[Full-disclosure] Some Hashes
OpenBSD 4.1 sshd remote root exploit (on the default install!): SHA1(screwtheo.tar)=ad1bc1f05afa2cc3ccadb18fabb985394c02ce8d MD5(screwtheo.tar)= cee67df76eaa0706e666cd5c0b8b711c OpenSSH exploit for linux SHA1(screwtheo_linux.tar)=cb6816de43df87193050a497a83cd8f7ab721fbd MD5(screwtheo_linux.tar)=8d65c90d40975556b199a3e1028a5a51 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Some hashes for the record
On Nov 14, 2007 5:58 PM, shadown <[EMAIL PROTECTED]> wrote: > Hi, > > First of all I ask for apologies if this bothers somebody, but I just > need a place to record this just in case. > > This are the hashes that belong to four PoC files of vulnerabilities > that affect at least Microsoft Windows XP SP2 and Windows Vista default > installation full updated (md5, sha-1, sha-256) > I've already reported this bugs indirectly to Microsoft. > This list is called "full-disclosure", not "hash-disclosure" posting the hashes is *not* full-disclosure. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day Orkut XSS [ NEW! ]
On 10/12/07, Fabio N Sarmento [ Gmail ] <[EMAIL PROTECTED]> wrote: > Greetings! > Doing hard searches and working hard seeking for xss holes we finally found! You surely mean ``ass holes''? > The new hole is in the description of the pic, you can put html encode chars > like this. > > & l t ; meta http-equiv="refresh" content="0;url=http://suafakeaqui"; & g t ; > > < means < (minus) or open tag. > > means > ( more ) or close tag. > > So you can build great javascripts to stole cookies and whatever you want ;) > > Proof of concept: > > My Profile: > http://www.orkut.com/Album.aspx?uid=4196484633792069568 ( > just a javascript with location.href='mypersonalwebsite.com > ' ) > > Thanks to Pedro Boara ( http://www.suspensa.info ) > > Att; > Fábio N Sarmento > Programmer > São Paulo / Brazil > ___ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On 8/9/07, h buffo <[EMAIL PROTECTED]> wrote: > Hello, > > this message only concern professional. I selling codes & 0days exploits > about vulnerability i found and i coded. If you are interested by windows and > linux exploit, please mail me. > Full-Disclosure - We believe in it. But you don't. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass
On 6/3/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Please take a look at the Attachement dear List moderator. :) > > Kind regards, > Rembrandt Works on openbsd 4.0 $ uname -a OpenBSD pufferfish.lan 4.0 GENERIC#1107 i386 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hashes
On 5/29/07, Kradorex Xeron <[EMAIL PROTECTED]> wrote: > To what? Your dog? The universe? an MP3 you downloaded? a program? Could be porn, as I did: http://www.security-express.com/archives/fulldisclosure/2007-05/0468.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Some Sums
What are these sums of? SHA1:a8b000ca309f1c83c97581f41cf942d7a07595a9 SHA0:46a6b603040a8bb6e564e15af227a9e41c99688c MD5:a123f7081e73077858ded9ef04ba4e81 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] A Story about my Childhood: Destionation Whitehat
On 5/16/07, Ross Brown <[EMAIL PROTECTED]> wrote: > Aliso Viejo, CA - This is a story about my childhood, my sister and removed load of crap > With love, Ross Brown, 42 year resident of Aliso Viejo, California, ex-eEye > CEO. > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Wow. Please, can someone explain to me what the hell this has to do with computer security? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Cryptome is dead (at least for now)
On 4/29/07, Line Noise <[EMAIL PROTECTED]> wrote: > http://cryptome.org/cryptome-shut.htm > > It may be difficult to reach. > > Google cache at > > http://209.85.165.104/search?q=cache:CnmiZp3pFhgJ:cryptome.org/cryptome-shut.htm > > As a friend of mine said elsewhere, John Young must have said something bad. John Young should set up cryptome as a tor hidden service. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] War against Iran: Update from front lines
On 4/10/07, United Hackers <[EMAIL PROTECTED]> wrote: > _ _ ___ _ __ ___ ___ _ __ > | | /| / / _ | / _ \ / __ \/ |/ / / _/ _ \/ _ | / |/ / > | |/ |/ / __ |/ , _/ / /_/ // _/ // , _/ __ |// > |__/|__/_/ |_/_/|_| \/_/|_/ /___/_/|_/_/ |_/_/|_/ >Hackers United against the Threat of Islam > > --- > FOR IMMEDIATE RELEASEANTI-MUSLIM > LEAGUE > > --- Please go take a Kalashnikov and fire some bullets through your head. You are NO FSCKING BETTER than Osama bin Laden when he advocates a jihad against the United States. For once, he is right. YOU SHOULD HAVE BEEN IN THE TWIN TOWERS ON 9/11/01 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Backdoor within popular security software.
On 4/8/07, Anonymous User <[EMAIL PROTECTED]> wrote: > Hello, > I have found a backdoor in a popular piece of security software which works > in a way similar to a rootkit, allowing a remote attacker to access the > system fully. > I first attempted to contact the company/person to see if they knew anything > about it, to find whether it was intentional or a hacker had accessed there > code. However I have still not heard back from the company/person in > question after 2 weeks of sending the email. lalala, proof or it never happened ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The Cyber war on Iran
On 4/4/07, United Hackers <[EMAIL PROTECTED]> wrote: > _ _ ___ _ __ ___ ___ _ __ > | | /| / / _ | / _ \ / __ \/ |/ / / _/ _ \/ _ | / |/ / > | |/ |/ / __ |/ , _/ / /_/ // _/ // , _/ __ |// > |__/|__/_/ |_/_/|_| \/_/|_/ /___/_/|_/_/ |_/_/|_/ >Hackers United against the Threat of Islam LOGS OR IT NEVER HAPPENED! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The Cyber war on Iran
On 4/4/07, Dingo Ugly <[EMAIL PROTECTED]> wrote: > > On 4/4/07, United Hackers <[EMAIL PROTECTED]> wrote: > > > > > > _ _ ___ _ __ ___ ___ _ __ > > > | | /| / / _ | / _ \ / __ \/ |/ / / _/ _ \/ _ | / |/ / > > > | |/ |/ / __ |/ , _/ / /_/ // _/ // , _/ __ |// > > > |__/|__/_/ |_/_/|_| \/_/|_/ /___/_/|_/_/ |_/_/|_/ > > >Hackers United against the Threat of Islam > > > > > > > > --- > > > FOR IMMEDIATE RELEASEANTI-MUSLIM > > > LEAGUE > > > > > > > > --- > > > > > > > > > WOW...I'm impressed..no one has called you Nazi yet. You are a Nazi. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Hackers uniting against Iran?
packet logs or it never happened ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/