[Full-disclosure] Why do the URLs of the post keep changing in lists.grok.org.uk?
I usually keep the links of some interesting vulnerabilities posted in this mailing list. But when I try to access them after 6 months or so, I find that some of the links are invalid and some of them are pointing to different posts? Why does this happen? It seems, the URLs are shuffled every few months. Why is it done? And if it is so, how do other websites link to certain vulnerability posts in full-disclosure? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
Also notice that if there is really a problem in FF javascript engine it goes beyond the browser. You could run Tamarin, Spidermonkey or Rhino on the server side and perform some processing there with javascript. For heaven's sake please try to understand that it is not a problem at all. As a side comment I wanted to tell you that what is out there on the internet is not a standart. Is what IE dictates. IE rules the internet whether you like or not. Go and read the ECMA standard. A standard is standard and it has nothing to do with IE. I don't think that's a fair comparison. If you make the right algorithm and you do not get the expected results *is* not your fault but what are you sitting at (compiler, framework, library ...). I fail to understand which part of my argument you failed to understand. strcpy() provides the expected result for the right algorithm so we do not say there is a bug in gcc. if someone uses strcpy() to read user's input directly into a buffer, we say there is a bug in the program. Similarly, Firefox javascript floating point math gives expected results. So there is no bug in Firefox. Now if you write a program assuming the results of the floating math are absolutely accurate, your program might have a bug. - My protest against stupid Indian security researcher:- Aditya K Sood is an asshole: http://secnichebogus.blogspot.com/ - ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
Exactly! And the so called security experts who are giving long lectures in the list about how any bug can result in a potential security flaw, they are forgetting that if a security flaw arises it arises because of the programmer and not Firefox. If I use strcpy() to read user input into a buffer, I am at fault and not C compiler. On 9/30/07, Andrew Farmer [EMAIL PROTECTED] wrote: On 28 Sep 07, at 19:25, wac wrote: On 9/28/07, Jimby Sharp [EMAIL PROTECTED] wrote: How is this serious and is it related to security in any manner? If not, please do not spam. :-( Many bugs are security related (I would say all). How it is security related? Think. What happens if your bank calculates something wrong and puts the lower in your account and the higher in another account? Yes It might be little but what about a little many times? That could be done with javascript too. Then... you are not safe anymore. If your bank is doing financial calculations using Javascript in a standard web browser, you have bigger things to worry about than roundoff errors. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Trolls food
i suggest you stop adding to the noise by writing the same useless shit as countless others before you On 9/30/07, poo [EMAIL PROTECTED] wrote: i suggest you stop adding to the noise by writing the same useless shit as countless others before you On 9/28/07, Maxime Ducharme [EMAIL PROTECTED] wrote: Hi to the list Got a suggestion I suggest not to respond to trolls on the list (or the noise on this list) Responding them is in fact feeding them Trolls like spam, the most we reply to shut down their mouth, the more they will open it If I receive a viagra/cialis offer, i do not reply this is the same for what we can consider as noise, do not reply Take a coffee (or water/tea/beer/scotch/...), relax, laugh a little then press DEL button ;-) many still post very useful information, and I thank these people for sharing the information I repeat this is a suggestion Have a nice day everyone Maxime ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- smile tomorrow will be worse ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Trolls food
Stop writing useless mails for heaven's sake! On 10/1/07, Guasconi Vincent [EMAIL PROTECTED] wrote: Stop writing useless mails ! On 9/30/07, Jimby Sharp [EMAIL PROTECTED] wrote: i suggest you stop adding to the noise by writing the same useless shit as countless others before you On 9/30/07, poo [EMAIL PROTECTED] wrote: i suggest you stop adding to the noise by writing the same useless shit as countless others before you On 9/28/07, Maxime Ducharme [EMAIL PROTECTED] wrote: Hi to the list Got a suggestion I suggest not to respond to trolls on the list (or the noise on this list) Responding them is in fact feeding them Trolls like spam, the most we reply to shut down their mouth, the more they will open it If I receive a viagra/cialis offer, i do not reply this is the same for what we can consider as noise, do not reply Take a coffee (or water/tea/beer/scotch/...), relax, laugh a little then press DEL button ;-) many still post very useful information, and I thank these people for sharing the information I repeat this is a suggestion Have a nice day everyone Maxime ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- smile tomorrow will be worse ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- Guasconi Vincent Etudiant. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New term RDV is born
You know nothing. It is http://uncyclopedia.org/wiki/RUAASETXCSDFGASRTVBFDGRDSGFVDB-day Now be a good boy and stop spamming. :-| On 10/1/07, Guasconi Vincent [EMAIL PROTECTED] wrote: On 9/28/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Fri, 28 Sep 2007 17:29:51 BST, worried security said: Two months is still recently. Think about In recent history we invaded Iraq, In recent times terrorism has become more prominent. The real problem here is that 0-day originally meant previously undisclosed vulnerability/exploit. The term lost its usefulness when all the hacker wannabe's started posting I found a 0-day, when what they really had was a *yawn*-we've-been-waiting-18-months-for-vendor-to-fix-day. Yes, it's a YWVBW18MFVTF-day. I know that. http://uncyclopedia.org/wiki/YWVBW18MFVTF-day -- Guasconi Vincent Etudiant. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
Go and read floating point math. On 9/29/07, wac [EMAIL PROTECTED] wrote: Many bugs are security related (I would say all). How it is security related? Think. What happens if your bank calculates something wrong and puts the lower in your account and the higher in another account? Yes It might be little but what about a little many times? That could be done with javascript too. Then... you are not safe anymore. Specially today with the invasion of AJAX. One of the browsers is broken for sure (several?). They should do the same even in such small things. Should at least be very carefully documented. However just documenting it is only going to bring trouble since many programmers won't be aware of that. They would not even be making mistakes in the code but triggering somebodie's else errors. This kind of stuff happens many times. For instance a couple of days ago I hitted a problem in wich both Opera and Firefox behaved differently to IE (some parameters in the form where not sent to the server). Was with a tableform/form/table instead of formtable/tableform (or the other way around can't remember right was the workaround). Yes, every bug is security related. A database that is out of synch. An improperly rounded number. Remember why Arianne blowed up on the air because of this? Remember the mars landrover locked because of a priority inversion bug? Would you call it a security bug? I really doubt many of you would. However millions were lost. Wasn't security related? Think. What about if someday the computers that handle the nuclear plant nearby make a wrong rouding and one of the parameters go out of rank? Computers handle that, handle your car, all of your communications, your heart beat and even your foot steps (heard about those smart Adidas with a chip?). What if an airplane computer miss one of the parameters? It *is* a security bug even if it is not a stack/heap overflow, an integer overflow and all of the rest you all know about. I consider if not all of the bugs, at least the vast majority as security bugs. For your very own good start thinking that way too. Because someday you could even die just because somebody's else made a mistake in one of those control systems. Worst yet... because someone thought that it wasn't a security bug and was not important to fix it. Regards Waldo Alvarez PD: Now you have another way to verify (fingerprint) wich browser is used to browse a website even with spoofed User-Agent headers if javascript is turned on. And go and learn some floating point maths. On 9/28/07, carl hardwick [EMAIL PROTECTED] wrote: There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong subtractions. PoC concept here: javascript:5.2-0.1 (copy this code into address bar) Firefox 2.0.0.7 result: 5.1005 (WRONG!) Internet Explorer 7 result: 5.1 (OK) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] defining 0day
It's very easy to hide under an anonymous email-ID and pour out bullshit to insult others but it takes guts to do the same with your real name. Since, you do not have the guts to sign your message with your real name, we are free to ignore whatever you post. I appeal the FD admins to ban the trolls. A little moderation is required for any meaningful discussion to take place. Now, if you reply to this e-mail with an anonymous ID again, it will only prove what a coward bastard you are. If you have the guts, insult others with your real name. On 9/29/07, Awful Disclosure [EMAIL PROTECTED] wrote: I know that this term means. 0 day - is the day when this jewish slut Gadi got his first homosexual experience and his gayed ass became looks like (0), not (.). So this this 0-day. btw, word Gadi is close to Gadit, that in Russian means to defecate. There is a difference between Sun Tsu-like stealth and civil war-like throw bodies at it. I quite agree 0days would be important tools, but not necessarily the only tool. Then, it would only be a fascilitating technology. A known vulnerability is also useful in many cases. About botnets, they are at the very heart of the matter--not necessarily for being used in this fashion, but rather because the Internet is perfect for plausible deniability, and then, of course, there is the matter of a /fifth column /, inside your network. Gadi. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New term RDV is born
Stop your stupid bullshit. If you have no work to do, create your own mailing list and post your bullshit there. We have better things to do than think about stupid names. If the media thinks that hackers are always evil, it is because of stupid people like you, who have nothing good to contribute or discuss but create confusion and propaganda over nothing. I am a system administrator and I find this list full of noise due to people like you. Could someone please ban this insane person called worriedsecurity? On 9/28/07, worried security [EMAIL PROTECTED] wrote: On 9/27/07, T Biehn [EMAIL PROTECTED] wrote: Genius! Billy: Wow, thats a cool 0-day. Joe: You mean an RDV. Billy: What? Joe: Only the bad guys call it 0-day now, haven't you heard? Billy: Nope. Joe: Yeah Gadi Evron and friends didn't like the term 0-day anymore, because it sounds too evil elite hacker and not whitehat enough, so n3td3v came up with RDV. Billy: So who is n3td3v? Joe: A guy in the underground who keeps getting blamed for being some dude called Gobbles. Billy: Oh right, i'm a whitehat, so I better start replacing 0-day with RDV now. I want to be politically correct and don't want to be mistaken as a blackhat, because only blackhats call it 0-day now. Joe: Yes, not everyone likes n3td3v, but its kind of catchy, so people kept with RDV. Billy: Yeah, thats sweet. Joe: Exactly. Us whitehats have got to stick together and distance ourselves from catchphrases thought up by the evil blackhat community. Billy: Whitehats rule! Down with the blackhats. Joe: Whitehat supremacy, way to go! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New term RDV is born
I asked you to stop your bullshit you mad man. It is crazy to see so many anonymous IDs talking to each other and spamming the whole list. On 9/28/07, worried security [EMAIL PROTECTED] wrote: On 9/28/07, Troy [EMAIL PROTECTED] wrote: Wouldn't UDV be more appropriate, for unpatched disclosed vulnerability? The R in RDV means recent. I wouldn't consider a two-month old, but still unpatched, vulnerability to be recent, so I wouldn't really be able to call it an RDV. I would, however, be able to call it a UDV. Another option would be EDV, for exploitable disclosed vulnerability, or even just UV or EV. Why do we need to bring up the point that it's disclosed? How could we be discussing an undisclosed vulnerability? Two months is still recently. Think about In recent history we invaded Iraq, In recent times terrorism has become more prominent. Five, Ten years can still be classed as recently. Two months, no problem. Dude, I sat for hours thinking up RDV, give me some credit ;) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New term RDV is born
YAWN!!! On 9/28/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: The real problem here is that 0-day originally meant previously undisclosed vulnerability/exploit. The term lost its usefulness when all the hacker wannabe's started posting I found a 0-day, when what they really had was a *yawn*-we've-been-waiting-18-months-for-vendor-to-fix-day. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] New term RDV is born
I am a system administrator and I find this list full of noise due to people like you. On 9/28/07, Knud Erik Højgaard [EMAIL PROTECTED] wrote: I am a system administrator and I find this list full of noise due to people like you. -- On 9/28/07, Jimby Sharp [EMAIL PROTECTED] wrote: Stop your stupid bullshit. If you have no work to do, create your own mailing list and post your bullshit there. We have better things to do than think about stupid names. If the media thinks that hackers are always evil, it is because of stupid people like you, who have nothing good to contribute or discuss but create confusion and propaganda over nothing. I am a system administrator and I find this list full of noise due to people like you. Could someone please ban this insane person called worriedsecurity? On 9/28/07, worried security [EMAIL PROTECTED] wrote: On 9/27/07, T Biehn [EMAIL PROTECTED] wrote: Genius! Billy: Wow, thats a cool 0-day. Joe: You mean an RDV. Billy: What? Joe: Only the bad guys call it 0-day now, haven't you heard? Billy: Nope. Joe: Yeah Gadi Evron and friends didn't like the term 0-day anymore, because it sounds too evil elite hacker and not whitehat enough, so n3td3v came up with RDV. Billy: So who is n3td3v? Joe: A guy in the underground who keeps getting blamed for being some dude called Gobbles. Billy: Oh right, i'm a whitehat, so I better start replacing 0-day with RDV now. I want to be politically correct and don't want to be mistaken as a blackhat, because only blackhats call it 0-day now. Joe: Yes, not everyone likes n3td3v, but its kind of catchy, so people kept with RDV. Billy: Yeah, thats sweet. Joe: Exactly. Us whitehats have got to stick together and distance ourselves from catchphrases thought up by the evil blackhat community. Billy: Whitehats rule! Down with the blackhats. Joe: Whitehat supremacy, way to go! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
How is this serious and is it related to security in any manner? If not, please do not spam. :-( And go and learn some floating point maths. On 9/28/07, carl hardwick [EMAIL PROTECTED] wrote: There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong subtractions. PoC concept here: javascript:5.2-0.1 (copy this code into address bar) Firefox 2.0.0.7 result: 5.1005 (WRONG!) Internet Explorer 7 result: 5.1 (OK) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
How is this serious and is it related to security in any manner? If not, please do not spam. :-( And go and learn some floating point maths. On 9/28/07, carl hardwick [EMAIL PROTECTED] wrote: There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong subtractions. PoC concept here: javascript:5.2-0.1 (copy this code into address bar) Firefox 2.0.0.7 result: 5.1005 (WRONG!) Internet Explorer 7 result: 5.1 (OK) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Trolls food
How is this post of yours related to security in any way? I want you to shut up. I am a system administrator and I find this list full of noise due to people like you. XSS is a thing about input validation as well as output validation. On 9/29/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 How is your post related to security in any way? Please stop spamming this list with non-security related material. I am a system administrator and I find this list full of noise due to people like you. Thanks. On Fri, 28 Sep 2007 14:10:21 -0400 Maxime Ducharme [EMAIL PROTECTED] wrote: Hi to the list Got a suggestion I suggest not to respond to trolls on the list (or the noise on this list) Responding them is in fact feeding them Trolls like spam, the most we reply to shut down their mouth, the more they will open it If I receive a viagra/cialis offer, i do not reply this is the same for what we can consider as noise, do not reply Take a coffee (or water/tea/beer/scotch/...), relax, laugh a little then press DEL button ;-) many still post very useful information, and I thank these people for sharing the information I repeat this is a suggestion Have a nice day everyone Maxime ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Note: This signature can be verified at https://www.hushtools.com/verify Charset: UTF8 Version: Hush 2.5 wpwEAQECAAYFAkb9SosACgkQ+dWaEhErNvS8YwP/fatpiADV630HMnSc5shupccYUkkh FcoGsxtUJvWn8KBIeQwhIVLtvyTGH29bRPnYWcVo3u8lca3D5ElXnFt1VPcr4gnDkm02 roAVK0izDCkfdkp4YQ6Qwryteah8i0er6sFLWt4gQRR5dr4EdkCXT2DPO2IJOmvSrdj6 2UDloC4= =rpYR -END PGP SIGNATURE- -- Keep leaves branches out of your gutters. Click now to save on gutter covers. http://tagline.hushmail.com/fc/Ioyw6h4eMZgpuIjOwXTbpwkB5FKnghdxJaTl11IwkLHTejoYTXBWSc/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
Michal I don't get the same from C-style double arithmetics. Could you provide a sample code that you believe should show the same behavior? On 9/28/07, Michal Zalewski [EMAIL PROTECTED] wrote: On Fri, 28 Sep 2007, carl hardwick wrote: javascript:5.2-0.1 Firefox 2.0.0.7 result: 5.1005 (WRONG!) This is a proper behavior of IEEE 754 64-bit double float, which, IIRC, is precisely what ECMA standard mandates. You will get the same from any C-style 'double' arithmetics. Internet Explorer 7 result: 5.1 (OK) They use a marginally higher precision. Now try 5.002-.001 - chances are, you will get 5.00999... Neither is a very serious calculation bug. Javascript does not guarantee - and nowhere actually delivers - arbitrary GMP-style precision. /mz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug
Thanks. On 9/29/07, Michal Zalewski [EMAIL PROTECTED] wrote: On Sat, 29 Sep 2007, Jimby Sharp wrote: I don't get the same from C-style double arithmetics. Could you provide a sample code that you believe should show the same behavior? If you don't, it's presumably because the subtraction is optimized out by the compiler, or because you printf() with an insufficient precision in format spec. The following should do the trick: volatile double a = 5.2; volatile double b = 0.1; main() { printf(%.16lf\n,a-b); } /mz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research...
I had a wonderful breakfast, two eggs and sandwitch. :-) I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? A last question, is the book Atlas Shrugged by Ayn Rand worth reading? - Jimby P.S. Well, everyone is jumping into FD to discuss their favorite topic, so i thought I might try as well. On 9/22/07, Dave Korn [EMAIL PROTECTED] wrote: On 21 September 2007 18:37, Kristian Erik Hermansen wrote: Some interesting discussion came up on some security lists this week and it got me to thinking. Yes, hacking software is lame. Cool, so you found some vulnerabilities in some widely distributed application, service, or OS and it is patched just as quickly. Why don't we spend our time and valuable energy researching cures for rare or popular diseases instead? I already have a computer, and the skills needed to use it. I don't have a lab full of testtubes nor the skills needed to use them nor the years of training required before I would consider myself competent to perform experiments on human beings. I haven't met your brother or friend, so their tragedy doesn't motivate me to make the enormous effort to suddenly change my life around in a completely different direction. I don't want to sound callous and inhumane. But I am, so that's how it comes across.[*] cheers, DaveK [*] - deliberate misquote, fact-checkers. -- Can't think of a witty .sigline today ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research...
You didn't answer my question. I don't want to meet you. Let me go and water the plants. I'll come back in 2 hours and see what you guys are doing. - Jimby On 9/23/07, Kristian Erik Hermansen [EMAIL PROTECTED] wrote: On 9/22/07, Jimby Sharp [EMAIL PROTECTED] wrote: I had a wonderful breakfast, two eggs and sandwitch. :-) I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? A last question, is the book Atlas Shrugged by Ayn Rand worth reading? - Jimby P.S. Well, everyone is jumping into FD to discuss their favorite topic, so i thought I might try as well. full-disclosure of your life is permitted according to the FD mailing list guidelines. Now please list your SSN, credit card numbers, last three previous addresses, and the hotel where you will be staying in New York so I can come visit you :-) -- Kristian Erik Hermansen ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research...
From: Kristian Erik Hermansen [EMAIL PROTECTED] Subject: Re: [Full-disclosure] [Dailydave] Hacking software is lame -- try medical research... You are an idiot. :-O What have you done for the security community lately... yeah now take a seat. Everyone is discussing their favorite topic. So let me discuss mine too. My post had some security content and Ah ok! I'll rephrase my statements. I had a wonderful breakfast, two eggs and sandwich. :-) XSS is not just about input validation but about output validation too. I am flying to New York today. Can anyone tell me any good mall or store where I can buy a good sleeping bag? Watering the plants was fun and so was the GMail point and click demo. But wasn't that lame in such a big security con? I mean WTF is so great about sniffing and hijacking? Now my post has some security content too. yours was entirely useless... Useless is very subjective + relative + bla bla. Like my post was meaningful to me but useless to you. Your post was meaningful to you but useless to me. - Jimby ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] A Request To Everyone
Dear Lamer Buster, Thanks for busting some lamers but now the situation in FD is going out of hands. I seriously do not think that it is worth increasing the noise in the list just to prove that Aditya K Sood is an idiot. We already know he is. I am sure none of us take Aditya seriously because of his extremely poor career record in the field of security. No offence meant to you, but I genuinely request you to ignore Aditya because we all know that Aditya is an idiot. Dear Aditya K Sood, I request you to kindly not post fake vulnerabilities and documents which you merely copy paste from somewhere else without knowing what they mean. If someday, you come with something real, that you can call your own and which you have verified from someone else who knows a thing or two about security, then you are most welcome to post your article in our list. But posting lame documents, like you do always, which mostly have technical errors, wrong facts, misleading arguments, etc. are extremely detrimental to our list. Also, you do not realise that by doing this again and again you are spoiling your image in the field of security community. Have you ever searched yourself in Google? See the results. aditya k sood - Lame ass of the month - http://seclists.org/fulldisclosure/2007/Sep/0028.html lame ass of the month - Full Disclosure: Lame ass of the month - Aditya K Sood (from India) - http://seclists.org/fulldisclosure/2007/Sep/0028.html I sincerely request you to verify your claims before posting so that we do not have to deal with more flame wars where everyone is trying to attack you for your foolishness and stupid documents. Thanks everybody, Jimby On 9/21/07, Nikolay Kichukov [EMAIL PROTECTED] wrote: I'd request that all of you stop fighting and leave the list to deal with what it's meant to. Cheers, -Nikolay [EMAIL PROTECTED] wrote: I'm in favor of booting them all off the list. Let 'em keep their flame wars on EFNet. Geoff Sent from my BlackBerry wireless handheld. -Original Message- From: Aditya K Sood [EMAIL PROTECTED] Date: Thu, 20 Sep 2007 12:57:57 To:full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] A Request To Everyone Hi After looking at the mail wars , I want to say only two lines. I dont know who Meta Info is , Lamer Buster is , LSNN is and all. I dont know how they are generating mails and putting my name everywhere. Thats it. Thanks to all. Regards Aks ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Another 0day to sell.
Alex, SHUT THE FUCK UP! Joey is sending you private mails. Why the hell are replying to the list? On 9/13/07, Alex Robar [EMAIL PROTECTED] wrote: Go back and read it again... I said I did see the value when you disclose the product. The problem I have is that you didn't do that. AR On 9/13/07, Joey Mengele [EMAIL PROTECTED] wrote: If you can't see that knowledge of an impending sale in a 0day vulnerability in a specific and publicly disclosed product can help you to mitigate risk against said product in a customers environment, then I am afraid I must speculate you are not as educated as a CISSP, and are therefore not even qualified to develop a password policy, let alone be doing security stuff! Any good CISSP will tell you there is more to security than patching! Even some of the bad ones know LOLOL! Unfortunately, most hacker/cracker webgangs are in on it too! J CISSP -- Alex Robar [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulner
I wonder why we can't find Aditya K Sood in any of the security list even though he has made so many public disclosures. See:- http://www.google.com/search?hl=enq=site%3Asecunia.com+aditya+sood http://www.google.com/search?hl=enq=site%3Aosvdb.org+aditya+sood Is it because these lists dislike Aditya or is it because they find the vulnerabilities to be false while verification? AFAIK OSVDB has a system of tagging vulnerabilities as Myth/Fake. I wonder why the disclosures published by Aditya are missing in OSVDB. OSVDB should add these vulnerabilities and properly classify them or tag them as fake. Anyone from OSVDB here who can respond? - JS Date: Thu, 16 Aug 2007 22:59:14 -0700 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Debasis Mohanty wrote: No offence intended but if you take a little more effort of validating your work before posting publicly then you can save yourself from embarrassment. I don't see anything in the script that can bypass zone security and run successfully from internet zone. I am sure you have tested it locally and drawn conclusion that the script can execute from internet zone. To test the script from internet zone, you need to upload it to a webserver and try accessing via browser. Any VB/Java script will run from local security with a charm but if you can make it run from internet zone (without a prompt) then you found a holy grail. However I don't see anything in the script which can defeat zone security and access registry, hence no vulnerability. The best way to validate your work before posting publicly is, run it through the vendor or third party security sites like secunia or idefence. This would certainly save you from public embarrassment. -d -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aditya K Sood Sent: 17 August 2007 09:07 To: full-disclosure@lists.grok.org.uk; [EMAIL PROTECTED]; [EMAIL PROTECTED]; Steven M. Christey Subject: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Advisory : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Dated : 15 August 2007 Severity : Critical Explanation : The vulnerability persists in the popup blocker functioning to allow specific websites to execute popup in the running instance of Internet Explorer. An attacker can easily exploits it by enabling a browser to run a malicious script in the context of Internet Explorer. The script manipulates the registry entries for specific websites through Javascript. It adds fake or malicious websites as an allowed websites in the pop up blocker. The cause user visiting a untrusted website or any othe malicious cause. Detail Advisory : http://www.secniche.org/advisory/Internet_Pop_Phish_Dos_Adv.pdf http://www.secniche.org/adv.html Proof of Concept : Level 1 Infection Test http://www.secniche.org/misc/ie_pop_by_level1_test.zip Test run fine locally as well with Web server [IIS] automated server object calling. Infection through Active X Object. Regards AKS aka 0kn0ck http://www.secniche.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ Hi /Any VB/Java script will run from local security with a charm but if you can make it run from internet zone (without a prompt) then you found a holy grail. However I don't see anything in the script which can defeat zone security and access registry, hence no vulnerability./ No problem. I think every script that runs from the Internet zone prompts.Mr. Debasish. Most of the time locally it prompts too. I hope you can find any method that an active X control does not prompt. You are good at bypassing things. /I don't see anything in the script that can bypass zone security and run successfully from internet zone. I am sure you have tested it locally and drawn conclusion that the script can execute from internet zone. To test the script from internet zone, you need to upload it to a webserver and try accessing via browser. / I think I have told the practical citation clearly. The automation object is required. The best way to validate your work before posting publicly is, run it through the vendor or third party security sites like secunia or idefence. This would certainly save you from public embarrassment. Embarrassment. Nothing lies beneath it. Critically your are too much at of your own
Re: [Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow
Security comes into play here because a user can create a malicious play that would overflow the virus scan. Consequently the user can execute code with the privileges of the user running virus scan. Thus, it is a local privilege escalation scenario. Date: Wed, 15 Aug 2007 18:53:18 +0200 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk; [EMAIL PROTECTED] Subject: Re: [Full-disclosure] McAfee Virus Scan for Linux and Unix v5.10.0 Local Buffer Overflow Joey Mengele wrote: Where does security come into play here? This is a local crash in a non setuid binary. I would like to hear your remote exploitation scenario. Or perhaps your local privilege escalation scenario? J _ With Windows Live Hotmail, you can personalize your inbox with your favorite color. www.windowslive-hotmail.com/learnmore/personalize.html?locale=en-usocid=TXT_TAGLM_HMWL_reten_addcolor_0607 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/