[Full-disclosure] SecNiche Garbage Dumps on mailinglists
Thanks for your garbage again! I was wondering all these days where have you vanished and how big garbage you are going to dump on all of us this time. so all that you want to express in your huge garbage dump is inurl:ldap. xml site:com allinurl:indexof ldap. xml site:org. bty your description on how google make queries is one amazing piece of information. we would had never known this if you would not have put this in your article. I think you must be drinking enough poo these days. shame on you. -Original Message- From: AKS aka (0kn0ck) [mailto:[EMAIL PROTECTED] Sent: 04 December 2007 02:57 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [WhitePaper (SecNiche)] Information Prone LDAP Garbage Dumps Hi The LDAP garbage dump that remains on web server results in information disclosure. Security of LDAP may be compromised, if for instance a search engine crawls through untamed directories on the web server and finds information through the ldap.xml file. This type of harvesting attack is also termed static information leveraging attack. This article provides methods for dealing with this type of attack and clarifying how to secure LDAP Read it at : http://www.secniche.org/paper.html http://www.secniche.org/papers/Inf_Pr_Ldap_Gar_Dumps.pdf Regards Aks aka 0kn0ck http://www.secniche.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] URI handling woes in Acrobat Reader, Netscape, Miranda, Skype
why don't you guys agree to disagree and STUF? On 10/8/07, Geo. [EMAIL PROTECTED] wrote: - Original Message - From: Glynn Clements [EMAIL PROTECTED] URIs which it passes to an external handler (e.g. mailto:), it only needs to identify the scheme (to select the correct handler); it is the handler's responsibility to validate its own URIs (i.e. mail programs need to validate mailto: URIs). I don't agree. Whatever program takes input from an untrusted source, it's that programs duty to sanitize the input before passing it on to internal components. It's like a firewall, you filter before it gets inside the system. Example, an ftp server has to sanitize filenames to prevent useage of streams on NTFS, you don't blame the filesystem that the input gets passed to, it's the job of the ftp server to do the sanitizing of untrusted input. Geo. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Life cycle of a hacker by n3td3v
by any chance your son's name is Aditya? which category you would like your son to get tagged? On 10/3/07, worried security [EMAIL PROTECTED] wrote: new-bie - hangs around web based chat: yahoo chat, msn chat. watches what hackers are doing, hangs about with them to befriend them and gain intelligence on how they hack, and ask for the tools from the people who make them to hack a few yahoo or msn accounts for themselves. while this isn't true hacker, its the beginning of a career of electronic hacking. kool-bie - has made friends with hackers who make the tools, has gained their trust and is welcomed into the real hacker social circles that the newbie wasn't socially accepted into as a newbie. koolbies are poked and probed and groomed, as in, if an insect is in your furr, then the real hackers will tell you and remove the pest irritating their skin. koolbie is given beta releases of the hackers tools before the newbie general public. curious-bie - the curiousbie,now bored with what the new-bie and kool-bie scene had on offer, starts wanting to dismantle, the tools they've been using. the curiousbie starts wanting to have the popularity, respect and chicks the real-bies have in the scene. the curious-bie will discover a hex editor and start exploring the real world of infosec, may start discovering new things by typing catchphrases into search engines, and finding security news articles interesting. starts finding mailing lists to do with real vulnerabilies. real-bie - the real hacker, has finally been reading mailing lists and news articles for a while, starts thinking about linux distros, joining internet relay chat, joining real discussion about technical emphasis of vulnerabilities, wants to start hacking. true-bie - has sucessfully penetrated an online application, maybe e-mail, gathers intelligence, gets interested in forming views of government and other people who are active members of mailing lists. at this point the industry discovers the person, the true-bie becomes vocal on online communities such as lists, social media sites, and news feedback forums. student-bie - has formed strong views and believes he is right, now wants to make money in a career of information security. goes to collage to become professional. hides hacking background from student peers, feels guilty about being part of the underground, keeps it secret. pro-bie - graduates from university, expects a full pay and a successful life, ends up just working in the local supermarket, this person is highly skilled hacker with knowledge of ethical stardards. doesn't get the job the course advertised the student would get, gets frustrated about life, feels lost and cheated, starts acting as a security professional online anyway, to live the dream they never got, even though they put the sweat and tears into achieving their university degree. at this point the government becomes concerned, pro-bie sets up websites, with professional text, claming to be a research group, or company that'll protect companies. the pro-bie will release real vulnerabilities to mailing lists and will get attention headlines from security journalists. job-bie - has, through exposure of releasing vulnerabilities and getting talked about in news articles, is offered a job at a real vendor company. the job-bie has managed to get the job and pay the pro-bie wanted, although admittedly, the university years ended up being a waste of time in reality. mature-bie - has been in known named company for a while, is known as an expert. older and more wiser, the mature-bie may start a blog, and commentry made by the mature-bie is often seen in quotes in news articles, commenting on security incidents and other security related current affairs. the mature-bie is respected member of the security community, the goal of everyones life in the industry, the mature-bie is looked on by government, and the government actually listen to what the mature-bie says on his blog, and quotes seen in news articles. mature-bie may be invited to vendor-security conferences, and government meetings, and the mature-bie may be approached by telecom companies to consult and help develop new cutting edge technologies and initiatives. n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Will the real daddy of Aditya stand up? and spank the kidddo's ass
wow! I am going to love Aditya after sometime for his shameless nature and being even more adamant than some of the FD trolls. Aditya - we can understand your feeling that you are completely lost and looking for your daddy over internet. Guess what we have a surprise for you! Dr Neal's recent research is going to prove that n3td3v is your daddy. bty what the fuck is reverse Engineering layout? -Original Message- From: Aditya K Sood [mailto:[EMAIL PROTECTED] Sent: 21 September 2007 04:35 To: [EMAIL PROTECTED] Subject: [Mlabs] Dissecting Internals of Windows XP Svchost : Reverse Engineering Stature Hi all This is the reverse Engineering layout of Scvhost Internals. |Category : Reverse Engineering Analysis. The paper solely relates to the core internals that build up the Windows XP Svchost. The Svchost internals have not been disseminated into informative elements yet. I have found only one or two analysis but that wont satisfy my views regarding XP Svchost. The anatomy of Svchost has got complexity in its own term. This pushes me to write a specific analysis over it. The analysis provide a structural design with concept wise dissection. The point is to understand the hidden artifacts and how it affects the working aspect of prime service host controller.Every process is disseminated into primary process and secondary process. In terms related to operating system there is a parent process and its child. If one look at the implementation scenario then child processes are undertaken as thread internally. The kernel level implementation is subjugated like this. The XP Svchost runs as threads under services process.| http://mlabs.secniche.org/winxp_svchost.html http://mlabs.secniche.org/papers/Win_Xp_Svc_Int.pdf Regards Aks aka 0kn0ck http://mlabs.secniche.org | http://www.secniche.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] GOD save this Industry: Meta Info == Aditya === Lame Ass striked back :PPPPpppppppppppp
Here goes the height of foolishness ... even though we all know, here is the foolish confession of Aditya that he is Meta Info :)) GOD SAVE FD /* More over thanks for adding to my fame and glory. You dont know what you r doing for me indirectly. */ -- Forwarded message -- From: Meta Info [EMAIL PROTECTED] Date: Sep 20, 2007 11:31 AM Subject: Hahahah ! If you are a real son fo your father To: [EMAIL PROTECTED] Hey fucker First of all your this stupidity not going to work what ever you do. You have already hsown you are not a REAL SON of your FATHER. Teri Maa di Lun , Teri Behn di Lun too. You write this Here is a final chance for you to grow up and stop posting your shit otherwise I am going to make your life a hell virtually and use my contacts in India to take care of you physically. Do it if you are real son of your father then do it. Use your contacts. Teri Maa di lun. If your mother have breast feeded you and do it , use your contacts. You impotent asshole. I am waiting for it. More over thanks for adding to my fame and glory. You dont know what you r doing for me indirectly. Regards Fucking Lamer Buster ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Mlabs] Scrutinising SIP Payloads - Someone break his e-kneecaps please
JO: expect a mail after this from some fake gmail id with terrible Hinglish and extreamly kiddish slangs :D On 9/20/07, J. Oquendo [EMAIL PROTECTED] wrote: First of all you should credit ALL the individuals, companies and sites you rip your information from else its called plagiarism On Page 12. Word for word you simply copied: http://www.cisco.com/en/US/docs/voice_ip_comm/sip/proxies/2.0/release/notes/stnSolRn.html Temper the contents and make it work according to attackers usage. What the hell are you talking about... You stated The Cisco proxy server does not accept calls after 150 cps I don't know what the hell you were using but Netra's can easily push in upwards of CPS, IBM X's 1000 via udp, 200+ via tcp... On Page 19 you stated Wiretapping Attacks: These are the generic class of attacks which take place when modification of communication channel is done by an attacker between two parties. ... Really? So when I'm running VoIPong and nothing is getting modified yet I'm steady recording a conversation what is this called. An unmodified wiretapping attack. That paper was yet another waste of time for me to read. Instead of copying and pasting to your hearts content and putting together something that makes sense only to you, why don't you first try to understand 1) what the hell you're talking about 2) what the hell you're writing about 3) what the protocol truly does and then - what attacks are possible based on something you truly know - as opposed to something you may think sounds logical. Page 28: It can be exploited by the attackers to have Denial of service attacks. The mechanism starts from the payload designing. The actual infection starts or is mainly coded in the payload itself by the attackers. What kind of high potent hashish are you smoking? Outside of these ignorant assumptions you make based on what I infer as an overall lack of knowledge on the subject, I could barely skim through the rest of your document since it was mainly terrible english with huge chunks of copied RFC material and ramblings that made zero sense. Nothing worth noting - other than me repeating in my head this jackass should STFU and learn what he's talking about instead of making an idiot out of himself And I don't mean to sound harsh - well yea I do, but that's irrelevant. What you're doing is flooding the industry with bullshit documents that those without a clue might read and become even more clueless. Please stop your ramblings. J. Oquendo Excusatio non petita, accusatio manifesta http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xF684C42E sil . infiltrated @ net http://www.infiltrated.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] A Request To Everyone
STFU you lame ass. bty what is your request? atleast develope a decent writing skill and know what you are writing. the only way I see this would stop is, if you become little considerate and stop posting all your craps in mailing list and appologise openly for posting fake / crappy articles or postings. many has adviced you several times in the past but you have never listened and have been abusing mailinglist for positng your craps. All we seen is that you want fame and glory by posting your craps with media friendly fancy lines for those clueless media lurkers who think they have been publishing breaking news out of your fake article. sparky, here is a self assessement homework for you: Try to google for one single seasoned security folk who has acknowledeged your work. I am sure you get none and that proves something you need to worry about yourself. Looks like your mom made love with a wailling donkey on the river side and you got birth. On 9/21/07, Aditya K Sood [EMAIL PROTECTED] wrote: Hi After looking at the mail wars , I want to say only two lines. I dont know who Meta Info is , Lamer Buster is , LSNN is and all. I dont know how they are generating mails and putting my name everywhere. Thats it. Thanks to all. Regards Aks ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in VOIP and IM
hello cranky! so you recently diverted your attention to steal others work without giving any credits and get glorified. Do you think this community is such a fool that it can not idenitfy your plagiarism. SIP and its related issues are known for years. Anyone who is yet to explore it, look for SIP Exploitation in google. http://www.google.co.in/search?hl=enq=SIP+Exploitationmeta= On 9/20/07, Aditya K Sood [EMAIL PROTECTED] wrote: Hi I have released core research paper on SIP comprising of Payload problems and Attack vectors. This research paper lays stress on the potential weaknesses present in the SIP which make it vulnerable to stringent attacks. The point of discussion is to understand the weak spots in the protocol. The payloads constitute the request vectors. The protocol inherits well defined security procedures and implementation objects. The security model is hierarchical and is diverged in every working layer of SIP from top to bottom. SIP features can be exploited easily if definitive attack base is subjugated. We will discuss about inherited flaws and methods to combat against predefined attacks. The payloads have to be scrutinized at the network level. It is critical because payloads are considered as infection bases to infect networks . The pros and cons will be enumerated from security perspective. You can download paper at: http://mlabs.secniche.org Regards Aks aka 0kn0ck ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Reality Behind LSNN/Fake Reports/Lamer Buster] Who Actually this person is ?
omfG ROFL Aditya: would you ever grow up and be little considerate on this community. Lets for the moment forget about all that flames people have made for you; Have you ever realised how this all started?? In the history of Security and FD community no one except n3td3v has ever tried to misuse the freedom of mailing lists. Especially in your case I see that all that you are looking for is a short cut to fame without anything good to backup yourself. Honestly I do not have anything against Indians or India, I have really come across some of the best mind from India and one of the best ever code breaker I know is from India. You are certainly bringing in a bad name for all Indians and no matter which country or place you are from; if someone misuse the mailing list for all lame stuffs atleast I am certainly not going to tolerate this. Here is a final chance for you to grow up and stop posting your shit otherwise I am going to make your life a hell virtually and use my contacts in India to take care of you physically. On 9/9/07, Meta Info [EMAIL PROTECTED] wrote: Hi all It has been noticed for the excessive criticism of security professionals over the lists have really shattered the things. I am having a contacts with the security lists person who are undertaking the functioning. With the use of these fake ids it has been noticed some person is try to disrupt the functioning by discrediting other. some what for his satisfaction. The mails clearly reflect the frustration of this poor professional. The lists are having an eye over this person for long time since he had started this. Now its time to look into reality. We were waiting that this person should stop this but some what the person is ruled out of his professional ethics. Due to this many professionals are leaving FD lists. We have even contacted with the server owner where his website is served. Changing id's dont hide this person identity. I have received many mails clarifying the act of this person. It has been this person is from some what a group called Metaeye and the owner is warl0ck somewhat name like Pranay Kanwar. We have full records of this because we are scrutinizing this person for long. This person chnages Id's and views with a response from list and try to pick the news from other lists like Bugtraq and Websecutity where he cant do the things because of moderation. Serious actions will be undertaken if he is not going to stop. Web owner of his website will be contacted very soon. This action has been undertaken after so many complaints from number of professionals. A warning has been issued to this person right now for not creating chaos on lists. Your complaints are getting high day by day. Rest just be easy on lists. It is as good as it is. Some time issues occur. Keep an eye. Regards John Information_Sec ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] LSNN: Aditya releases lame documents; FD vulnerable
One thing is proved here: I had a great estimation about all these security conferences but looks like some of them are even bigger morons like Aditya who are not able to distiguish a lame ass from a security guy. I will not be surprised that in future we will have people like Aditya and n3td3v will be speakers at such conferences and people would spend to attend it. On 9/9/07, LSNN [EMAIL PROTECTED] wrote: MR. LAME ASS OF THE MONTH RELEASES NEW MATERIALS The lame ass of the month, Aditya K Sood has released two documents of the talks he delivered on Xfocus Xcon conference and OWASP Live 0 conference day. [1.1] The security community has usually found Aditya K Sood's documents to be lame and useless. Aditya K Sood also does not occur in any security list where vulnerabilities are verified before pusblishing. [1.2] OSVDB/CVE has a policy of tagging such vulnerabilities as Myth/Fake but they have ignored Aditya because they believe the vulnerabilities to be so lame that it can not create any potential confusion. [1.3] Finally, some frustrated soul in Full Disclosure awarded Aditya K Sood with the title of Lame Ass of the Month. [1.4] Since then, Aditya seems to have been on a self-imposed exile from full disclosure. [1.1] http://www.webappsec.org/lists/websecurity/archive/2007-09/msg00032.html [1.2] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065295.html [1.3] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065296.html [1.4] http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065573.html A VULNERABILITY FOUND IN FULL DISCLOSURE MAILING LIST A vulnerability very common in many unmoderated forums also affects Full Disclosure mailing list. Any troll (like us) can can set rolling a long and winding discussion on lame topics which increases the SNR (signal to noise ratio) of the forum. A very recent example is the thread with the subject Came across this site [2.1] posted by Scott. Fortunately, Shyaam pointed out that it was a Useless thread once again.The lame thread still got 4 lame replies. This vulnerability is common in many unmoderated forums. There are many open source project forums which are known to be less affected by this vulnerability because in such forums the users and programmers are driven by a common goal, sense of responsibility and common-sense. [2.1] http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065664.html - We are Lame Security News Network (LSNN) If you believe in a free and open news service for security researchers, please volunteer by sending us lame news and articles on security. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Lame ass of the month - Aditya K Sood (from India)
finally I decided to give this lame ass a heads up for his yak yak yak. congratulation for your yet another gay paper, gays like you have proved in the past how this industry has encouraged people like you. I brand you as the lame ass of the month for your ass fucking gay paper. Have your mom stopped breast feeding you yet? --- -Original Message- From: Aditya K Sood [*mailto:[EMAIL PROTECTED][EMAIL PROTECTED]] Sent: 01 September 2007 11:35 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [Paper] The Anatomy of Third Party Pop Up Attacks. Hi This article deals with the latest third party popup attacks that are performed by an attacker from the rogue and vulnerable links of the web sites to circumvent the normal functioning on the web. The target website always seems to be the liable web provider from where the popup attacks are possible. It also discusses other problems related with Pop Ups. You can find it at: *http://www.secniche.org/papers/Analogy_of_Popups.pdf*http://www.secniche.org/papers/Analogy_of_Popups.pdf *http://www.secniche.org/paper.html* http://www.secniche.org/paper.html Regards Aks *http://www.secniche.org* http://www.secniche.org/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Lame ass of the month - Aditya K Sood (from India)
finally I decided to give this lame ass a heads up for his yak yak yak. congratulation for your yet another gay paper, gays like you have proved in the past how this industry has encouraged people like you. I brand you as the lame ass of the month for your ass fucking gay paper. Have your mom stopped breast feeding you yet? --- -Original Message- From: Aditya K Sood [ mailto:[EMAIL PROTECTED] Sent: 01 September 2007 11:35 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [Paper] The Anatomy of Third Party Pop Up Attacks. Hi This article deals with the latest third party popup attacks that are performed by an attacker from the rogue and vulnerable links of the web sites to circumvent the normal functioning on the web. The target website always seems to be the liable web provider from where the popup attacks are possible. It also discusses other problems related with Pop Ups. You can find it at: http://www.secniche.org/papers/Analogy_of_Popups.pdf http://www.secniche.org/paper.html Regards Aks http://www.secniche.org ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
