Re: [Full-disclosure] help analysing asn overflow

2007-09-21 Thread David Chastain 
Are you gonna blow hot air VK or are you gonna help the man/woman???
 
On Friday, September 21, 2007, at 12:44PM, [EMAIL PROTECTED] wrote:
On Sat, 22 Sep 2007 00:49:30 +0530, Code Breaker said:

 i am trying to analyse the old asn integer overflow.Can anyone guide me
 towards right direction?which function contains the vulnerable code?is it
 asn1_decode?

It's not the old asn integer, it's one of the old asn integer...

There were about a zillion and a half different places in that code that
were exploitable, because actual error checking was, like, a foreign language
to that crew when they wrote it originally.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] IronMail-5.0.1-Advisory-SYN-flood-DoS-Attack

2006-02-01 Thread David Chastain 
Mark, how can we trust you when you can't even manage your domain???

Time has run out! ... The Domain Name d-fender.com

.has expired!


On Wednesday, February 01, 2006, at 10:12AM, Mark Sec [EMAIL PROTECTED] wrote:


Original Attached___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


IronMail-5.0.1-Advisory-SYN-flood-DoS-Attack

- Mark 


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Cisco IOS Shellcode Presentation

2005-08-02 Thread David Chastain 
Has anyone heard of Proof-of-Concept material out of DEFCON on the CISCO fiasco?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Best way to crack NT passwds

2005-08-01 Thread David Chastain 
If you have physical access - Try BartPE

On Saturday, July 30, 2005, at 06:37AM, Paul Farrow [EMAIL PROTECTED] wrote:

Yup after I posted that I read your post, have to admit, searching a 
table full of hashes would be a hell of alot quicker than cracking it 
manually :]
But then again, I rarely crack any hashes (good memory for my own 
passwords) but anything for md5 i use passcracking.net/com.
But i suppose it wouldnt be difficult to code up a quick php page to 
fill a mysql dbase with incremental hashes generated on the fly... might 
look into it
(even though its no doubt been done) fun project for a rainy day i suppose.

[EMAIL PROTECTED] wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 rainbow crack finds this pass Test0r in 5-10sec and you doesn't need 
 an huge machine to get it, if you like johnthe ripper, I heavly 
 suggest you to generate your tables and start using rbcrack, because 
 you are loosing your time on john, believe me :)

 At 12:25 30/07/05, Paul Farrow wrote:

 Chances are the system used by the website was a multi-processor 
 beast of machine, able to maximise cpu time to cracking the passwords.
 If you can get the password hash, then your best bet is to run it 
 through jtr(john the ripper).

 C:\toolkit\passwords\pwdump pwdump2
 Administrator:500:62b239ea3de3b4142e04d2d295f821b0:a929535485de3b50889
 23fd58d02cca2:::
 ASPNET:1000:f5052a93de1b6a7848d83fff52bb5c55:264d62a5f32f74bb6df2642a5
 14fd17f:::
 Guest:501:d9dce10ca0c8ba7baad3b435b51404ee:672e556cf53bf2a83c36bead638
 3212b:::
 __vmware_user__:1002:aad3b435b51404eeaad3b435b51404ee:69deddc712c272b3
 3e31fae0f4b82a73:::

 C:\toolkit\passwords\pwdump pwdump2  passwords.dump
 C:\toolkit\passwords\johnjohn -incremental passwords.dump
 Loaded 4 passwords with no different salts (NT LM DES [24/32 4K])
 TEST0R  (Administrator:2)
 guesses: 1  time: 0:00:00:20  c/s: 9045001  trying: PMSBRK - HLEYKL


 Thats on a 1.987mhz AMD processor in windows 2000, running about 30 
 other things at once.


 Hope this helps.

 X u r r o n wrote:

 hiya!
 I have tried many softwares for cracking NTLM hashes, like NC4, Cain 
 and have't tried Rainbow Crack yet.
 Once i had to recover my XPs lost admin password and i spend around 
 1 day but Cain/NC4 were not able to guess that. Then i posted that 
 hashes on some site and it did recover my passwd in around 5min. I 
 want to know which technique they used to crack so fast ?

 Xurron

 --
 -- 

 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/


 ___
 Full-Disclosure - We believe in it.
 Charter: http://lists.grok.org.uk/full-disclosure-charter.html
 Hosted and sponsored by Secunia - http://secunia.com/

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.2rc2 (MingW32)

 iQIVAwUBQutb0a+LRXunxpxfAQK+3g//dof4pz4mFmqJOed4ehsBm+rrYDYsBqDq
 1pwHhC9eHg72Ot/kij5DC7leEUNOH6BYi+UiDDOWWN3tvVnzHkHr3SmxGb6GBcyh
 T9gmQcvkwq5beShtpCutXK51UCk70DmdKSbLnUGTFbofJHRb2j92zamjjSFnoyXr
 r6mQ89mqxYy2dmxIUnbFFCWhUdr2sn0lVmwIX4cjjxQhOhKO5ouhxWy0FbHFuXt3
 +OVNJ3LZWsbqmInEwSnTPw//YBbj4MVrE2RuxsqiAcZ7LJjuUoTX5ZIeZjw0/J7i
 7YV1oLNeTqDBd9cCoshOXvHC9rLXaZ0ZX9oLfej7kxAGsQ1Yd6NXxHOJio4O0xeX
 cLfItvV3TbESacg+O/MZc4VwOnrvHej9jADf49fteSjRs3uOx3aT9hSqVayJcyb1
 zBINQbkIn3RiNOJj4/aKLm+uoJGioSGBRaw4BXvZSZ/1SixxmyDkJ0uo0a50dM7N
 oxS6sgern8BljF20yhPEnPLQJPnD0NmgszpnAMUcbkydHiY3tseNBOeiSCB4Gft8
 yHLAsHi1Om2tR25+dl+6mVnBlOHKa++lBius6wbymU3vbFSX0RXYuoz3p6npPpa2
 irx0OcYT+OldV4YezKYIBPVa+/V5V7hOaGKGA3PpwLpVGSZwT9zqhVA2EimIhGeA
 Ct6SEcxmUeY=
 =+sl3
 -END PGP SIGNATURE-




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] MS05-036

2005-07-14 Thread David Chastain 
Has anyone seen or does anyone know of an exploit in HTML code that would 
target the MCMM vulnerability?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

RE: [Full-disclosure] CISSP Test

2005-03-22 Thread David Chastain 
Rob, if I need to make myself more clear I will.

Directly from the ISC2 website:
The CISSP credential is ideal for mid- and senior-level managers who are 
working toward or have already attained positions as CISOs, CSOs or Senior 
Security Engineers.

There are three concentrations within the CISSP
ISSAP - Concentration in Architecture
ISSEP - Concentration in Engineering
ISSMP - Concentration in Management

The SSCP - The SSCP credential is ideal for those working toward or who have 
already attained positions as Senior Network Security Engineers, Senior 
Security Systems Analysts or Senior Security Administrators. (Concentrations 
coming soon!)

The CBK is a comprehensive working knowledge of security as pertains to 
physical, data, and operational needs of a business. I have had my CISSP for 
about 3 years now and must say it has opened doors for me that otherwise would 
not have if it weren't for the certification and the training that comes along 
with it. I am growing and learning new things daily and it is because of the 
opportunities that the CISSP credential has provided!!

Very Respectfully,
David Chastain
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/