Re: [Full-disclosure] Happy Holidays / Xmas Advisory

[PsychoBilly]

[[   Henri Salo   ]] @ [[   24/12/2013 18:33   
]]--
> On Tue, Dec 24, 2013 at 11:26:15AM +0100, joernchen wrote:
>> A rather informal advisory on Fat Free CRM (http://fatfreecrm.com/):
> 
> I created https://github.com/fatfreecrm/fat_free_crm/issues/300 for tracking.
> 
> ---
> Henri Salo
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
I really like the full user db listing "feature"
view-source:http://demo.fatfreecrm.com/login

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [DAHAX-2013-001] Cloudflare XSS Vulnerability

[PsychoBilly]

( hello list, i'm Musn'tLive, I warn you want it a serious XSS Xploit in [ 
Insert whatever insignificant CMS here ],
The Xploit reside in trigger logged admin that click a craft mail. Thank you 
Acunetix for finding that. )


[[   xn...@xnite.org   ]] @ [[   22/08/2013 20:43   
]]--
> That's a nice trick and all, but I don't see how it's valuable. In order to 
> trigger the XSS you need to modify your browser headers, therefore any victim 
> who you are trying to get to a page to execute your XSS would need to also 
> modify THEIR browser
> headers. I don't see how this is any thing more than a neat trick. Sorry.
> 
> On Thursday 22 August 2013 23:18:03 Glenn Grant wrote:
> 
> Details below of an XSS vulnerability I discovered in Cloudflare (markdown 
> format)
> 
> 
> - Glenn | /dev/alias
> 
> * http://blog.devalias.net
> 
> * http://devalias.net
> 
> 
> -
> 
> 
> **Reference Number:** DAHAX-2013-001 (/dev/alias/hacks 2013-001)
> 
> 
> **Notification Timeline:**
> 
> 
> * 10/07/2013, Request# 38713 
> (https://support.cloudflare.com/anonymous_requests/new)
> 
> * 10/07/2013, Vendor looking into issue
> 
> * 16/07/2013, Updated vendor with new details (Length: 101 instead of 72)
> 
> * 16/07/2013, Vendor requested that I test again
> 
> * [No further response from vendor]
> 
> * 01/08/2013, Tested again, vulnerability fixed
> 
> 
> **Details Published:** 14/08/2013 
> (http://blog.devalias.net/post/58217238426/dahax-2013-001-cloudflare-xss-vulnerability)
> 
> 
> ## What?
> 
> 
> * Reflected XSS (cross site scripting) attack
> 
> 
> ## Where's Affected?
> 
> 
> * Theoretically it seems that any page that uses cloudflare will be affected.
> 
>   - Eg: http://www.cloudflare.com/
> 
> 
> ## How?
> 
> 
> * **To bring up the vulnerable page**
> 
>   - Set your X-Forwarded-For header to 72+ 101+ characters
> 
> - Eg: X-Forwarded-For: 
> AABBCCDDEEFFGGHH
> 
> - Eg: X-Forwarded-For: 
> AABBCCDDEEFFGGHHIIJJK
> 
>   - Load a site using cloudflare
> 
>   - You should end up on "DNS Points to Prohibited IP" page
> 
> 
> * **To trigger the XSS**
> 
>   - Set your User-Agent string to the XSS attack
> 
> - Eg: User-Agent: USER-AGENT being tested for 
> XSS..alert('Vulnerable to XSS via USER-AGENT header [Found by 
> devalias.net <http://devalias.net>]')
> 
> 
> * **The whole attack**
> 
>   - Ensure your X-Forwarded-For and User-Agent headers are configured as above
> 
>   - Navigate to a page using cloudflare
> 
>   - ???
> 
>   - Profit!
> 
> 
> ## Who?
> 
> 
> * Discovered by [Glenn '/dev/alias' Grant](http://www.devalias.net/) 
> (gl...@devalias.net )
> 
> 
> ## Responsible Disclosure Notice
> 
> 
> * Following in the footsteps of Google's vulnerability disclosure timeline, 
> unless otherwise agreed to beforehand, I reserve the right to publicly 
> announce the details of any discovered vulnerabilities 7 days post 
> notification.
> 
>   * **Google's Rationale:** "Seven days is an aggressive timeline and may be 
> too short for some vendors to update their products, but it should be enough 
> time to publish advice about possible mitigations, such as temporarily 
> disabling a service,
> restricting access, or contacting the vendor for more information. As a 
> result, after 7 days have elapsed without a patch or advisory, we will 
> support researchers making details available so that users can take steps to 
> protect themselves. By holding
> ourselves to the same standard, we hope to improve both the state of web 
> security and the coordination of vulnerability management." - 
> [Google](http://googleonlinesecurity.blogspot.com.au/2013/05/disclosure-timeline-for-vulnerabilities.html)
> 
> 
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] How to access your favorite sites in the event of a DNS takedown ?

[PsychoBilly]

[[   n...@myproxylists.com   ]] @ [[   25/06/2012 21:44   
]]--
> Is this post some kind of joke?

More like a G.bombing or social engeneering trick, as every oned-post blog.
you clicked, you lost time, then you'll want to subs to 
https://twitter.com/#!/username for more


more fun here: http://3494942921



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WordPress Authenticated File Upload Authorisation Bypass

[PsychoBilly]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

[[   Denis Andzakovic   ]] @ [[   21/06/2012 04:04   
]]--
> Exploitation of this vulnerability requires a malicious user with access to 
> the admin panel

Nicely played, sir, seems legit.
Whatabout an sec.advisory on http://wordpress.org/extend/plugins/wp-filemanager/
anyone?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJP4uJ1AAoJEB2ZvwF45NtDyYcIAKpbK14CdVTnHNPG3UqqqfIN
PzFz+BSh9gx8XE2ShASfovrgvS3awDCQAAYd+Ma6F67z6pLMPURtjz8XVGrrbBFi
4+4bN/ka9cIN/jMdwH2dDikowsPD4wWS6Xjucis7ID2o6xpTPbVrhYUoUae6Z09r
iD6SOA4pHSkcb1UUR5Cw5qLdbM84RJo0Jfelfr+DXAToR+8t6+b0ufIPpI6PISfW
b3wqi7GomXNpfxTPo4C/6S5VNpTzq5HBMrRvzotcq8n8ZOno+29/+UVd/vvBtNN8
P5XzpNCjKt25cpoiNnvn1cH50gcyitKb1czPpcY4mTR7aRdYQZL3nH7bbQSGXek=
=VCxc
-END PGP SIGNATURE-

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] cDc Created Hong Kong Blondes and 'Hacktivism' as a Media Hack

[PsychoBilly]

[[   Laurelai   ]] @ [[   04/05/2012 10:30   
]]--

> tl;dr

❤ Should have ❤

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Best DoS Tool

[PsychoBilly]

hping3 --flood

[[   Manuel Moreno   ]] @ [[   27/02/2012 04:35   
]]--
> Hi List!!
>  
> I made some research about DoS Tools for my regulars PenTesting. What is 
> considered the best tool for DoS? I made some test with scapy with god 
> results.
>  
> wait for your comments,
>  
> Best Regards
>  
> Manuel Moreno
>  
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] hackers.it disappeared from google search results

[PsychoBilly]

Robot directives are strictly followed by all non-rogue crawling bots
And if you tell googlebot to go away, he'll gently do so.
then the google index is updated shortly after, could be one week.
And another to come back in the index.

[[   David3 Gonnella   ]] @ [[   02/02/2012 15:32   
]]--
> yes i know robots are not specified properly, I am going to update the pages, 
> but the point is that searching *site:hackers.it* you do not have any 
> results, while since yesterday yes. (the update was done quite a week ago..)
> 
> If it is all due to this mistake, i would be very happy, and will give some 
> time to serious SEO studies
> 
> .D
> 
> On Thu, 2012-02-02 at 14:55 +0100, PsychoBilly wrote:
>>  this is called autopwn
>> 
>> [[   David3 Gonnella   ]] @ [[   02/02/2012 01:25   
>> ]]--
>>> Hello guys,
>>> 
>>> Since few days my domain is out for first tests ..but today it is totally 
>>> disappeared from Google search results.
>>> 
>>> Do you know how this can happen?
>>> 
>>> It has no malwares, exploits or anything illegal and there is neither the 
>>> intent as you can read in the few pages.
>>> 
>>> the domain is hackers.it
>>> 
>>> Any help in understanding would be appreciated. Thanks
>>> 
>>> Davide
>>> 
>>> 
>>> 
>>> ___ Full-Disclosure - We 
>>> believe in it. Charter: 
>>> http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored 
>>> by Secunia - http://secunia.com/
>> 
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] hackers.it disappeared from google search results

[PsychoBilly]

this is called autopwn

[[   David3 Gonnella   ]] @ [[   02/02/2012 01:25   
]]--
> Hello guys,
> 
> Since few days my domain is out for first tests ..but today
> it is totally disappeared from Google search results. 
> 
> Do you know how this can happen? 
> 
> It has no malwares, exploits or anything illegal and there is neither
> the intent as you can read in the few pages. 
> 
> the domain is hackers.it 
> 
> Any help in understanding would be appreciated.
> Thanks
> 
> Davide 
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Tor anonymizing network Compromised by French researchers

[PsychoBilly]

And please remember ninja's words:
http://twitter.com/#!/moxie__/status/115844171142664192

[[   Mohit Kumar   ]] @ [[   24/10/2011 16:31   
]]--
> French researchers from ESIEA 
> , a French engineering 
> school, have found and exploited some serious vulnerabilities in the TOR 
> network. They performed an inventory of the network, finding 6,000
> machines, many of whose IPs are accessible publicly and directly with the 
> system’s source code. They demonstrated that it is possible to take control 
> of the network and read all the messages that circulate.
> 
> But there are also hidden nodes, the Tor Bridges, which are provided by the 
> system that in some cases. Researchers have developed a script that, once 
> again, to identify them. They found 181. "/We now have a complete picture of 
> the topography of
> Tor/," said Eric Filiol.
> 
> Read More at "The Hacker News" -- 
> http://thehackernews.com/2011/10/tor-anonymizing-network-compromised-by.html
> -- 
> *Regards,*
> *Owner,*
> *The Hacker News *
> *Truth is the most Powerful weapon against Injustice.*
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Tor anonymizing network Compromised by French researchers

[PsychoBilly]

"Rumors of Tor's compromise are greatly exaggerated"
https://blog.torproject.org/blog/rumors-tors-compromise-are-greatly-exaggerated

[[   Mohit Kumar   ]] @ [[   24/10/2011 16:31   
]]--
> French researchers from ESIEA 
> , a French engineering 
> school, have found and exploited some serious vulnerabilities in the TOR 
> network. They performed an inventory of the network, finding 6,000
> machines, many of whose IPs are accessible publicly and directly with the 
> system’s source code. They demonstrated that it is possible to take control 
> of the network and read all the messages that circulate.
> 
> But there are also hidden nodes, the Tor Bridges, which are provided by the 
> system that in some cases. Researchers have developed a script that, once 
> again, to identify them. They found 181. "/We now have a complete picture of 
> the topography of
> Tor/," said Eric Filiol.
> 
> Read More at "The Hacker News" -- 
> http://thehackernews.com/2011/10/tor-anonymizing-network-compromised-by.html
> -- 
> *Regards,*
> *Owner,*
> *The Hacker News *
> *Truth is the most Powerful weapon against Injustice.*
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Tor anonymizing network Compromised by French researchers

[PsychoBilly]

http://www.dailymotion.com/gkallenborn#videoId=xlo02x
http://www.dailymotion.com/gkallenborn#videoId=xlo05e
good luck with french

[[   char...@funkymunkey.com   ]] @ [[   24/10/2011 18:09   
]]--
> I got the impression that they have fully compromised the actual TOR  
> network, not a dummy network, am I wrong?
> 
> Charlie
> 
> Quoting Travis Biehn :
> 
>> So they put up a fake network, 'hacked' most of the nodes, and with complete
>> control of their dummy network they were able to figure out traffic
>> movement?
>>
>> This is news why?
>>
>> -Travis
>>
>> On Mon, Oct 24, 2011 at 10:31 AM, Mohit Kumar wrote:
>>
>>> French researchers from  
>>> ESIEA,
>>> a French engineering school, have found and exploited some serious
>>> vulnerabilities in the TOR network. They performed an inventory of the
>>> network, finding 6,000 machines, many of whose IPs are accessible publicly
>>> and directly with the system?s source code. They demonstrated that it is
>>> possible to take control of the network and read all the messages that
>>> circulate.
>>>
>>> But there are also hidden nodes, the Tor Bridges, which are provided by the
>>> system that in some cases. Researchers have developed a script that, once
>>> again, to identify them. They found 181. "*We now have a complete picture
>>> of the topography of Tor*," said Eric Filiol.
>>>
>>> Read More at "The Hacker News" --
>>> http://thehackernews.com/2011/10/tor-anonymizing-network-compromised-by.html
>>> --
>>> *Regards,*
>>> *Owner,*
>>> *The Hacker News *
>>> *Truth is the most Powerful weapon against Injustice.*
>>>
>>>
>>> ___
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>> --
>> Twitter  |
>> LinkedIn|
>> GitHub  |  
>> TravisBiehn.com
>>
> 
> 
> 
> ---
> This message was sent from the FunkyMunkey mail server  
> (mail.funkymunkey.co.uk)
> If you have any queries/complaints regarding mail sent from this  
> server please direct them to ad...@funkymunkey.com
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] New open source Security Framework

[PsychoBilly]

Bolud!
no jodes con un Porteño fino!
Aya se callen or desaparecen .


[[   Juan Sacco   ]] @ [[   06/10/2011 02:16   
]]--
> Hey.. I already gave you an answer about this. 
> 
> AGAIN. For the last time.
> I respect the author's name of all the exploits added to Exploit Pack, like 
> you suggest in a terrible and way.. Insulting and posting like 10 mail to the 
> this list. I will add a " # Thank you [AUTHOR NAME ] for let us use your 
> public script " in the
> top of all new exploit added to Exploit Pack Framework.
> 
> ** Also, I created a mailing list to discuss this kind of things, report bugs 
> and much more ( But sorry, NO INSULTING is allowed there )  **
> 
> As other people told you stop doing chatting here. This is not a forum.
> 
> JSacco
> 
> On Wed, Oct 5, 2011 at 8:57 PM, xD 0x41  > wrote:
> 
> 
> Free Float FTP Server USER Command Remote Buffer Overflow Exploit
> when parsing the command 'USR', which leads to a stack based overflow. 
> Also Free Float FTP Server allow remote anonymous login by default
> exploiting these issues could allow an attacker to compromise the 
> application, access or modify data.
> 
> 
> 
> erm, sorry this dont count, it should be IN the code, not, after running 
> it :P
> thats bs mate, and i wont agree with your crap, until you see my point 
> really. It is, something you write, compared to running thwe GUI..
> 
> 
> xd
> 
> 
> 
> On 6 October 2011 10:47, Juan Sacco  > wrote:
> 
> Hey,
> Its really a shame that you didn't even take like 2 minutes to watch 
> the source code of Exploit Pack before create an opinion.
> This can't be a copy of CANVAS. Canvas is made on Python. Exploit 
> Pack JAVA. See the diference? Also, please take a look at the interface 
> design, both are really different. Show me where Exploit Pack is similar to 
> Canvas! I think you spent
> too much time looking for Waldo :-D
> 
> We respect the exploit author and that is why I add them at the first 
> line of the XML file
> You should run the program before creating this crappy post with your 
> nonsense opinions ( Harassing the free work of others, you wrote lke 5 - 6 
> insulting posts in like.. 2 minutes?.. Dude go find a girl, come on ) 
>  
> Take a look if you want:
> 
> 
> 
> 
>  CodeName="FreeFloatFTPServer.py"  Platform="windows" Service="ftp" 
> Type="remote" RemotePort="21" LocalPort="" ShellcodeAvailable="R" 
> ShellPort="" SpecialArgs="">
> 
> 
> 
> Free Float FTP Server USER Command Remote Buffer Overflow Exploit
> when parsing the command 'USR', which leads to a stack based 
> overflow. Also Free Float FTP Server allow remote anonymous login by default
> exploiting these issues could allow an attacker to compromise the 
> application, access or modify data.
> 
> 
> JSacco
> 
> On Wed, Oct 5, 2011 at 8:16 PM, xD 0x41  > wrote:
> 
> Heya jeff,
> The author is clearly not smart.
> He is copying other codes, this is a plain rip off of 
> canvas...hehe... and same with his insect pro... he stole metasplit for tht 
> one, then he wants repect, when we see him removing simplly one line wich 
> would atleast say a ty and, show
> [ppl who writes, is maybe sometimes stabler than other authors, 
> it would be better to have this in, not out.. he should be able to see thats 
> how it works with exploit code/pocs in general... sometimes, if i see php 
> code from one person, i
> will tend to look, but if it was from an unknown person, i prolly 
> wouldnt.
> But this (open sauce) project, i will download and waste 5minutes 
> on.
> Then illm go back to Backbox and BT5 and things wich work :)
> hehe
> (this guy is really mad about his app... and i mean, dang mad 
> angry! I will buy some tissues and send to him, that is my donation for his 
> app)
> :))
> xd
> 
> 
> On 6 October 2011 08:59, Jeffrey Walton  > wrote:
> 
> On Wed, Oct 5, 2011 at 5:32 AM, root  > wrote:
> > - * @author Stefan Zeiger (szei...@novocode.com 
> )
> > - print "   Written by Blake  "
> > -  Vulnerability="N/A">
> >
> > +#Exploit Pack - Security Framework for Exploit Developers
> > +#Copyright 2011 Juan Sacco http://exploitpack.com
> > +#
> > +#This program is free software: you can redistribute it 
> and/or modify
> > it under the terms of the
> > +#GNU General Public License as published by the Free 

Re: [Full-disclosure] Apache 2.2.17 exploit?

[PsychoBilly]

OMG!
This ...
actually WORKS!
GR8 Job, m8+!
L33+ cC l33+
W00+ FB Bwana!
...


[[   adam   ]] @ [[   03/10/2011 17:56   
]]--
> Also, make sure you guys don't miss out on this 0day either: 
> http://pastebin.com/R8XdsUgK
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] (a present for andrew wallace, with love from cal)‏

[Psychobilly]

From the distant
I can feel
The creeping smell
Of sudden life leaks
Tar is packaging
The network is hungry.


Le 19/02/2011 17:26, Cal Leeming [Simplicity Media Ltd] a écrit :
> Andrew,
> 
> Me and my girl made you a little gift, just for you! (no it's not porn lol)
> 
> http://bit.ly/ftK9VF
> 
> Much love, Cal <3
> 
> On Sat, Feb 19, 2011 at 2:42 PM, andrew.wallace
> mailto:andrew.wall...@rocketmail.com>>
> wrote:
> 
> On Sat, Feb 19, 2011 at 2:08 PM, Cal Leeming [Simplicity Media Ltd]
>  > wrote:
> > no.
> 
> A colleague of mine approached me today and mentioned all my emails
> are appearing on Full-Disclosure mailing list.
> 
> Why do you forward all my off list emails to the disclosure
> community? Is it some sort of attention seeking exercise?
> 
> A kind of, 'look who sends me private emails I must be someone
> important'?
> 
> Andrew
> 
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] from hbgary: stuxnet, WL attack, Psyop and Anonymous trackdown‏

[PsychoBilly]

tss tss
appearence of a thesis
but stuffed with approximations
IE p.15
" and “Unix Terrorist” is likely European. "



[[   Cal Leeming [Simplicity Media Ltd]   ]] @ [[   17/02/2011 15:01   
]]--
> I refer everyone to:
> 
> http://docs.google.com/viewer?a=v&q=cache:OWQrHOa0wlYJ:www.hackerfactor.com/papers/who_is_n3td3v.pdf+n3td3v&hl=en&gl=uk&pid=bl&srcid=ADGEESgOXeElYqoYkhojj9qtZ3bPDRiy_2OMLyhlaOqW6If-yK4-eLXAZQ4Yw3TGMl0YQFIwSmB0QbQmAjsnuZf8lmGMdXQrKwsWd8CtM7iO6xc4zSs621RgeFXvg-ueRsE5R1D5ENGv&sig=AHIEtbQlx0J-_J8eIS6lzxmFJJ0nQz23iw
> 
> 
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Dancho Danchev gone missing in Bulgaria

[PsychoBilly]

Brain Hacking is so Next Step
Reminds me of someone...
Adriàn Lamo?

[[   laurent gaffie   ]] @ [[   17/01/2011 15:39   
]]--
> No sign at all he was crazy at the first place;
> Question *could be* why is he supposed to be in a psyco hospital by now ?
> Anyways, who is the source on that one ?
> Who have a clue, and on what do we rely to have an opinion ?
> _Blah_ we'll probably never know.
> Sounds like classic stuff here.
> 
> 
> 2011/1/18 Juha-Matti Laurio 
> 
>> He has been found:
>> http://news.ycombinator.com/item?id=2112135
>>
>> via
>> http://twitter.com/#!/mikkohypponen/status/27006162218000384
>>
>> Juha-Matti
>>
>> Jamie Riden [jamie.ri...@gmail.com] kirjoitti:
>>> On 16 January 2011 22:28, jf  wrote:
 On Sat, Jan 15, 2011 at 07:45:30PM +, Joe Average wrote:
> Via ZDNet:
>
> "Zero Day blogger and malware researcher Dancho Danchev has gone
> missing since August last year and we have some troubling information
> that suggests he may have been harmed in his native Bulgaria."
>
> "Dancho, who was relentless in his pursuit of cyber-criminals, last
> blogged here on August 18.  His personal blog has not been updated
> since September 11, 2010."
>
> More Information:
>
>> http://www.zdnet.com/blog/security/we-need-help-with-the-strange-disappearance-of-dancho-danchev/7897

 In soviet bulgaria, you not research malware author, malware author
>> research you.
>>>
>>> Bulgaria joined the European Union in 2007 - see
>>> http://europa.eu/abc/european_countries/eu_members/bulgaria/index_en.htm
>>> Sorry to spoil the joke, but it's not like you can be disappeared at
>>> will in Bulgaria these days.
>>>
>>> I met Dancho a couple of years ago, btw - nice bloke, and we'd all
>>> like to know he's safe and well.
>>>
>>> cheers,
>>>  Jamie
>>> --
>>> Jamie Riden / ja...@honeynet.org / jamie.ri...@gmail.com
>>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] RHEL Linux Kernel Exploit

[PsychoBilly]

http://28.media.tumblr.com/tumblr_l4sobiXxwf1qza4ndo1_400.jpg

[[   rancor   ]] @ [[   15/12/2010 20:44   
]]--
> -g "musnt live" is a parody of "must live"... humor this =)
> 
> // rancor
> 
> 2010/12/15 Greg Whynott mailto:gwhyn...@gmail.com>>
> 
> funny... 
> 1. you were root when you ran the code!  epic elite.
> 2. he said "red hat"  NOT redhat based.   Redhat has no control over what 
> others do to "redhat based" efforts.
> you need more coffee!  8)
> 
> -g
> 
> 
> 
> 
> musnt live spewed:
> 
> [musntl...@pizda ~]# awk '/rel/' /etc/issue
> Scientific Linux SL release 5.5 (Boron)
> [musntl...@pizda ~]# uname -a
> Linux allotropos 2.6.18-194.3.1.el5 #1 SMP Fri May 7 01:52:57 EDT 2010
> i686 athlon i386 GNU/Linux
> [musntl...@pizda ~]# md5sum fullnullson.c
> b16e2a647bc8de1f72f25ab29aa916da  fullnullson.c
> [musntl...@pizda ~]# gcc -o hakaruski fullnullson.c && ./hakaruski
> [*] Failed to open file descriptors.
> [musntl...@pizda ~]# id
> uid=0(root) gid=0(root)
> 
> groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),1337(hakaruskis)
> [musntl...@pizda ~]# whoami
> musntlive
> 
> Is this exploit work and is my Linux is RedHat based. Thank you Dan
> and Ryan Seacrest!
> 
> 
> 
> -- 
> --
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Linux Kernel Bug Fixed For OpenBSD

[PsychoBilly]

I must declare humour is very liked me in this list.

[[   musnt live   ]] @ [[   09/12/2010 21:46   
]]--
> Hello full disclosure!!!
> 
> I is like to warn you about Linux kernel exploit that is was warned
> you by to from Dan Rosenberg. Is I discover that Linux OpenBSD is no
> vulnerable
> 
> bash-4.0$ id
> uid=1001(musntlive) gid=1001(musntlive) groups=1001(musntlive)
> bash-4.0$ uname -ap
> OpenBSD im.is.hakaruski.websecurity.ug.ly 4.7 HAKARUSKI i386 AMD
> Phenom(tm) 9850 Quad-Core Processor ("AuthenticAMD" 686-class, 512KB
> L2 cache)
> bash-4.0$ ls

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Host Gator exposed: blackhat spammers, sock puppet trolls, harassing critics, google bombing

[PsychoBilly]

Ahahahha
Very foonny
http://twitter.com/hostgator
"@kyledonovan please stop spamming your affiliate link"

I noticed them 10 years ago spreading IE4 toolbar malware shit.

[[   Josey Yelsef   ]] @ [[   29/10/2010 04:40   
]]--
> I first noticed this business years ago when I set up a website for a 
> friend's forum. He was extremely appealed by the deal. After hosting with 
> them for a very short time he parted ways.  At first I thought they were just 
> another lowly shared host. Recently, I checked back to see how this web host 
> innovated.
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] wikileaks still under attack, pressure revved up

[PsychoBilly]

http://www.voltairenet.org/IMG/pdf/gates-wikileaks.pdf

Fax from John McCain to Senate Chairman Carl Levin.

" The initial assessment in no way discounts the risk to national security; 
however,
the review to date has not revealed
any sensitive intelligence sources and methods compromised by this disclosure "

[[   Cal Leeming [Simplicity Media Ltd]   ]] @ [[   21/10/2010 18:51   
]]--
> I can appreciate his previous efforts, but what he has done here is put many 
> lifes at risk, both civilians and soldiers. 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] wikileaks still under attack, pressure revved up

[PsychoBilly]

1+ propaganda victim ( man! you're a hacker, don't you remember? )

[[   Cal Leeming [Simplicity Media Ltd]   ]] @ [[   21/10/2010 23:59   
]]--
> I apologise for this, I had heard this in, what I had believed to be, a 
> credible news report.

1+ truthfull obviousness

[[   Jeffrey Walton   ]] @ [[   21/10/2010 19:08   
]]--
> Hi Cal,
> If the troops weren't there, then the troops would not be at risk, and
> there would be no wiki leaks story. quod erat demonstrandum.

Moreover.
1 unique media is giving factuals datas.
Others medias are dressing reality like lil girls play dolls.

The troops in dangers we're talking about
goes out in heavily armored apache helicopter, or Kombat-grade Light tanks
Then ( sometimes ) make strawberry milk-shakes with civilians, because one of 
them is handling
" what could be interprated as a weapon "

Guess, who's the most at risk, here?

Should we consider releasing war.logs, and thus speed up troops.withdrawal 
process, a mess?
I believe the opposite.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] SuRe: Fwd: ipv6 flaw (is bullshit

[PsychoBilly]

[ App and Facebook Marketing ] ???

OMG another Tim Ferris wannabe?
How wealthy is your muse?
r a w k s o u p still is soup

[[   Robert Kim App and Facebook Marketing   ]] @ [[   19/10/2010 07:39   
]]--
> Sure hope those 4chan boys don't take that as a challenge
> 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Fwd: ipv6 flaw (is bullshit)

[PsychoBilly]

Anyways...
http://images.encyclopediadramatica.com/images/thumb/e/ed/Internet_business.jpg/569px-Internet_business.jpg

[[   Andrew Auernheimer   ]] @ [[   18/10/2010 10:58   
]]--
> -- Forwarded message --
> From: Andrew Auernheimer 
> Date: Mon, 18 Oct 2010 04:51:59 -0400
> Subject: Re: ipv6 flaw
> To: e...@zdnet.com.au
> Cc: Eugene Teo 
> 
> Dear ZDnet,
> 
> This story: 
> http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm
>  is someone talking straight out of their ass. We have no such
> exploit, If we did have such an exploit, there is absolutely no way we
> would share it with external parties. Not 4chan, not anyone. Due to
> the immense success and resiliency of the Linux platform, a 0-day
> kernel remote is worth serious money ($100k+ if you know the right
> buyers), and we would have given it to the highest bidder or put it on
> Bugtraq for maximum industry publicity. We would not have given it
> away for free to ineffectual idiots in their moms basements who aren't
> accomplishing anything.
> 
> Beyond that, many of my closest friends make their living off of
> intellectual property. I do not support defacement and DDoS as a
> method of protest against anything, especially not a childish protest
> against copyright. Authors have a right to charge however much they
> please for their creative works. The people involved with these DDoS
> attacks and web site defacements need to grow up and do something
> useful with their lives.
> 
> This article is ridden with a number of verifiably false errors. I'm
> sure a quick talk with Eugene from the Red Hat Linux corporation (he
> is cc'd to this email) could get you in touch with Linus who could
> confirm that no such communication with us ever existed. In addition,
> while I am probably one of the most skilled web application and
> browser exploit hackers in the world, I do not do kernel bugs. I have
> never done kernel work, with the exception of some stuff I did years
> ago related to Mac OS X kext. Every single bit of my previous public
> research has been related to a web browser bug or a web application
> bug. If someone in Goatse Security were to be involved with the
> creation of a kernel-related exploit, it would not be me.
> 
> Lastly, my contact info is amazingly public. I was awake and checking
> my email when your story was posted, and for the 11 or so hours
> preceeding it. I have also talked with reporters at ZDnet previously,
> including ZDnet Australia. So the next time you have the urge to print
> libelous, sensational misinformation defaming both the integrity of my
> information security working group and the security of Linux, please
> give me an e-mail or phonecall first. The contact info is on the
> Goatse Security website. I should be informed of this stuff by your
> "journalists" (who are supposed to do things such as contact parties
> involved in a suspect claim from a random anonymous idiot on the
> Internet) and not someone from a major software vendor.
> 
> Thanks,
> weev
> 
> On Mon, Oct 18, 2010 at 2:35 AM, Eugene Teo  wrote:
>>
>> Hi Weev,
>>
>> I read a ZDNet news report that you have discovered a Linux kernel 
>> vulnerability, and I am wondering if you will be willing to share the 
>> technical details of the flaw.
>>
>> http://www.zdnet.com.au/4chan-finds-linux-kernel-flaw-for-attacks-339306657.htm
>>
>> Thanks, Eugene
>> --
>> Eugene Teo / Red Hat Security Response Team
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WikiLeaks

[PsychoBilly]

False assertion, it's an attention whoring story for anyone in #sec..or in RPG

1- Fetch sparce elements
wget:
http://www.wired.com/threatlevel/2010/10/cryptome-hacked/
https://eta.securesslhost.net/~pgpboar/viewtopic.php?f=2&t=129
http://cryptome.org/0002/cryptome-hack3.htm

2- Make your own salad ( who's chasing who ).

CRYPTOME < Wikileaks Insiders > WIKILEAKS ( rux...@cryptome.hack )
Wikileaks Insiders <> pgpBoard ( the opponents ?[.gov]? )
J.A. <> Wikileaks ( the .gov.target )
WIRED.COM < Ruxpin > Kim Zetter ( fear, Insiderz! + panic.nicetry )




>I'm not sure why everyone is so fussed about this tbh..
>
> And surely, full-disclosure is no place for such a discussion either..
>
> 
>
> On 06/10/2010 19:06, Juha-Matti Laurio wrote:
>> It's the newest tweet still.
>>
>> Juha-Matti
>>
>> Jeffrey Walton [noloa...@gmail.com] kirjoitti:
>>> The latest is kind of funny ("Latest smear attempt: Chinese spy agency
>>> gave WikiLeaks $20M").
>>>
>>> Just call it a 'PAC Contribution' and everything will be fine.
>>>
>>> On Mon, Oct 4, 2010 at 7:05 AM, Juha-Matti Laurio
>>>wrote:
 And nothing related is not tweeted at
 http://twitter.com/wikileaks

 Juha-Matti

 Harry Behrens [ha...@behrens.com] kirjoitti:
> for 5 days and nothing about this to be found on google.
>
> Does anybody have an idea what is happening here - it does smell
> slightly fishy...
>
>-h
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WikiLeaks "underoing" (sic) scheduled maintenance

[PsychoBilly]

http://www.pgpboard.com/viewtopic.php?f=2&t=125
dadamdadam dadam  fire proof @  least!!!

> probably just assange throwing a tantrum
>
> 2010/10/3 Harry Behrens mailto:ha...@behrens.com>>
>
>   for 5 days and nothing about this to be found on google.
>
> Does anybody have an idea what is happening here - it does smell
> slightly fishy...
>
>  -h
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Multiple vulnerabilities in WordPress 2 and 3

[PsychoBilly]

We all know you have to make a living
but
For all these disclosures it's needed to have a brain.


Cluster #[[   MustDie   ]] possibly emitted,


> For all these attacks it's needed to have access to admin account

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [funsec] And they intend to do this securely, how, exactly?

[PsychoBilly]

Are you gay? ( ok ok  being Gay isn't bad )
You're arguing on " how blah blah"

Better being out + shouting @ your retarded.gov to stop that 
retarded.legislation

Crypted communication IS encryption ( aka get da fuckin eyeball outta he' )
Anything else is DIE, PGP, DIE!

Thanks for your kind attention.


> http://www.msnbc.msn.com/id/39379819/ns/technology_and_science-security/
>
> When the rest of the world is using OpenSSL and SSH, how you gonna do this
> securely?  (Yes, I know how to MITM an OpenSSL connection.  How do you design
> a network service so Good Guys can do that but Bad Guys can't?)
>
>
>
> ___
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatse's way to say "screw you" to certificate authorities

[PsychoBilly]

Statement = False
Moreover reinventing da wheel when there's need to pay for its use is mandatory

***

> In my opinion it's pretty much useless reinventing the wheel;

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] i dont know security

[PsychoBilly]

Ü Lulz
Btw > wazza 66$ shit? > http://yehg.net/
ah oh yeah
http://www.templatemonster.com/flash-templates/10730.html


> YGN is too ethical to do dns lookups! you blackhat you!!!
>
> 2010/9/8 p8x mailto:l...@p8x.net>>
>
> # host websecurity.com.ua 
> websecurity.com.ua  has address 62.149.9.65
>
>
>
> On 8/09/2010 9:00 PM, YGN Ethical Hacker Group wrote:
>  > Good job, Dude
>  >
>  > You didn't even bother to hide your track.
>  >
>  >
>  > [snip]
>  > Received: from a (shalb.com  [62.149.9.65])
>  >   by lists.grok.org.uk  (Postfix) with 
> SMTP id F1F06324
>  >   for >;
>  >   Wed,  8 Sep 2010 04:41:17 +0100 (BST)
>  >
>  > [/snip]
>  >
>  >
>  >
>  > -
>  >
>  >
>  >
>  > Delivered-To: li...@yehg.net 
>  > Received: by 10.231.139.42 with SMTP id c42cs255893ibu;
>  >  Tue, 7 Sep 2010 20:43:24 -0700 (PDT)
>  > Received: by 10.204.82.80 with SMTP id 
> a16mr4880076bkl.39.1283917403399;
>  >  Tue, 07 Sep 2010 20:43:23 -0700 (PDT)
>  > Return-Path: >
>  > Received: from lists.grok.org.uk  
> (lists.grok.org.uk  [78.109.215.201])
>  >  by mx.google.com  with ESMTP id 
> w13si19140312bkx.95.2010.09.07.20.43.22;
>  >  Tue, 07 Sep 2010 20:43:23 -0700 (PDT)
>  > Received-SPF: pass (google.com : domain of
>  > full-disclosure-boun...@lists.grok.org.uk 
>  designates 78.109.215.201 
> as
>  > permitted sender) client-ip=78.109.215.201;
>  > Authentication-Results: mx.google.com ; 
> spf=pass (google.com : domain of
>  > full-disclosure-boun...@lists.grok.org.uk 
>  designates 78.109.215.201 
> as
>  > permitted sender) smtp.mail=full-disclosure-boun...@lists.grok.org.uk 
> 
>  > Received: from lists.grok.org.uk  
> (localhost [127.0.0.1])
>  >   by lists.grok.org.uk  (Postfix) with 
> ESMTP id F02AC36A;
>  >   Wed,  8 Sep 2010 04:43:03 +0100 (BST)
>  > X-Original-To: full-disclosure@lists.grok.org.uk 
> 
>  > Delivered-To: full-disclosure@lists.grok.org.uk 
> 
>  > Received-SPF: none (lists.grok.org.uk : 
> domain of mustl...@websecurity.com.ua 
>  >   does not designate permitted sender hosts)
>  > Received: from a (shalb.com  [62.149.9.65])
>  >   by lists.grok.org.uk  (Postfix) with 
> SMTP id F1F06324
>  >   for >;
>  >   Wed,  8 Sep 2010 04:41:17 +0100 (BST)
>  > Subject: [Full-disclosure] i dont know security
>  > X-BeenThere: full-disclosure@lists.grok.org.uk 
> 
>  > Precedence: list
>  > List-Id: An unmoderated mailing list for the discussion of security 
> issues
>  >  >
>  > 
> List-Unsubscribe:,
>  >  ?subject=unsubscribe>
>  > List-Archive:
>  > List-Post: >
>  > List-Help: ?subject=help>
>  > 
> List-Subscribe:,
>  >  ?subject=subscribe>
>  > MIME-Version: 1.0
>  > Content-Type: text/plain; charset="us-ascii"
>  > Content-Transfer-Encoding: 7bit
>  > Sender: full-disclosure-boun...@lists.grok.org.uk 
> 
>  > Errors-To: full-disclosure-boun...@lists.grok.org.uk 
> 
>  > Message-Id:<20100908034303.f02ac...@lists.grok.org.uk 
> >
>  > Date: Wed,  8 Sep 2010 04:43:03 +0100 (BST)
>  > From: full-disclosure-boun...@lists.grok.org.uk 
> 

Re: [Full-disclosure] CCBILL.COM Internet billing service multiple vulnerabilities

[PsychoBilly]

Ya a HaX0RR, so Email Blind Injection should had been no Problem for you ;)


>   "It is very easy to reach our Information Security team at 
> secur...@ccbill.com ."
>
> Please show at least 1 page where this e-mail is written !

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 65, Issue 14

[PsychoBilly]

&1 Can't reply that thread, coz each time I press a key on my ZX-81, i'm 
triggering a 500ms screen refresh + oh fuck! there's no mail client for #basic
&2 Can't reply that thread, coz to read that thread, i've to decode 5ft+ of 
perforated card.
&3 Can't even be aware of that thread coz there's no mail2smoke daemon ugh!

>> Message: 4
>> Date: Fri, 09 Jul 2010 09:38:49 -0400
>> From: Iadnah
>> Subject: [Full-disclosure] Nostalgia and days gone by
>> To: full-disclosure@lists.grok.org.uk
>> Message-ID:<4c372669.4000...@uplinklounge.com>
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>
>> I know this is offtopic but...
>>
>> This is my official fuck you/middle finger to the modern world of
> computing:
>>
>> Thinkpad 600E
>> 363mhz Penitum II
>> 192MB RAM
>> 10GB HD
>> Cisco PCM340 PCMCIA card
>>
> I>'m listening to house of the rising sun on ancient speakers, using
> xmms, under slackware 13.0, with lilo (not grub), using xfce as a
> desktop manager.
>>
>> Just thought I 'd share for the old fogies and nostalgic people such as
> myself. Once in a while it feels nice to relive those days.
>>
>> ...I also own a function IBM AS/400 circa 1986.
>>
>
>
> Amen brother.  I hear the clatter of membrane keys as my Atari 400 calls
> to me.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vulnerabilities in Google

[PsychoBilly]

More like a vuln in cluster Musn'tlive
http://www.youtube.com/watch?v=0Hahlo1Bye4#t=3m35s

Response Codes:

» HTTP/1.0 301 Moved Permanently From http://is.gd/dcMxH To 
http://lmgtfy.com/?q=stfu
» HTTP/1.1 200 OK
# of Meta characters :  0# of Meta Words :  0
Text to Page Weight Ratio:  19.2%   # of Meta Keywords Words :  

Canonical Link: N/A 
Page loaded:0.487 seconds   Frame Info: No Frames
Page size:  10.4 KB Noframe Info:   
# of Words: 157 # of Frames:0
# of Body Words :   148 # of Cookies:   0
# of Images All: 4; with Alt Text: 0; without Alt Text: 4   # of Links: 
All: 10 (External: 2, Internal: 8 );No Follow: 0?
External Links

1. http://twitter.com/lmgtfy
2. http://live.lmgtfy.com

Internal Links

1. #
2. #
3. #
4. #
5. #
6. privacy.html
7. 
mailto:%73%74%61%66...@%6c%6d%67%74%66%79.%63%6f%6d?body=jim%20and%20ryan%20are%20awesome%21&subject=I%20love%20LMGTFY%21
8. advertise.html

No-Follow Links

Robots.txt  no  IP address :209.20.88.2
favicon.ico file: yes ; script: yes Country:United States
# of External JavaScript:   3   # of Imagemaps: 0
# of Objects (Flash):   0   Clickstream Reporting:  [Google 
Analytics]


 >>> [http://www.seo-browser.com/showdetail.php?type=6&link=http://lmgtfy.com/?q=stfu]

http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd";>

   
 
 
 
 
 
 
 
 Let me google that for you
 
 
 
   * { font-family: arial, sans-serif; }

   body { background-color: white; color: #33; }

   #logo { margin-top: -1em; position: relative; top: 2em; }

   .logo { font-size: 1.5em; color: #44; }

   input { -moz-box-sizing: content-box; font-family: inherit; }

   input.text { background: white; border: 1px solid #cc; 
border-bottom-color: #99; border-right-color: #99; color: black; font: 
18px arial, sans-serif bold; height: 25px; margin: 0; padding: 5px 8px 0 6px; 
vertical-align: top; }

   input.text:focus { outline: none; }

   input#search, input#lucky { background: 
url("http://www.google.com/images/srpr/nav_logo13.png";) repeat scroll center 
bottom transparent; border: medium none; color: black; cursor: pointer; font: 
15px arial, sans-serif; height: 30px; margin: 0; 
outline: 0 none; vertical-align: top; }

   .button_wrapper { border-bottom: 1px solid #e7e7e7; border-right: 1px 
solid #e7e7e7; display: inline-block; margin: 3px 0 4px 4px; }
   .button_wrapper .inner { background: none repeat scroll 0 0 #ee; 
border-color: #cc #99 #99 #cc; border-style: solid; 
border-width: 1px; display: block; height: 30px; }

   #fake_mouse { position: absolute; top: 100px; left: 100px; }

   #instructions { margin-top: 40px; font-size: 1.1em; color: #99; 
width: 350; height: 84px; background: transparent 
url(images/instructions_bg.png) no-repeat top center; }
   #instructions div { line-height: 84px; }

   #link_placeholder { height: 90px; }

   #link { position: absolute; display: none; padding-bottom: 28px; }

   input.link { width: 312px; font-size: 1.2em; text-align: center; border: 
1px solid #c2c9ff; color: #55; background-color: #f4fbff; cursor: pointer; }

   #footer { margin-top: 40px; color: #99; border-top: solid 1px 
#dd; padding-top: 0.5em; text-align: center; }
   #footer a { color: #99; text-decoration: none; padding: 0 1em; }
   #footer a:hover { text-decoration: underline; }

   #about { margin-top: 0.5em; color: #66; text-align: center; }

   #language { margin-top: 1em; color: #66; text-align: center; 
background: white url(/images/worldwide.png) no-repeat center; }
   #language select { width: 200px; opacity: 0; }

   #copyright { margin-top: 40px; padding: 0.25em; text-align: center; 
font-size: 0.75em; color: #bb; background-color: white; }

   #link_buttons, #link_message { position: absolute; display: none; }

   a.link_button { display: block; float: left; width: 60px; height: 20px; 
margin: 0 2px; padding: 5px 0; background: transparent 
url(images/link_button.png) no-repeat center center; color: white; line-height: 
20px; text-align: center; font-size: 
0.8em; text-decoration: none; }
   a.link_button:hover { background-image: 
url(images/link_button_hover.png); }

   #link_message { z-index: 99; width: 332px; height: 32px; background: 
url(images/link_message.png); color: white; line-height: 32px; text-align: 
center; font-size: 1em; }

   #sponsor { display: none; margin: 0 auto; text-align: center; font-size: 
0.9em; }
   #sp

Re: [Full-disclosure] Blackberry pwd hack or reset

[PsychoBilly]

Hello Alone
Please go Fuck with your stolen phone
+ #DIE there
crackberry.com


> Hello everyone;
>
> Not sure if my first email went though.
>
> Well I was given a blackberry which was locked.
>
>I was woundering if their was another method to hack or reset a
> black berry password without an OS reinstallation?
>
>
> Sent from my iPhone
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] DoS vulnerability in Internet Explorer

[PsychoBilly]

This had already been published
http://www.pewy.fr/hamster.html

  Cluster #[[   Laurent Gaffie   ]] possibly emitted, 
@Time [[   01/06/2010 16:00   ]] The Following #String  **
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Sorry Mustlive,
> i understand you need to see this in clear text finaly.
> I guess ascii is the best to communicate with you;
>
>
> Hello Full-Disclosure!
>
> I want to warn you about a Denial of Service in every browser finaly !!!
>
> It actually affect every browser with a javascript engine  build in !!!
>
> Adobe may be vulnerable to 
>
> PoC :
>
> 
> 0n0z
> 
> 
> for (i=0;i<65535;i++) {
> alert('0n0z mustlive got you, now you're fucked, the only solution is
> to restart your browser or be faster than JS !!!');
> }
> 
> 
> 
>
>
> Greetz to mustl...@oswap.com.ua
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBAgAGBQJMBRJkAAoJEEESJ0AJ05HwJpYQAI84bDG8fNbq4lYjomqD3+Wf
> 29VzhaQt39FF2ERwh7sDYkc5wdw/DWfAC5SpwdVtr/0wDW0dyZV36RfJyUixysce
> weKx5wztjjwzk4yQF61v8DXz7MEWLhuYv9fTGcw9LKpnDm9/Z0YZ6ObKp8dE9A11
> 1E4xzAByLYpEdTQyxosMsJ336oJgTc3NrjDiPJGoxOb65epLlc07aEaP7ZA7jE/J
> i+M0ukNl8CKAryGs8DhDf+5fkJf1wcqOUoxK4mJ4nPe0IhhoQ+FUizB04E7MpK8P
> OisvgW8I6tdGurJTfux14Jj6NZXBuL0ww65e3vfgOrm8WRtKPrbwiRd1nk8NqsCC
> Nz5UBxEr32YhEUdgoXPj8ZleBbvLL0z0PVoRtbBSyKABih8OUwPMUpa0WkpMno+x
> gcG7vmO/bIr5wEjRGlK9NglCMqKNWzRk2f03KGIM2MMetB7KLvR/Kir3rL2n8a4k
> nLj/EYRm4orHzIDtR/Fr8LixJPr1wwpi53OOPJEcpjDvud4sOKcfUPSb7cckc7wQ
> vBPCNjPZ1D8V3GzJhE7+NHVVl8wUDwKodu0ejDmzJ2K7L1nLDiI9GStA8Xof98ne
> 4ZBLA3lCRsbcYDdE0cvqwMa+xyx7KUcMy5M8vimyTGpIhnFF2+ScdFgFzrDIEtNH
> g+1w9Kvgr12i+aEmD2Me
> =v3oL
> -END PGP SIGNATURE-
>
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] The_UT is repenting

[PsychoBilly]

http://profile.ak.fbcdn.net/v229/1642/63/n680245330_5800.jpg
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] JavaScript exploits via source code disclosure

[PsychoBilly]

  Cluster #[[   Marsh Ray   ]] possibly emitted, @Time 
[[   06/05/2010 17:42   ]] The Following #String  **
>
> Adversary simply modifies your page in transit to not use the
> 'jcryption', or to leak him a copy of the session key.

Tss Tss, I'm not stating client-side javascript is secure / can be obfuscated.
Just provided a hint

1 - let's say it's a customer login area
Case 1: legitimate user > usr+pw are transmitted encrypted, then ajax get/post 
calls are then still encrypted + each request is followed by a valid encrypted 
client session ID.
Case 2: Opponent > trying to exploit login > the pb here is getting thru / not 
JS related // trying to exploit the ass > does not know any valid encrypted 
session ID > server side can drop this with minimum ressource.
- not using encryption: server-side script drops connection ( as it has the 
duty to decrypt posts )
- leak a session key: ok, fine the opponent does have a unique ID that leads 
him to a login area.

2 - There's no login: it's an API // forget js because, yes, all the logic is 
in the oponent hands & executed on opponent machine ( so source encryption is 
useless ).

3- nobody can guess where/what is open on target machine, a proxy is giving one 
port/valid encrypted ID or just drops connection.

>
> This kind of thing will only deter people who don't know any better or
> people with little motivation to care about your data anyway. Using it
> is only an admission that you are either incompetent or don't have
> anything worth the slightest effort to steal.
>
> - Marsh

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] JavaScript exploits via source code disclosure

[PsychoBilly]

http://www.jcryption.org/

  Cluster #[[   Ed Carp   ]] possibly emitted, @Time [[ 
  06/05/2010 10:03   ]] The Following #String  **
> Just for clarification, the business wants to put client-side
> Javascript on a customer-facing web site, and it's my job to figure
> out how to protect the back-end web services...sigh...
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] go public to avoid jail

[PsychoBilly]

I got the final point of this all: /!\ 100% true statement /!\

GO TO JAIL TO AVOID PUBLIC


Cluster #[[   mutiny   ]] possibly emitted, @Time [[   04/05/2010 02:09   ]] 
The Following #String
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Way to over stretch what he was talking about.  Stop trying to ban
> shit, you're not solving any problems.  Didn't we already do the
> blacklist thing a hundred thousand times?

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] go public to avoid jail

[PsychoBilly]

  Cluster #[[   J Roger   ]] possibly emitted, @Time [[ 
  03/05/2010 22:09   ]] The Following #String  **
> There were excerpts in the Wired article, and there are more in the
> court record
>
>
> One has to begin wondering:
>
> A) Why did Gonzales keep logs of incriminating evidence against himself
> and his friends in the first place?
> B) What motivation did Gonzales have for rolling over on Stephen like
> that? Given Stephen's minor involvement in the case, it seems like
> Gonzales wouldn't get much by way of a plea deal by turning him in.
> C) Another Wired article states that Gonzales was an informer paid an
> annual salary by the Secret Service. This revelation apparently was
> brought to light by Stephen himself. Did The_UT know this was the case
> before his arrest or only after? If he knew these circumstances prior to
> his arrest then why would he be willing to create a custom tool for a
> person he knows is informing on people?

Rather simple:
1- G is known to have links with agencies.
2- He's giving info-dumps about scene since a long time after being caught once 
( and to avoid 'divine retribution' )
3- the_UT thought those relations would act as a magic voodoo talisman.
4- Gonzales played dirty, to relax charges a little, there's why logs were 
logged ( yes, associals friendship, my friends, well, just sucks... )

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] go public to avoid jail

[PsychoBilly]

Cluster #[[   J Roger   ]] possibly emitted, @Time [[   03/05/2010 19:29   ]]

> If the tool was released publicly, and not just to Mr. Gonzales, would
> the prosecution be able to prove beyond a reasonable doubt[ ... ]  Releasing 
> the tool publicly could help the
> defense argue the point that he was told beforehand, that he knew it
> would be used to rip people off, etc.

Well, grab google and read circa line 18
http://www.phrack.com/issues.html?issue=65&id=2#article

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] go public to avoid jail

[PsychoBilly]

My point is not "this guy is innocent, free SW! "
My point here is: what legally sums as sufficient charges to shade you for 5 
years ( 1800 days ) when you're 25 and actually didn't commited any dump ( 
4000K ).
For now & as far as he's shaded, his own schadenfreude will be his best friend.

[[   Ed Carp   ]] possibly emitted, @Time [[   03/05/2010 11:52   ]] The 
Following #String
> How about not writing a hacking tool in the first place that you know
> will be used to rip other people off??  Wow...what a concept...OF
> COURSE he knew the code he was writing was going to be used to rip
> people off.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] go public to avoid jail

[PsychoBilly]

The_UT went to jail because his Gonzales m8 kindly supplied irc logs of their 
chats to the fed // not for coding a tool.
The jury recused the "not knowing" defense strategy on that base.

[[   J Roger   ]] possibly emitted, @Time [[   28/04/2010 00:48   ]] The 
Following #String
> jail.
>
> According to the following (dated) Wired article,
> http://www.wired.com/threatlevel/2009/12/stephen-watt/ Stephen Watt got
> screwed because he supplied his friend with a software tool he wrote and
> his friend used it to commit a crime.
>
> Had Stephen released his tool to the public (with as much or as little
> fanfare as he liked) would he still have gone to jail?
>
> He could make a good argument for legitimate uses of his tool as well.
> It would be useful for anyone performing a PCI penetration test in
> compliance with PCI DSS 11.3
>
> Remember kids, sharing is caring (that you not spend the next 2 years in
> federal prison)
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Please Welcome SuperFB ( and ignore this message )

[PsychoBilly]

http://www.facebook.com/help/?page=174
<< What can I do if my group has been hacked?
Please note that is not technically possible to hack a Facebook group >>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Paypal XSS Vulnerability - Resolved

[PsychoBilly]

Get back Moxie Marlinspike's Cash first!

On Fri, March 29, 2010 10:49 pm, Orbeton, Jon wrote:
The theft reported above will be adressed at approximately NEVEr wahwhahwhhah 
you loose!


  Cluster #[[   Randal T. Rioux   ]] possibly 
emitted, @Time [[   28/03/2010 06:12   ]] The Following #String  
**

I find it humorous that an organization that pretends to be a bank and
regularly steals money from its members has the balls to distribute a
"PayPal Responsible Disclosure Policy."

Good luck with that.

Randy


On Fri, March 26, 2010 10:49 pm, Orbeton, Jon wrote:
   

All:

The XSS vulnerability reported below was addressed at approximately 17:45
PDT today.

For information about how to report security issues to PayPal, please
refer to the PayPal Responsible Disclosure Policy documented here:
https://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/securitycenter/general/ReportingSecurityIssues-outside

Site security issues should be reported to:
   sitesecur...@paypal.com

All reports will be handled professionally and quickly. A PGP key is
available at the URL above.


Thanks,
Jon Orbeton

PayPal, an eBay Company



From: Wesley Kerfoot
Date: Fri, 26 Mar 2010 15:46:09 -0400

Paypal is affected by an XSS vulnerability where it fails to validate
input for the following url:

https://www.paypal.com/xclick/business=

One can add arbitrary javascript with no need for any filter evasion.

 https://www.paypal.com/xclick/business=  alert("xss");



As far as I know only the above url is affected. All of the usual XSS
attacks will work with this.

Cheers.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
   


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Hackito Ergo Sum Conference (Paris 8-10 April 2010) : Schedule

[PsychoBilly]

  Cluster #[[   Jonathan Brossard   ]] possibly 
emitted, @Time [[   25/03/2010 00:13   ]] The Following #String  
**

Capture the Flag


Spot the Fed contest


Is that a sort of frenchie defcon 1:20 blueprint?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] The feeling of being followed is horrible. Need freedom from survellience. Please god help.

[PsychoBilly]

Would recommand you go for a film
As imaginary is the best place to hide
Then Die() in flames.
(Btw using rocketmail in 2010 is sooo retro-zukunft! )

  Cluster #[[   Andrew Walberg   ]] possibly 
emitted, @Time [[   21/03/2010 18:38   ]] The Following #String  
**
I need more control of my life. I don't know why I got people 
following me and pointing out my car in my parking lot, but they are 
planning some plot. I don't know what they're thinking but they're 
probably building up more conspiracy theories about me.


Perhaps its because of posts I made on here that made them curious. 
It's only a matter of time until it intensifies.


I can't take this. I already had this happen to me in the last city I 
lived in. They took all this ambigious garbage and soon as you know I 
have friends asking if I do drugs, going into my medicine cabinets, 
asking if I'm a hacker. etc.


I can't live a life like this guys.

I just need to feel more anonymous. Not necessarily underground, but I 
need to be able to live free without survellience.


Does living in the big city give you more anonymity?

Someone please god help.

I need ideas. I'm not a criminal. I've done nothing wrong. Give me tips.


__
Do You Yahoo!?

No i'm not, archlohr!
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden 
Schutz gegen Massenmails.

http://mail.yahoo.com


___
Full-Disclosure - We believe in it.
Charter:http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/