Re: [Full-disclosure] Free antivirus software
Hi Arsen, hi all there is Clamwin like Randall M sais, also AVAST for personnal use is free... Cheers. ArsenKirillov a écrit : Hi! Looking for something like Free AV software for Win32 OS's. If u r using something good - pls let me know! Arsen Kirillov ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Free antivirus software
Sorry, the link : http://www.avast.com/eng/download-avast-home.html Not only AV : Antivirus kernel Automatic updates Simple User Interface Virus Chest Resident protection System integration P2P and IM Shields Integrated Virus Cleaner Network Shield Support for 64-bit Windows Web Shield Internationalization and mores... try it now !! :) Cheers. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: Re: ExplorerXP : Directory Traversal and CrossSiteScripting
You're right... Now, the simple search returns that : http://packetstorm.linuxsecurity.com/0603-exploits/explorerXP.txt ;-) Dave Korn a écrit : Julien GROSJEAN - Proxiad wrote: A simple Google search returns that : http://www.phpscripts-fr.net/scripts/script.php?id=933 That depends on what you mean by simple. I just put ExplorerXP into google, which I think is about as simple as you can get. That website doesn't show up until the seventh page of results. (And strangely enough it doesn't show up until the /eighth/ page of results at google.fr!) So unless you had prior knowledge that it was french (I suppose I could perhaps have guessed that from seeing the word 'chemin', but you can't assume it's french just because the people reporting the vuln are from france), or unless you somehow already knew that the correct spelling had Explorer and XP as two separate words, I think the point remains: *all* vuln announcements should say what the software is, where it comes from and who makes it. After all, for all you know there is /yet another/ php package out there called ExplorerXp, and it's /that/ one they were talking about. cheers, DaveK ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Invisionzone.com board hacked...and Invision won't do a thing...
This page download these files on my vmware station (XPSP2) : * wochevt0.wmf (Download.Trojan) * count.jar-14a1bd95-63a.zip (Trojan.ByteVerify) These files were downloaded without any action from my part and with firefox 1.5 Cheers. GroundZero Security a écrit : Some ISP's only do server housing and just give the customer full root rights over their Server and stop to care from that point on. I have had a few customers that have been hacked and when i reported it to their ISP's i offten got reply's like It is the responsibility of the Customer to handle such situations [...] We just host the Server [...]. Anothertime i had a infected Windows System from a customer and found some Spyware on it that was hosted on the Rackspace Network. When i reported it to Rackspace after weeks i got an reply saying that i could download the deinstall script from the site aswell Thats all. When i mailed back to ask if they do not care about their reputation i did not get a reply anymore. My opinion is that its all about money. Here and then ISP's probably receive cash from the Spyware Vendors and so allow such Software to be hosted. Of course in public they act like they would want to prevent such activity. -sk GroundZero Security Research and Software Development http://www.groundzero-security.com Wir widersprechen der Nutzung oder Übermittlung unserer Daten für Werbezwecke oder für die Markt- oder Meinungsforschung (§ 28 Abs. 4 BDSG). pub 1024D/69928CB8 2004-09-27 Stefan Klaas [EMAIL PROTECTED] sub 2048g/2A3C7800 2004-09-27 Key fingerprint = A93E 41F8 7E82 5F2C 3E76 41F1 4BCF 3096 6992 8CB8 -BEGIN PGP PUBLIC KEY BLOCK- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBEFX440RBADGTKOgZR9Y9VA/cfNLWTIN/OmXe9l6UZJ6pY8Hqcv6DFE//Kt9 UfQMU470i+I7SvIHZN066Kl4ts4r90sLxXrE4r5VQCLTsJM68cliatrM8MbbZZs+ xf3ldelZrHNvHkXDk4I/n3O56F9M6tZ/S71AIj++raIbFX57fn8Z8NNOnwCgwDr6 LDVP+5N4DML1/+uvXNtoL30D/A/GUXd6lJ8i7MoZMzwKk1uwDsgWwP+Wm0hMwJMr fR/di9K55pGdlGFNO5P2L3qOl2BaC8raNkLcXaweW+bao3P66nzpdtmecsjCMWq2 tQWgu/O7S1FgzlUAKJSOc2Th5PY9Raum8bXnSv4gnHZCKjNskIdrz8WDxCzEoPtZ eCssA/9ydHRvNIPjOTmzjXoE+UbJrB/U//u3dpAsLkzclKeSgjV2eYUgHGcqYn+H cFoubD78yFWqZqYtxfiyjBlItsIn9ls0gAZFKDFHd1XfOLFSa0/NHNpHLxCZGFIA tQ0Gp47VRmTPkWJ7lB505w0XioNs1H/1K1RSp++7+t1SNkBlobQpU3RlZmFuIEts YWFzIDxza0Bncm91bmR6ZXJvLXNlY3VyaXR5LmNvbT6IVwQTEQIAFwUCQVfjjQUL BwoDBAMVAwIDFgIBAheAAAoJEEvPMJZpkoy4AnYAmwTot1PMUty1YoCuMVg6cpr7 HKy1AJ98jyzD365YkIQAEiihXlQJ4zrxBLkCDQRBV+OvEAgAiu75prsTQZdNijtY eMQhl4tEL8qi8JOFluYGnvPYjDzU0PY9E4mNx/w2BgYcM3lTVzSmaiLEJ1AzeOHn w+pLDWsorRZuVI9q3+ExW3s2yFX4ppdHAVBMuYsQyVJRkbobCkcwTbUYXr23pKzh D8WRAJ991k2lNcQHxMgixAN+55XBFLhwLB0Yz7XmhFYLid5dLxdPllLIV3ZHDeY0 SEqMSpw96+gV0QpX7YH9U2VBr3Wz7Ss6qNZkcgHQw1xmk6Yy24QnT4a9oZD06Yjr cCocXnyI/YLW1wXo/6Hh44UH3b9mKUX6eh8ybn7QCnZDG7AdxbglLiPTkdcx0YoT NANZBwADBwf8CrjVKiXSzyhUsdH1es1KQCZ/zH6PvPzdxqYuGuVVMzgaJeeOMS2G 4rLfw2ILahAS0fjng6zX2c1ndPVJ6oAq3IygWsqJH6Uh23NmKTlyx3KtSgyW7YsB Rn/4wobuojArTHTl+X3U4JZTUEb9E4osB9bFjdsgXcxNSwXghQMh1x5eS5/fcjLd tACNq0x2/zh8zTJFHK+oNCLY2+iBjTUn7K03rEhQo6HqbPYwyc3LUCwBuFHFDVWp bZqa4knO0H5BBmbiI09kaVPOs0qRLXCAf1oy9PxK5ZBJ4WfQAnMAU+TuNrTuW2SU NMh92TCELdDpl/pMDbbBGeJdMvXZmY99HIhGBBgRAgAGBQJBV+OvAAoJEEvPMJZp koy4p1QAoIaYw3VxA0/mixUsMO4R13sXIL/pAJ9zodR+A9+bLqCRlVusG8JhItv1 Ow== =E0o1 -END PGP PUBLIC KEY BLOCK- Diese E-Mail kann vertrauliche Informationen enthalten. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail oder von Teilen dieser E-Mail ist nicht gestattet. This E-mail might contain confidential information. If you are not the right addressee or you have recived this Mail in error, please inform the Sender as soon as possible and delete this E-Mail immediately. You are not allowed to make any copies or relay this E-Mail. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Kazaa
Have a look here too : http://www.pcquest.com/content/topstories/secure/103111007.asp Cheers. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: A Move to Remove
Please, don't bore us with your discution ! What is the relation with this list ? Please, mail to member itself and not all the list... Gonna add some mails to my filter soon... ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: ExplorerXP : Directory Traversal and Cross SiteScripting
A simple Google search returns that : http://www.phpscripts-fr.net/scripts/script.php?id=933 Cheers ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Secure HTTP
Ok, but all his traffic on his network will be encrypted... no ? If the sites you are visiting don't support encryption, you are still going to end up with data in clear-text on the wire. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Simple Oscommerce Google inurl trick
It returns a lot of things... :) Joshua Zukerman a écrit : A quick search didn't return anything on the Google Hacking Database. Submit it here: http://johnny.ihackstuff.com/index.php?module=prodreviews On 3/6/06, Jodi Middleton [EMAIL PROTECTED] wrote: Simply google inurl trick for Oscommerce for open administrator page. If no .htpassword is set for the admin folder of osCommerce then of course you can change any setting in the shop unless password security has been enabled on the admin console. Search google for; inurl:/admin/configuration. php? Mystore Despite a few demo pages there are a few open admin pages for webshops. Simple patch if you are one is to place a .htpassword file in the root of the admin folder. -- J.R.Middleton ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] strange domain name in phishing email
I think you try to remove the slash at the end... What about the logs ? Alice Bryson a écrit : BTW, this kind of ip address would not always work. i try to use http://2887060730/ to access an internal web server http://172.21.12.250, but failed. It said 400 bad request. I use Windows XP IE 6, web server is Apache on Windows 2003, does anyone know why? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
