Re: [Full-disclosure] Questions for the iProphet
Well. You do intrigue me. I've been under surveillance too. I think. I see the world a bit differently now. It's not as innocent. It's not pure. It's not this virtuous thing of logic and reason. There is power. There is oppression. And the benefits? (Yes, I'm quite naive) I was wondering if you could tell me how domestic surveillance and treating dissent as treason makes this establishment worth existing? And for what? What is the reason? I don't get it. And personally, if that was lessened a bit (at least to me personally), I'd be 100% satisfied. So yeah, I'd be interested in hearing more about that (Domestic government surveillance). Chicken soup would sooth my withering soul. As for that "parlor magician" Jesus. I never knew Jesus was a heroin-injecting revolutionary (Trotskyist?) and the bible was a subversive text. Interesting take. Perhaps I can load your bible notes into gnomesword sometime. On Fri, 21 Aug 2009 10:05:05 -0500 Andrew A wrote: >> How does you feel psychologically? Not as troll, but deep >inside. >Pretty good. I've been laughing, I've been smiling, I've been >drinking >and getting high. My primary partner and I tagteamed some girl >last >night. I might be living in a crappy hotel, but you can't keep a >good >troll down. I'm living the high life, because God loves me. > >> What are their tactics? >> >> (I heard the feds bought a hooker to try to honeypot you.) >They'll hand you illegal materials at times in public, or plant >them >in your car, just to psych you out. They'll threaten or harass >every >business partner you have, until you're an alienated island with >no >revenue. They'll break into your house while you're on vacation >and >steal your documents and computers with no warrants and you'll >never >have anyone to call for them. Not to use as evidence, but just to >make >trouble for your life. They'll harass your family, your friends, >your >old girlfriends. They'll try to intimidate you. Then, they'll >offer >you a way out if you narc on your friends. > >I think there are two recent lessons of what narcing and >entrapment >gets you. Look at Soupnazi or Hal Turner. They went and played >the >FBI's full game, were promised immunity, milked for everything >they >were worked, and then arrested anyways. They'll both be going to >prison. When the feds first roped in Soupnazi, they didn't even >have >enough evidence to bring him into trial. But they used fear and >intimidation to get him to play their game, and he was hooked. It >was >only a matter of time before he had cannibalized all his contacts, >and >then he moved to roping in legit people like jimj. > >The goodwill I've felt from people in the underground is >fantastic. >I've had people offer to put me up, had people offer me loans and >gifts of cash. I could survive for years based off of the goodwill >of >others. I don't need to, but I appreciate their sentiment at a >time >when I'm hard up for cash. > >The old adage of "nobody talks, everybody walks" is quite true but >I >think YTCracker put it best in "Spammer Court" when he said "Fuck >you >your honor, with all due respect, but i'm not ratting out my >buddies >just to save my own neck". I'll never narc. I'll never tell. I am >for >real. I am the truth of God. > >> Does crime pay? >Wouldn't know. I'm not a criminal. > >> If you could go back 5 years, would you have done anything >> different? >Nope. I knew living completely real and truthfully to everyone was >going to hurt me financially someday, and it did. But I wouldn't >change a thing. I'd rather be totally fucking real and miss out on >some material happiness instead of selling the fuck out and being >a >gigantic fucking liar to keep up a revenue stream for material >shit I >don't care about anyways. > >> How much money do you really have? >Enough to get by. Not a lot. I've never built personally-owned >assets, >and have always relied upon revenue. Little plots of earth and >moving >toys are childish things that the beast can take away. The sweat >of >your brow, the work of your mind and spirit? That can never be >diminished. Blood and tears awaits a man who sits on a pile of >wealth >in the afterlife. > >> How much longer do you think it will be until you're brought to >> prison? >No idea. I haven't committed nor been charged with a crime (save a >frivolous speeding ticket in some shithole state), nor have I >committed one. So I don't know. I live my life in the light of >God, >and I have faith God will protect me during this time of trials. > > >> How long do you think you'll stay? >No idea. As I said, I haven't ever committed a crime. I am a truly >sinless man. > >> Do you think God will keep you company? >God is with me right now. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Packet Storm is back online.
We had a provider outage but the site is now back online. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] FreeBSD stuff
I am not going to share IIS 0day anymore. http://isowarez.de/bsd-setusercontext.txt Bye. " BIG TIME " ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Intercepting Southern California Gas Company user credentials... (socalgas.com)
...should be pretty easy ;-) Company has been notified many times privately of this issue, but they appear incompetent. Time for public shaming. """ $ sslscan myaccount.socalgas.com | grep NULL Accepted SSLv3 0 bitsNULL-SHA Accepted SSLv3 0 bitsNULL-MD5 Accepted TLSv1 0 bitsNULL-SHA Accepted TLSv1 0 bitsNULL-MD5 """ NULL cipher SSL/TLS presents the illusion of security and customers should be aware that their credentials are easily intercepted. Wanna shut off someone's gas in Los Angeles? :-) -- Kristian Erik Hermansen ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Questions for the iProphet
weev, you need anything and I have your back. On Fri, Aug 21, 2009 at 2:03 PM, T Biehn wrote: > "Do what thou wilt shall be the whole of the law" > > On Fri, Aug 21, 2009 at 11:16 AM, Paul Schmehl > wrote: > > > > --On Friday, August 21, 2009 04:03:40 -0500 netdev.doc...@hushmail.comwrote: > > > > > > > > Hey weev. > > > > > > Now that the FBI and everything are all out to get you, I was > > > wondering what life on the lamb was like. > > > > Wouldn't life on the lamb be sheepophilia? Wouldn't it be better to have > life > > on the sheep, if you're so inclined? > > > > Or did you mean life on the lam? > > > > -- > > Paul Schmehl, Senior Infosec Analyst > > As if it wasn't already obvious, my opinions > > are my own and not those of my employer. > > *** > > "It is as useless to argue with those who have > > renounced the use of reason as to administer > > medication to the dead." Thomas Jefferson > > > > ___ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > -- > FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C > http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on > http://pastebin.com/f6fd606da > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Questions for the iProphet
"Do what thou wilt shall be the whole of the law" On Fri, Aug 21, 2009 at 11:16 AM, Paul Schmehl wrote: > > --On Friday, August 21, 2009 04:03:40 -0500 netdev.doc...@hushmail.com wrote: > > > > > Hey weev. > > > > Now that the FBI and everything are all out to get you, I was > > wondering what life on the lamb was like. > > Wouldn't life on the lamb be sheepophilia? Wouldn't it be better to have life > on the sheep, if you're so inclined? > > Or did you mean life on the lam? > > -- > Paul Schmehl, Senior Infosec Analyst > As if it wasn't already obvious, my opinions > are my own and not those of my employer. > *** > "It is as useless to argue with those who have > renounced the use of reason as to administer > medication to the dead." Thomas Jefferson > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C http://pgp.mit.edu:11371/pks/lookup?search=tbiehn&op=index&fingerprint=on http://pastebin.com/f6fd606da ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Questions for the iProphet
--On Friday, August 21, 2009 04:03:40 -0500 netdev.doc...@hushmail.com wrote: > > Hey weev. > > Now that the FBI and everything are all out to get you, I was > wondering what life on the lamb was like. Wouldn't life on the lamb be sheepophilia? Wouldn't it be better to have life on the sheep, if you're so inclined? Or did you mean life on the lam? -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. *** "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Questions for the iProphet
> How does you feel psychologically? Not as troll, but deep inside. Pretty good. I've been laughing, I've been smiling, I've been drinking and getting high. My primary partner and I tagteamed some girl last night. I might be living in a crappy hotel, but you can't keep a good troll down. I'm living the high life, because God loves me. > What are their tactics? > > (I heard the feds bought a hooker to try to honeypot you.) They'll hand you illegal materials at times in public, or plant them in your car, just to psych you out. They'll threaten or harass every business partner you have, until you're an alienated island with no revenue. They'll break into your house while you're on vacation and steal your documents and computers with no warrants and you'll never have anyone to call for them. Not to use as evidence, but just to make trouble for your life. They'll harass your family, your friends, your old girlfriends. They'll try to intimidate you. Then, they'll offer you a way out if you narc on your friends. I think there are two recent lessons of what narcing and entrapment gets you. Look at Soupnazi or Hal Turner. They went and played the FBI's full game, were promised immunity, milked for everything they were worked, and then arrested anyways. They'll both be going to prison. When the feds first roped in Soupnazi, they didn't even have enough evidence to bring him into trial. But they used fear and intimidation to get him to play their game, and he was hooked. It was only a matter of time before he had cannibalized all his contacts, and then he moved to roping in legit people like jimj. The goodwill I've felt from people in the underground is fantastic. I've had people offer to put me up, had people offer me loans and gifts of cash. I could survive for years based off of the goodwill of others. I don't need to, but I appreciate their sentiment at a time when I'm hard up for cash. The old adage of "nobody talks, everybody walks" is quite true but I think YTCracker put it best in "Spammer Court" when he said "Fuck you your honor, with all due respect, but i'm not ratting out my buddies just to save my own neck". I'll never narc. I'll never tell. I am for real. I am the truth of God. > Does crime pay? Wouldn't know. I'm not a criminal. > If you could go back 5 years, would you have done anything > different? Nope. I knew living completely real and truthfully to everyone was going to hurt me financially someday, and it did. But I wouldn't change a thing. I'd rather be totally fucking real and miss out on some material happiness instead of selling the fuck out and being a gigantic fucking liar to keep up a revenue stream for material shit I don't care about anyways. > How much money do you really have? Enough to get by. Not a lot. I've never built personally-owned assets, and have always relied upon revenue. Little plots of earth and moving toys are childish things that the beast can take away. The sweat of your brow, the work of your mind and spirit? That can never be diminished. Blood and tears awaits a man who sits on a pile of wealth in the afterlife. > How much longer do you think it will be until you're brought to > prison? No idea. I haven't committed nor been charged with a crime (save a frivolous speeding ticket in some shithole state), nor have I committed one. So I don't know. I live my life in the light of God, and I have faith God will protect me during this time of trials. > How long do you think you'll stay? No idea. As I said, I haven't ever committed a crime. I am a truly sinless man. > Do you think God will keep you company? God is with me right now. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] OWASP Announces International Application Security Conference for 2009
For Immediate Release Washington DC August 20th, 2009 -- Following in the footsteps of the Open Web Application Security Project's (OWASP, http://www.owasp.org ) immensely successful and popular conferences earlier this year in Australia, Poland, Ireland, and Brazil, Washington DC will be hosting the 2009 OWASP Application Security Conference (AppSec DC, http://www.appsecdc.org ), North America's premiere web application security conference, at the Walter E. Washington Convention Center on November 10-13th, 2009. AppSec DC 2009 will provide a venue for hundreds of IT professionals interested in securing web technologies to learn, interact, network, and attend presentations and training given by some of the world's top practitioners of web application security, suitable for everyone from federal decision makers and management to application security engineers and developers. Executives from Fortune 500 firms along with technical thought leaders such as security architects and lead developers will be traveling to hear the cutting-edge ideas presented by Information Security’s top talent. OWASP events attract a worldwide audience interested in “what’s next” in the world of application security. The conference is expected to draw 600-700 technologists from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals. "AppSec DC is a unique opportunity for federal decision makers and key technologists to become familiar with OWASP and the resources it has to offer," said Doug Wilson, co-chair of the Washington DC OWASP Chapter and organizer of AppSecDC. "The federal government has already embraced the OWASP Top Ten and other OWASP guidelines. OWASP's mission and community align closely with the goals set forth by the US Chief Information Officer: transparency, engagement of staff, reduction of cost, and innovation in technology. OWASP can enable the government to attain these goals in the pursuit of securing critical technologies that depend on the web." Highlights for AppSec DC 2009 include a keynote from Joe Jarzombek, Director for Software Assurance in the Department of Homeland Security's (DHS) National Cyber Security Division (NCSD), a panel discussion of US Federal Government Chief Information Security Officers on their experiences with application security, a panel of industry experts on implementing security in development cycles, and a wide variety of talks by leading personalities in the field of web application security, including Robert "RSnake" Hansen, Robert Auger, Chris Wysopal, and others. "For AppSec DC 2009, We're really trying to reach out to developers, testers and quality assurance staff because they are pivotal to solving the root causes of application security problems," said Mark Bristow, an organizer of AppSec DC and a founding member of the OWASP Global Conferences Committee. "To this end, we have a dedicated secure development track designed specifically for these folks to give them the skills they need to build secure software effectively." AppSec DC 2009 will feature interactive, hands-on training courses led by some of the leaders in application security (Security Compass, Aspect Security, WhiteHat Security, Inguardians and others) on the 10th and 11th of November followed by four distinct speaking tracks on the 12th and 13th. Opportunities to interact with AppSec sponsors and vendors will also be available, as well as an OWASP-sponsored Capture the Flag competition and other events. Who Should Attend AppSec DC 2009: - Application Developers - Application Testers and Quality Assurance - Application Project Management and Staff - Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff - Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance - Security Managers and Staff - Executives, Managers, and Staff Responsible for IT Security Governance - IT Professionals Interesting in Improving IT Security If you would like more information about AppSec DC 2009, please visit the conference website at http://www.appsecdc.org/ About OWASP: The Open Web Application Security Project (OWASP) is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work from Individuals, Organization Supporters & Accredited University Supporters. For more information, please visit http://www.owasp.org/ About the OWASP DC Chapter: The OWASP DC Chapter is Washington DC's local OWASP presence with bi-monthly meetings
Re: [Full-disclosure] Free wlan sniffer for vista
Hi Tk, I would recommend grabbing WinTcpdum and the WinPcap libraries. This has worked for me in the past. http://www.winpcap.org/default.htm On Fri, 21 Aug 2009 06:07:40 -0700, "TK" wrote: > I am looking for a free wireless sniffer on Vista. I have tried wireshark > but it seems I cannot get this into promiscuous mode. I need to sniff all > HTTP traffic of the wireless router > > Thanks in advance > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] ByPass a BlueCoat Proxy 8100 Serie authentification
On Fri, Aug 14, 2009 at 4:17 PM, anto...@santo.fr wrote: > Gone beach for the Week End, more info on monday. > > Antoine. Lies. -Guy ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Free wlan sniffer for vista
I am looking for a free wireless sniffer on Vista. I have tried wireshark but it seems I cannot get this into promiscuous mode. I need to sniff all HTTP traffic of the wireless router Thanks in advance ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] NTFS Alternate Data Stream
http://www.thinkdigit.com/General/Hidden-Threat-NTFS-Alternate-Data-Streams-ADS_3328.html -- LM - If you're not part of the solutions, you're part of the problem. http://sekuritymatters.wordpress.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Questions for the iProphet
He's too busy living the good life in a cardboard box in hobotown to answer :) Vi hjælper dig til at træffe bedre beslutninger. Vi tilbyder analyse- og informationsservices, der øger salget, målretter markedsføringen og reducerer risikoen for tab. www.experian.dk -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of netdev.doc...@hushmail.com Sent: 21. august 2009 11:04 To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Questions for the iProphet Hey weev. Now that the FBI and everything are all out to get you, I was wondering what life on the lamb was like. How does you feel psychologically? Not as troll, but deep inside. What are their tactics? (I heard the feds bought a hooker to try to honeypot you.) Does crime pay? If you could go back 5 years, would you have done anything different? How much money do you really have? How much longer do you think it will be until you're brought to prison? How long do you think you'll stay? Do you think God will keep you company? Simple enough ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Questions for the iProphet
Hey weev. Now that the FBI and everything are all out to get you, I was wondering what life on the lamb was like. How does you feel psychologically? Not as troll, but deep inside. What are their tactics? (I heard the feds bought a hooker to try to honeypot you.) Does crime pay? If you could go back 5 years, would you have done anything different? How much money do you really have? How much longer do you think it will be until you're brought to prison? How long do you think you'll stay? Do you think God will keep you company? Simple enough ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
