e.hitler (I still laugh every time I say that!) and his buddies did something actually worthwhile that would make a real difference. Like volunteering for a charity which is collecting for the innocent Palestinians who are loosing their homes, schools, etc for example. Or how about writing his elected officials to put pressure on the Israeli's to let the Red Cross and other aid agencies in? Instead he's done the internet equivalent of throwing toilet paper on the neighbors house in the middle of the night. Yes, someone is pissed off now and had to clean it up, but it's just a sophomoric prank which doesn't mean anything in the world. It makes him and his buddies feel good like they're doing something, but the adults on this forum know better. Notice nobody in the news is reporting that e.hitler and his merry men are wreaking havoc. Even so-called news sites like slashdot are ignoring it... why? because it's not news and nobody gives a shit. When they hack into the Mossad or IDF let me know. But they're just lame script kiddies who don't have the skills or balls to pull that off. And yes, people like myself without any skin in the game do have a role- to point out to the rest of the world when the emperor has no clothes. If e.hitler doesn't like it, he can always crawl back into his hole and stop posting. -Rants On Mon, Jan 12, 2009 at 11:50 AM, Meshinkah Meshinkah meshin...@gmail.comwrote: wow...u people are pathetic.. Ok, enough with all the bullshit. Everyone in here is talking acting like a smartass who actually tried doing any better. I dont know if the so called e.hitler can live up to any of his global scale message claims, nor do i know if he his actions will speak louder than words as he says. All i know is the guy is utilising what he's got, tryina fight for his cause and views, while you guys are making fun of the name :S. Now whether he does that or not, at least he actually tried to make a real difference, instead of posting a i support gaza as a fb status, or as an msn pm. Now if anyone here sees himself capable of doin a better change, i suggest he show us. Anyone arguing he has no skin in this doesnt have to interfere making fun of the people who tried with all the effort and resources they got, no matter how small, to fight for their cause. You either contribute to your side, or stay just stay away and let the people who are interested in the issue serve their side. I respect the guy, whether he succeeds or fails. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ GLSA 200901-08 ] Online-Bookmarks: Multiple vulnerabilities
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200901-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Online-Bookmarks: Multiple vulnerabilities Date: January 12, 2009 Bugs: #235053 ID: 200901-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis Multiple vulnerabilities have been reported in Online-Bookmarks. Background == Online-Bookmarks is a web-based bookmark management system to store your bookmarks, favorites and links. Affected packages = --- Package/ Vulnerable /Unaffected --- 1 www-apps/online-bookmarks 0.6.28 = 0.6.28 Description === The following vulnerabilities were reported: * Authentication bypass when directly requesting certain pages (CVE-2004-2155). * Insufficient input validation in the login function in auth.inc (CVE-2006-6358). * Unspecified cross-site scripting vulnerability (CVE-2006-6359). Impact == A remote attacker could exploit these vulnerabilities to bypass authentication mechanisms, execute arbitrary SQL statements or inject arbitrary web scripts. Workaround == There is no known workaround at this time. Resolution == All Online-Bookmarks users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =www-apps/online-bookmarks-0.6.28 References == [ 1 ] CVE-2004-2155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2155 [ 2 ] CVE-2006-6358 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6358 [ 3 ] CVE-2006-6359 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6359 Availability This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200901-08.xml Concerns? = Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to secur...@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org. License === Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
Can we wrap this thread up now and get back to business about 'the threats'. On Mon, Jan 12, 2009 at 10:33 PM, j-f sentier j.sent...@gmail.com wrote: You wasn't supposed to leave this list before MI5 throw your body in the sea ? 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 6:36 PM, Ureleet urel...@gmail.com wrote: im a well known troll against 1 thing. u. nothing else. Let us know if you ever feel angry about anything else apart from me now or in the future. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
what 'threats'? e.hitler's? pfff... On Tue, Jan 13, 2009 at 12:49 AM, andrew. wallace andrew.wall...@rocketmail.com wrote: Can we wrap this thread up now and get back to business about 'the threats'. On Mon, Jan 12, 2009 at 10:33 PM, j-f sentier j.sent...@gmail.com wrote: You wasn't supposed to leave this list before MI5 throw your body in the sea ? 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 6:36 PM, Ureleet urel...@gmail.com wrote: im a well known troll against 1 thing. u. nothing else. Let us know if you ever feel angry about anything else apart from me now or in the future. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
Right.. ok, sure, throwing toilet paper is no damage, wont hurt. Publicisng your paypal account and other info, now that would hurt dont ya think? As for what he's doing being worthless, i never said it was, please read my posts before u reply, instead of just makin me repeat myself. All i said was he is trying, with all his knowledge, capabilities, etc to support the people he sees right, and go against those he sees wrong. And again, whether the news talk about him or not, whether all this he's tryina do does any effect, they had enough self confidence to have a goal and attempt it, i am petty sure if they had the power and capabilities to do more they would.. and lol..., go donate? that just made me laugh.. Once again, i support his thought and determination, i dont know about his recources and/or skills to judge him being a skid or not and neither does anyone in here. All of that is irrelevant to him failing/succeeding, or whether he's goin up against the side u think are terrorists or not. On Mon, Jan 12, 2009 at 11:06 PM, Rants nRaves rantsnr...@gmail.com wrote: I think we'd all have a lot more respect if e.hitler (I still laugh every time I say that!) and his buddies did something actually worthwhile that would make a real difference. Like volunteering for a charity which is collecting for the innocent Palestinians who are loosing their homes, schools, etc for example. Or how about writing his elected officials to put pressure on the Israeli's to let the Red Cross and other aid agencies in? Instead he's done the internet equivalent of throwing toilet paper on the neighbors house in the middle of the night. Yes, someone is pissed off now and had to clean it up, but it's just a sophomoric prank which doesn't mean anything in the world. It makes him and his buddies feel good like they're doing something, but the adults on this forum know better. Notice nobody in the news is reporting that e.hitler and his merry men are wreaking havoc. Even so-called news sites like slashdot are ignoring it... why? because it's not news and nobody gives a shit. When they hack into the Mossad or IDF let me know. But they're just lame script kiddies who don't have the skills or balls to pull that off. And yes, people like myself without any skin in the game do have a role- to point out to the rest of the world when the emperor has no clothes. If e.hitler doesn't like it, he can always crawl back into his hole and stop posting. -Rants On Mon, Jan 12, 2009 at 11:50 AM, Meshinkah Meshinkah meshin...@gmail.com wrote: wow...u people are pathetic.. Ok, enough with all the bullshit. Everyone in here is talking acting like a smartass who actually tried doing any better. I dont know if the so called e.hitler can live up to any of his global scale message claims, nor do i know if he his actions will speak louder than words as he says. All i know is the guy is utilising what he's got, tryina fight for his cause and views, while you guys are making fun of the name :S. Now whether he does that or not, at least he actually tried to make a real difference, instead of posting a i support gaza as a fb status, or as an msn pm. Now if anyone here sees himself capable of doin a better change, i suggest he show us. Anyone arguing he has no skin in this doesnt have to interfere making fun of the people who tried with all the effort and resources they got, no matter how small, to fight for their cause. You either contribute to your side, or stay just stay away and let the people who are interested in the issue serve their side. I respect the guy, whether he succeeds or fails. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Can we wrap this thread up now and get back to business about 'the threats'. Nop. How can we take one single word from you seriously, if you lies all the time dude? I'm expecting you to leave as you said twice, like many others here are also expecting. 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Can we wrap this thread up now and get back to business about 'the threats'. On Mon, Jan 12, 2009 at 10:33 PM, j-f sentier j.sent...@gmail.com wrote: You wasn't supposed to leave this list before MI5 throw your body in the sea ? 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 6:36 PM, Ureleet urel...@gmail.com wrote: im a well known troll against 1 thing. u. nothing else. Let us know if you ever feel angry about anything else apart from me now or in the future. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
G'day, netdev / andrew: STFU, WILL THIS BS EVER END? The only threat is the BS you keep shoving down innocent peoples throats. Let it go, GTFO, and you go with it YOU FUCKING IDIOT. Cheers and best wishes to everyone ! G. Stackseg On Mon, Jan 12, 2009 at 2:49 PM, andrew. wallace andrew.wall...@rocketmail.com wrote: Can we wrap this thread up now and get back to business about 'the threats'. On Mon, Jan 12, 2009 at 10:33 PM, j-f sentier j.sent...@gmail.com wrote: You wasn't supposed to leave this list before MI5 throw your body in the sea ? 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 6:36 PM, Ureleet urel...@gmail.com wrote: im a well known troll against 1 thing. u. nothing else. Let us know if you ever feel angry about anything else apart from me now or in the future. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
On Mon, Jan 12, 2009 at 10:59 PM, j-f sentier j.sent...@gmail.com wrote: 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Can we wrap this thread up now and get back to business about 'the threats'. Nop. How can we take one single word from you seriously, if you lies all the time dude? I'm expecting you to leave as you said twice, like many others here are also expecting. Swings and roundabouts. Like a dog chasing its own tail you persist. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
On Mon, Jan 12, 2009 at 11:09 PM, Gomer Stackseg faultintoler...@gmail.com wrote: G'day, netdev / andrew: STFU, WILL THIS BS EVER END? I'm trying although the dedicated trolls keep the thread going. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
On Tue, Jan 13, 2009 at 12:57 AM, Meshinka7 meshin...@gmail.com wrote: Right.. ok, sure, throwing toilet paper is no damage, wont hurt. Publicisng your paypal account and other info, now that would hurt dont ya think? Defacing a bunch of websites that almost nobody looks at - all hosted on one un-patched server is akin to throwing toilet paper on your neighbor's house at night - read: no damage. As for what he's doing being worthless, i never said it was, please read my posts before u reply, instead of just makin me repeat myself. oh... we are all so sorry for troubling you. not. All i said was he is trying, with all his knowledge, capabilities, etc to support the people he sees right, and go against those he sees wrong. and that has what to do with FD? And again, whether the news talk about him or not, whether all this he's tryina do does any effect, they had enough self confidence to have a goal and attempt it, i am petty sure if they had the power and capabilities to do more they would.. he does not - since he is a script kiddy. and lol..., go donate? that just made me laugh.. yeah, it was probably a joke - like you and like e.hitler. Once again, i support his thought and determination good for you. , i dont know about his recources and/or skills to judge him being a skid or not and neither does anyone in here. Other than you and e.hitler (a bored kid with too many pimples to have any friends) - we all know. All of that is irrelevant to him failing/succeeding, or whether he's goin up against the side u think are terrorists or not. yes - he is irrelevant. Funny, but irrelevant. On Mon, Jan 12, 2009 at 11:06 PM, Rants nRaves rantsnr...@gmail.comwrote: I think we'd all have a lot more respect if e.hitler (I still laugh every time I say that!) and his buddies did something actually worthwhile that would make a real difference. Like volunteering for a charity which is collecting for the innocent Palestinians who are loosing their homes, schools, etc for example. Or how about writing his elected officials to put pressure on the Israeli's to let the Red Cross and other aid agencies in? Instead he's done the internet equivalent of throwing toilet paper on the neighbors house in the middle of the night. Yes, someone is pissed off now and had to clean it up, but it's just a sophomoric prank which doesn't mean anything in the world. It makes him and his buddies feel good like they're doing something, but the adults on this forum know better. Notice nobody in the news is reporting that e.hitler and his merry men are wreaking havoc. Even so-called news sites like slashdot are ignoring it... why? because it's not news and nobody gives a shit. When they hack into the Mossad or IDF let me know. But they're just lame script kiddies who don't have the skills or balls to pull that off. And yes, people like myself without any skin in the game do have a role- to point out to the rest of the world when the emperor has no clothes. If e.hitler doesn't like it, he can always crawl back into his hole and stop posting. -Rants On Mon, Jan 12, 2009 at 11:50 AM, Meshinkah Meshinkah meshin...@gmail.com wrote: wow...u people are pathetic.. Ok, enough with all the bullshit. Everyone in here is talking acting like a smartass who actually tried doing any better. I dont know if the so called e.hitler can live up to any of his global scale message claims, nor do i know if he his actions will speak louder than words as he says. All i know is the guy is utilising what he's got, tryina fight for his cause and views, while you guys are making fun of the name :S. Now whether he does that or not, at least he actually tried to make a real difference, instead of posting a i support gaza as a fb status, or as an msn pm. Now if anyone here sees himself capable of doin a better change, i suggest he show us. Anyone arguing he has no skin in this doesnt have to interfere making fun of the people who tried with all the effort and resources they got, no matter how small, to fight for their cause. You either contribute to your side, or stay just stay away and let the people who are interested in the issue serve their side. I respect the guy, whether he succeeds or fails. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
If you dont leave your FD experience on this list will be much more miserable than it actually is :) A mentally stable person assume what he say. As i told you many times: Get The Fuck Out Of Here. 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 10:59 PM, j-f sentier j.sent...@gmail.com wrote: 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Can we wrap this thread up now and get back to business about 'the threats'. Nop. How can we take one single word from you seriously, if you lies all the time dude? I'm expecting you to leave as you said twice, like many others here are also expecting. Swings and roundabouts. Like a dog chasing its own tail you persist. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
Changing your email address to make it look like more people are saying the same thing doesn't fool many people :) On Mon, Jan 12, 2009 at 11:34 PM, waveroad waveroad waver...@gmail.com wrote: If you dont leave your FD experience on this list will be much more miserable than it actually is :) A mentally stable person assume what he say. As i told you many times: Get The Fuck Out Of Here. 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 10:59 PM, j-f sentier j.sent...@gmail.com wrote: 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Can we wrap this thread up now and get back to business about 'the threats'. Nop. How can we take one single word from you seriously, if you lies all the time dude? I'm expecting you to leave as you said twice, like many others here are also expecting. Swings and roundabouts. Like a dog chasing its own tail you persist. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
?!? There's only one clown here, he's called andrew/n3td3v. Go fuck yourself. 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Changing your email address to make it look like more people are saying the same thing doesn't fool many people :) On Mon, Jan 12, 2009 at 11:34 PM, waveroad waveroad waver...@gmail.com wrote: If you dont leave your FD experience on this list will be much more miserable than it actually is :) A mentally stable person assume what he say. As i told you many times: Get The Fuck Out Of Here. 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com On Mon, Jan 12, 2009 at 10:59 PM, j-f sentier j.sent...@gmail.com wrote: 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com Can we wrap this thread up now and get back to business about 'the threats'. Nop. How can we take one single word from you seriously, if you lies all the time dude? I'm expecting you to leave as you said twice, like many others here are also expecting. Swings and roundabouts. Like a dog chasing its own tail you persist. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] I'm not the troll i've been trolled
Any information regarding the behavior modification of n3td3v will be well received, so please share any insight! On Tue, Jan 13, 2009 at :59 AM, - o z - o...@hotmail.com wrote: I will point out the faults in n3td3v's premises, read my last profile statement: On Jan 12, 2009, at :01 AM, n3td3v wrote: I've been the victim of trolls they see me as a good target to pick on because I run the n3td3v intelligence group and i'm going to apply for mi5. Victim, martyr fantasies, with the 'intel group' being a self-serve mailing lis that ANYONE can join (as I have under a different alias). It doesn't exist per se, it's all in his head. It's about as useful as tits on a boy. your everyday people can't run security because their ideas are too ordinary and they come up with nothing new. Typical -- exclusivity, it's all one big secret that a normal person cannot understand. they seen someone with an indepth underworld life that i can talk about that others don't believe because the secret world of spooks is often unbelievable to ordinary folks and thats where people think i must be trolling. Secret world of spooks reference, the whole intel agency thing, Mystery! the fact is i've never trolled the n3td3v group is real and i'll be applying for mi5 real soon. Real soon, yep, where have we heard this? there is no mental illness or anything else, thats just something thought up by trolls to get me to reply even more. DENIAL, of course there hasn't been mental illness, nope, not at all...OK, maybe a little... I research open source intelligence such as mailing lists and websites, television and radio. as well as monitoring folks in social situations online and offline building up profile of folks. Notice the subtle threat of 'researching and profiling other folks'? Usually when threats occur, this is the attempt to 'one-up' their last drama, just like I wrote about. We're getting to him, so the monkey has to perform a new and better trick. maybe thats because i run an intelligence group thats why i'm interested in it and i'll hope one day to collaborate with mi5 to share intelligence on people, hackers and the threats. MI5 fixation, again! this is a secret underworld you've had some insight to and the way we think, you will not understand us, you will never understand unless you are part of it. He has the secret key of the universe that mere mortals cannot understand. OK, now watch what happens, it will be right out of the handbook. Some kind of event will be precipitated. If this is worked right, we can alter the behavior to our liking. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] mr wallace must be stopped and i know how
OK - so in the interest of attempting to rid this list of the person we all hate I will now cease posting any replies to the n3t d3viate. Since I am now pretty sure he is a just mentally unstable person only seeking attention for his childlike behavior, I will deal with him in the same fashion as a child - ignoring him completely. I have tried to reason with him in private, as well outright public abuse. Nothing works because he does not process rational thought. I implore each of you who reply to his fishing expeditions (yes I am guilty!) to consider this as an alternate way to express your hate for him. He WILL eventually go away if not a single person replies to him. Please, in the interest of this list which was once GREAT, don't feed andrew wallace's fragmented ego. Just dont hit that reply button. It will only work if everyone does it, but will fail if one person does not. If people do it, it will happen. Not over night but it will. Anyway I will no longer be baited by this maniac, so I bid you farewell FD! I hope the list can partially recover from the irreparable damage caused by this one person, and I hope everyone follows suit and lets this guy drown in his own thoughts. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
He WILL eventually go away if not a single person replies to him. as 'he does not process rational thought' - I find that hard to believe. On Tue, Jan 13, 2009 at 2:17 AM, Biz Marqee biz.mar...@gmail.com wrote: OK - so in the interest of attempting to rid this list of the person we all hate I will now cease posting any replies to the n3t d3viate. Since I am now pretty sure he is a just mentally unstable person only seeking attention for his childlike behavior, I will deal with him in the same fashion as a child - ignoring him completely. I have tried to reason with him in private, as well outright public abuse. Nothing works because he does not process rational thought. I implore each of you who reply to his fishing expeditions (yes I am guilty!) to consider this as an alternate way to express your hate for him. He WILL eventually go away if not a single person replies to him. Please, in the interest of this list which was once GREAT, don't feed andrew wallace's fragmented ego. Just dont hit that reply button. It will only work if everyone does it, but will fail if one person does not. If people do it, it will happen. Not over night but it will. Anyway I will no longer be baited by this maniac, so I bid you farewell FD! I hope the list can partially recover from the irreparable damage caused by this one person, and I hope everyone follows suit and lets this guy drown in his own thoughts. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
On Tue, Jan 13, 2009 at 12:17 AM, Biz Marqee biz.mar...@gmail.com wrote: OK - so in the interest of attempting to rid this list of the person we all hate. I implore each of you who reply to his fishing expeditions (yes I am guilty!) to consider this as an alternate way to express your hate for him. People with hatred should be encouraged to post on full-disclosure since this list is about bad guys and threats, please continue your hate. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Biz Marqee is one of my aliases. On Mon, 12 Jan 2009 19:17:41 -0500 Biz Marqee biz.mar...@gmail.com wrote: OK - so in the interest of attempting to rid this list of the person we all hate I will now cease posting any replies to the n3t d3viate. Since I am now pretty sure he is a just mentally unstable person only seeking attention for his childlike behavior, I will deal with him in the same fashion as a child - ignoring him completely. I have tried to reason with him in private, as well outright public abuse. Nothing works because he does not process rational thought. I implore each of you who reply to his fishing expeditions (yes I am guilty!) to consider this as an alternate way to express your hate for him. He WILL eventually go away if not a single person replies to him. Please, in the interest of this list which was once GREAT, don't feed andrew wallace's fragmented ego. Just dont hit that reply button. It will only work if everyone does it, but will fail if one person does not. If people do it, it will happen. Not over night but it will. Anyway I will no longer be baited by this maniac, so I bid you farewell FD! I hope the list can partially recover from the irreparable damage caused by this one person, and I hope everyone follows suit and lets this guy drown in his own thoughts. -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklr6O0ACgkQynWwk3/AtyM56AQAgx9pumsbTc656LJ9nlOSVAbZeGWI KdLIejtJrssghT/v2QdGbuQXk3jXaOnY4Re24nasI21aJ1sGwjNaIbvku1zvndJKeVka s/RNd8Nmr8/ZVBLtOsv2c8q7IyuLbM5ofct5P7v8ikvUbFrM+ZHW03wkP28ck+XuFshq plshsZo= =bR6j -END PGP SIGNATURE- -- Click for free info on discount teaching degrees programs. http://tagline.hushmail.com/fc/PnY6qxuBBejIRDAIvNP6ADv78Smnhi5949yFp4mQUHRB1QD0iqHjy/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I got your back. 3 On Mon, 12 Jan 2009 19:34:58 -0500 andrew.wallace andrew.wall...@rocketmail.com wrote: On Tue, Jan 13, 2009 at 12:17 AM, Biz Marqee biz.mar...@gmail.com wrote: OK - so in the interest of attempting to rid this list of the person we all hate. I implore each of you who reply to his fishing expeditions (yes I am guilty!) to consider this as an alternate way to express your hate for him. People with hatred should be encouraged to post on full-disclosure since this list is about bad guys and threats, please continue your hate. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAklr6QoACgkQynWwk3/AtyOv9gP+Kax7UMkte39jS4WOQG7LoczoTbHI JM67rYAtF+ibMEWWr6172uFYFPVZsjD1TELp255mQr6PJeVlBu3VFQk/y0U3eaTrj2JS S78O/5D+wLuQW0pjeMNETGWy8PAkZkqFiTuUl+OlzJWMOjJZxNQ9y4PbRAegMPIbBseX 0K59dyw= =NA9J -END PGP SIGNATURE- -- Find the right teaching school to meet your educational needs. Click to learn more. http://tagline.hushmail.com/fc/PnY6qxuBBem9g1MoJuvY8uSdljNiw9fP3inIxJcFLq1SvEgH7RGnG/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
On Mon, Jan 12, 2009 at 5:57 AM, e.hit...@hush.ai wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Right, your attempts at ranting, making a very obvious comment, or whatever that is you are doing is pretty stupid.. Right... we're the one's looking stupid here. I take it you haven't looked in the mirror recently? We decided to put this in a little diagram for people like you to understand better: [ PHASE 1 ] | | -- Gain access on Israeli webservers / websites / databases ( yes, that means that if the website / database / webserver contains any israeli content on it, it is a potential target, so spair us the 'omg this is a US box' 'omg this is a .com' ) [ PHASE 2 ] | | -- Use access to collect information ( Includes databases, source code, emails, etc.. ), and use the access eventually to send a message, if we need to... if not, we will just delete all the information on the server.. [ PHASE 3 ] | | -- Use information collected to make more damage... and repeat... Thank you for explaining it to me- it's so much clearer now. Based on this new information, I take it your local religious leader told you hacking some pointless websites and looking like an idiot in front of thousands of people on full-disclosure wasn't worth even a single virgin in heaven then? So now unless you have something to add about this, don't waste your time and ours... Oh, I've got *lots* to add! This is fun! P.S: that pinky and brain comment, wow... you just destroyed us with that, it was totally demolishing to our goals... good job... - You mean you have other goals then make fools of yourselves on full-discolsure? Personally I think it went something like this: e.brain: Do you know what we're going to do tonight e.hitler? e.hitler: No, what e.brain? e.brain: Take over the world! e.hitler: Narf! How'a we going do that e.brain? e.brain: Step 1: Hack some worthless websites! Step 2: Make fools of ourselves on full-disclosure and make everyone laugh so hard they won't see us while we do Step 3! e.hitler: What's step 3 e.brain? e.brain: Take over the world! e.hitler: Wow! That's a greatest plan ever e.brain. Narf! As for your name, yes, your name sucks. Putting e in front of things is so pre-dot-com bust it's not even funny. It's like you're partying like it's still 1999. If you wanted to be hip, everyone knows you're supposed to use an i. And then let's look at the whole hitler/holocaust thing. Hitler was a bad ass. Started a world war and millions of people died due to the war waging across the entire globe and of course the concentration camps. In comparison, you've hacked a few worthless websites and then made an ass of yourself trying to get credit for it. Does the phrase delusions of grandeur mean anything to you? And you claim there are others... do you have e.stalin and e.mussolini on your team too? Why don't they post? Maybe because they're smarter then you? (Hitler was always the stupid one... he started the Russian front!) Oh and finally, you do realize Hitler lost! The fucker killed himself when the Americans and Russians surrounded Berlin. Ever consider doing the same? Seriously, I think you'd get more props and respect if you named yourselves Team G.I. Joe and you called yourself Snake Eyes... Snake Eyes was bad ass... all those ninja skills and he couldn't talk- so he never made an ass of himself unlike you. -Rants ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
On Tue, Jan 13, 2009 at 1:06 AM, sexyazngr...@mac.hush.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I got your back. 3 The bad guys want to harm me let's hope they don't start an electronic jihad against Google Groups or my email account. The intelligence services are monitoring the entire situation so everything is sweet :) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
On Mon, 12 Jan 2009 09:41:19 PST, Rants nRaves said: Thank you for explaining it to me- it's so much clearer now. Based on this new information, I take it your local religious leader told you hacking some pointless websites and looking like an idiot in front of thousands of people on full-disclosure wasn't worth even a single virgin in heaven then? Actually, they get 'friended' by 72 Myspace virgins, none of which look anything like their picture. pgpxJ2JDj0Fya.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Simple request
On Mon, Jan 12, 2009 at 9:56 PM, Dante Lanznaster dant...@gmail.com wrote: Ladies and gentlemen, I have a simple request. A lot of people here has already added the usual shitbags to /dev/null, I added them myself recently too. What I ask is simple: could you please stop feeding the trolls and NOT reply to their stupid topics? Most people complain about the noise, but they end up adding to it. You all know who you are. There's also no need to reply to this topic, I'm just asking to cease the useless replies and troll feeding to the usual batshits. Thanks, El Pollo Loco. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ You do realize that by including the last paragraph, you yourself have become a troll. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 disagree, i wish you weren't us. On Mon, 12 Jan 2009 21:23:20 -0500 Biz Marqee biz.mar...@gmail.com wrote: lol you wish cunt On Tue, Jan 12, 2009 at :05 PM, sexyazngr...@mac.hush.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Biz Marqee is one of my aliases. -BEGIN PGP SIGNATURE- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQMCAAYFAklr+/EACgkQynWwk3/AtyP5ZwP+KKUI7ECfVu7rNrLRqaj7ALBeB//H 3zLBpJo+4+LvpA30je3LepQO5pwIwb1UWCQG1ndQ0HhPycHLMPMJkbVKIZ2EX1VGgWZT 2QH856kYFUlAHvvrjVuEcsnOI5ktjZsoc8tpD9nmqQ1DD17xqKuU5MR10XK6ZF19KNim v9h8u+U= =57gC -END PGP SIGNATURE- -- Click for free info on criminal justice degrees, $150K/ year potential. http://tagline.hushmail.com/fc/PnY6qxtpLJe4LbpbcJYwJTmYCWJt1hmfqkvt9b1DLMTpuaEtCw11u/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
I bet, you're out of crack fuckhead. 2009/1/12 andrew. wallace andrew.wall...@rocketmail.com The bad guys want to harm me let's hope they don't start an electronic jihad against Google Groups or my email account. The intelligence services are monitoring the entire situation so everything is sweet :) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Help with something?
On 12 Jan 09, at 09:53, Will McAfee wrote: I got started a long time ago writing example code for new security- interested people. I got just one example done, my full time job and school started, and gave up debugging. Just out of curiosity, going to throw it out there. It's the only example up at http://labs.thegoodhacker.com/ let's see where I messed up. It segfaults, if I remember correctly. At a glance, you're doing linked list management wrong. Stop trying to code your own. This is C++; the STL exists for a reason. Same goes for char arrays (which you leak all over the place). The STL has strings too. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mr wallace must be stopped and i know how
Anyone that can cop that much abuse and prosper has to be extremely sadomasochistic. The delusion that a blogger such as Mr Wallace somehow contributes to the security community is hilarious at first and when the comical side clears you have that pathetic little failed abortion asking why he's the target of abuse. To be honest, I'd rather have my children babysat by Josef Fritzel than take security advice from this schizo. -- ciao JT ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/