Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

2005-11-02 Thread milw0rm Inc. 
I am actually enjoying this thread.  The shut the fuck up 11 times
repeated was priceless.

Now on another note.  Juan, we don't want emails from you to
full-disclosure whining about class101's 11 fuck u repeats k thnx.

/str0ke

On 11/2/05, J u a n <[EMAIL PROTECTED]> wrote:
> On 11/2/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > This appear much correct than to say it is not working on ie6 98se... Im
> > doing a snapshot to prove I haven't made a mistake.
> >
>
> no one care if you've made a mistake or not, is it really that
> important to you to prove yourself right?
> I don't care for messages like this either:
> "Again shut the fuck up , it also crashes on 98SE I have it here IDIOT."
> (repeated 11 times).
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FireFox Host: Buffer Overflow is not just exploitable on FireFox

2005-09-16 Thread milw0rm Inc. 
This problem also effects Thunderbird (tested) and im guessing
Netscape's Mail client (untested) which it really can't do much except
cause Thunderbird/Netscape to crash without javascript.

Include the linked source in an email for your testing.

http://www.milw0rm.com/down.php?id=1204

/str0ke

On 9/13/05, Juha-Matti Laurio <[EMAIL PROTECTED]> wrote:
> >Hi all,
> >Research and development has let to a ~90% reliable working exploit for the
> >IDN Heap Buffer overrun in FireFox on WinXP and Win2k3 as long as DEP is
> >turned off and JavaScript is enabled. Some tweaking might yield an even
> >higher success ratio. It has also revealed that not only FireFox is
> >vulnerable to this vulnerability, but the exact same exploit works on the
> >latest releases of all these products based on the Mozilla engine:
> >- Mozilla FireFox 1.0.6 and 1.5beta,
> >- Mozilla Browser 1.7.11,
> >- Netscape 8.0.3.3 .
> >Recommendations for this vulnerability:
> >- FireFox and Mozilla: Install the workaround for (
> https://addons.mozilla.org/messages/307259.html).
> >- Netscape: hope they'll respond to this email and release a workaround.
> >- Wait for a patch and install it asap.
> >Recommendations to make it harder to exploit any FireFox vulnerability:
> >- Turn on DEP (Data Execution Prevention),
> >- Turn off JavaScript,
> >- Switch to another browser,
> >- Do not browse untrusted sites,
> >- Do not browse the web at all,
> >- Unplug your machine from the web,
> >- Wear a tinfoil hat.
> >Cheers,
> >SkyLined
> 
> BTW: From where is that security [at] netscape.org address?
> 1)
> An official security URL to Netscape is "Netscape Browser Bug Submission
> Form" at
> http://browser.netscape.com/ns8/support/bugreport.jsp
> (www.netscape.org redirects to home.netscape.com/ , of course they have
> netscape.org, netscape.net etc.)
> 
> For version 7.2 (and 7.x?) it is the following:
> http://wp.netscape.com/browsers/7/feedback/problem.html
> Two separate addresses due to different developer teams, according to
> my knowledge. Is there any new information?
> 
> I have informed the vendor Netscape being affected on 9th September 2005.
> 
> 2)
> Disabling IDN support via about:config (or prefs.js file) is possible in
> Netscape Browser 8 too. Xpi file for Firefox and Mozilla Suite works in
> Netscape 8.0.3.3 too. Test was successful and even UA was changed to
> include Gecko/20050729 (No IDN) Netscape/8.0.3.3.
> However, the manual method is recommended.
> I.e. there is a workaround for Netscape. Vendor developer team contacted
> during a weekend, no reply yet.
> 
> 3)
> When an updated version of Netscape Browser 8 is available the download
> link is http://browser.netscape.com/ns8/download/default.jsp
> 
> - Juha-Matti
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Mozilla Firefox "Host:" Buffer Overflow

2005-09-09 Thread milw0rm Inc. 
Netscape 4.76 not affected.

/str0ke

On 9/9/05, Jerome Athias <[EMAIL PROTECTED]> wrote:
> btw Netscape is also affected...
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] BBCode [IMG] [/IMG ] Tag Vulnerability

2005-08-22 Thread milw0rm Inc. 
alrighty,

How can this be done with header location being called in the middle
of the page?

http://www.site.biz/test/test.jpg"; border="0" /> 

Tested on phpbb 2.0.17 default install with a no go.

/str0ke

On 8/21/05, h4cky0u <[EMAIL PROTECTED]> wrote:
> Hi,
> 
> Saw this one on www.waraxe.us (Discovered by Easyex) and i was
> thinking if there are some more possibilities using the method
> described. The POC below is for phpBB. -
> 
> ==
> make yourself a folder on your host
> rename the folder to signature.jpg
> this will trick bbcode that its an image file.
> 
> example http://sitewithmaliciouscode/signature.jpg
> 
> inside that folder .. put this code ..
> and rename it to index.php file.
> 
> Quote:
>  header("Location: http://hosttobeexploited/phpBB/login.php?logout=true";);
> exit;
> ?>
> 
> this will make every visitor getting logout when they view the thread that
> have image linked to this.
> ===
> 
> 
> This seems to be working on almost all the scripts using BBcode.
> Successfully tested on vBulletin 3.0.7 and phpBB 2.0.17 when used the
> image link to the folder with the malicious code as the forum
> signature. What i was wondering is there anything more serious than
> logging out the users that can be done with this? The admin folders of
> ipb and phpbb need reauthentication. So nothing serious for them but
> anything more innovative that could be done? And any way to fix this?
> 
> Regards,
> --
> http://www.h4cky0u.org
> (In)Security at its best...
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Internet Explorer 0-Day

2005-08-19 Thread milw0rm Inc. 
Who here has actually made this bug work tested on 10 machines with nothing.

msdss.dll (what dll info if so)

/str0ke

On 8/18/05, Aaron J. Bedra <[EMAIL PROTECTED]> wrote:
> Just use netcat to listen for a shell from that port on that machine. I
> have tried this already, and it all works out.
> 
> Thanks for the orig proof of concept shellcode!
> 
> Aaron J. Bedra
> 
> 
> 
> 
> On Thu, 2005-08-18 at 11:51 -0400, Ragone_Andrew wrote:
> > Once you hit a system with msdss.dll with the code on FrSIRT, how
> > would you access the shell. I am assuming
> >
> > telnet [ip  addr] 28876
> >
> >
> > -Andrew
> >
> >
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] IMAP scans? Something going on I should knowabout?

2005-08-14 Thread milw0rm Inc. 
List of what I have for imapd vulns.

Look both at the Description and Code sections.

http://www.milw0rm.com/search.php?dong=imapd

/str0ke

On 8/14/05, Aditya Deshmukh
<[EMAIL PROTECTED]> wrote:
> My personal logs for imap scan for last 3 days -
> 
> 11/08/2005 10:47:29 IMAP: (Accept) Receiving from 218.47.179.77
> 11/08/2005 10:48:00 IMAP: (Accept) Receiving from 218.47.179.77
> 12/08/2005 10:31:06 IMAP: (Accept) Receiving from 220.224.38.222
> 12/08/2005 14:00:34 IMAP: (Accept) Receiving from 61.155.62.178
> 12/08/2005 14:00:35 IMAP: (Accept) Receiving from 61.155.62.178
> 12/08/2005 14:08:57 IMAP: (Accept) Receiving from 61.155.62.178
> 12/08/2005 14:08:58 IMAP: (Accept) Receiving from 61.155.62.178
> 12/08/2005 19:11:59 IMAP: (Accept) Receiving from 220.224.1.25
> 13/08/2005 07:17:36 IMAP: (Accept) Receiving from 220.224.3.145
> 13/08/2005 12:09:46 IMAP: (Accept) Receiving from 220.224.48.17
> 13/08/2005 13:37:34 IMAP: (Accept) Receiving from 61.155.62.178
> 13/08/2005 13:37:36 IMAP: (Accept) Receiving from 61.155.62.178
> 13/08/2005 13:49:08 IMAP: (Accept) Receiving from 220.224.0.106
> 13/08/2005 17:03:32 IMAP: (Accept) Receiving from 220.224.0.214
> 13/08/2005 17:03:35 IMAP: (Accept) Receiving from 220.224.0.214
> 13/08/2005 18:44:57 IMAP: (Accept) Receiving from 220.224.36.248
> 13/08/2005 18:45:00 IMAP: (Accept) Receiving from 220.224.36.248
> 13/08/2005 22:23:22 IMAP: (Accept) Receiving from 220.224.21.178
> 13/08/2005 22:53:11 IMAP: (Accept) Receiving from 220.224.0.173
> 13/08/2005 22:53:14 IMAP: (Accept) Receiving from 220.224.0.173
> 14/08/2005 01:38:45 IMAP: (Accept) Receiving from 220.224.17.140
> 14/08/2005 01:38:47 IMAP: (Accept) Receiving from 220.224.17.140
> 14/08/2005 11:39:52 IMAP: (Accept) Receiving from 61.155.62.178
> 14/08/2005 11:39:53 IMAP: (Accept) Receiving from 61.155.62.178
> 14/08/2005 11:45:31 IMAP: (Accept) Receiving from 58.1.64.17
> 14/08/2005 11:45:33 IMAP: (Accept) Receiving from 58.1.64.17
> 14/08/2005 13:07:19 IMAP: (Accept) Receiving from 220.224.2.50
> 14/08/2005 13:07:29 IMAP: (Accept) Receiving from 220.224.2.50
> 14/08/2005 15:08:35 IMAP: (Accept) Receiving from 220.224.41.75
> 14/08/2005 16:40:42 IMAP: (Accept) Receiving from 220.175.143.169
> 14/08/2005 16:40:44 IMAP: (Accept) Receiving from 220.175.143.169
> 14/08/2005 16:42:02 IMAP: (Accept) Receiving from 220.224.11.220
> 14/08/2005 16:42:10 IMAP: (Accept) Receiving from 220.224.11.220
> 14/08/2005 17:19:17 IMAP: (Accept) Receiving from 220.224.42.213
> 14/08/2005 21:58:15 IMAP: (Accept) Receiving from 219.65.238.37
> 14/08/2005 21:58:18 IMAP: (Accept) Receiving from 219.65.238.37
> 
> > Anything going on out there that I've missed?  Thanks!
> 
> I would like to know is there some imap exploit floating about ?
> I am trying to get a packet dump I will post as soon as I get one.
> I have set the next alert to be logged with the packet dump
> 
> Can anyone else also get a packet dump for correlation ?
> 
> - Aditya
> 
> 
> begin 666 smime.p7s
> M,( &"2J&2(;W#0$'`J" ,( "`0$Q"S )[EMAIL PROTECTED]@,"&@4`,( &"2J&2(;W#0$'
> M`0``H(()?3""`P4P@@)NH ,"`0("`P]$"# [EMAIL PROTECTED]&]PT!`00%`#!B,0LP
> M"08#500&$P):03$E,",&`U4$"A,<5&AA=W1E($-O;G-U;'1I;F<@*%!T>2D@
> M3'1D+C$L,"H&`U4$`Q,C5&AA=W1E(%!E M;F<@0T$P'A<-,#4P.# X,#0T.#0V6A<-,#8P.# X,#0T.#0V6C!>,1\P'08#
> M500#$Q94:&%W=&[EMAIL PROTECTED])E96UA:[EMAIL 
> PROTECTED],3LP.08)*H9(AO<-`0D!%BQA
> M9&ET>6$N9&5S:&UU:VA ;VYL:6YE+F=A=&5W87DN M`2(P#08)*H9(AO<-`0$!!0`#@@$/`#""`0H"@@$!`*V[W[(L0FU!P+1;>W$3
> M#Y[VQE1?27[6O))6O0TQLW<>.T@"MP_U8N/"P@'?3-Q4J_GR0P_=0B-%7T%]
> M/_*118FW M,&\>>[EMAIL PROTECTED],1J*ZPO1$$IU5'0C]8<::RUXQP#U>TTOXC,;U"
> M0.[%) ]V#K2#6 MP6 (2;QCS9)QQIY<^9FI5T<=H6^($95*"Z"[EMAIL PROTECTED]
> M9,MC2J,`"9T3)^PF*1LSDJL"`P$``:-),$ MA^I;Y'@>AY.E&P[2_W9XX=QE<<@]*K%%\;R6?<"W&ZX2A]ZU%K",%
> MBXMM!V2R'^.5P!5 A+R&K^$(G9?,MQBX5#NX"_6) MK]YHF?3R3ET,*64XME+=L%H'.#""`RTP@@*6H ,"`0("`0`P#08)*H9(AO<-
> [EMAIL PROTECTED]"S )[EMAIL PROTECTED] 83`EI!,14P$P8#500($PQ797-T97)N($-A<&4Q
> M$C [EMAIL PROTECTED] <3"4-A<&[EMAIL 
> PROTECTED]&]W;C$:,!@&`U4$"A,15&AA=W1E($-O;G-U;'1I
> M;F M)# [EMAIL PROTECTED] ,3&U1H87=T92!097)S;VYA;"!& M2(;W#0$)`18<<&5R%PTY-C Q
> M,#$P,# P,#!:%PTR,#$R,S$R,S4Y-3E:,('1,0LP"08#500&$P):03$5,!,&
> M`U4$"!,,5V5S=&5R;B!#87!E,1(P$ 8#500'$PE#87!E(%1O=VXQ&C [EMAIL PROTECTED]
> M! H3$51H87=T92!#;VYS=6QT:6YG,[EMAIL PROTECTED])@8#500+$Q]#97)T:69I8V%T:6]N
> M(%-E M1G)E96UA:[EMAIL PROTECTED] [EMAIL PROTECTED]&]PT!"0$6''!E M0'1H87=T92YC;[EMAIL PROTECTED])*H9(AO<[EMAIL PROTECTED],(&)`H&!`-1IU]2P
> ME&1;<>E'V Q1MNIRD;"$7GTM#8][$M^%)74H=#I"+&,GGY5[2^]^&8<=ANJC
> MW;G.EF0:PA1N1*Q\YH_H30]Q'T XI@"CAWCV^92&7JWJP%YVZ]D4HUUN>GP,
> MI4M5?P89*7^>FB;5:KLX) AJF,>QVJ.8D?UYV^5:Q!RY`@,!``&C$S 1, \&
> M`U4=$P$!_P0%, ,!`?\P#08)*H9(AO<[EMAIL PROTECTED]:E9V(J
> MI/!-$6#0;[EMAIL PROTECTED]&&L)KM2-5P(SS#[J$J6BA]B0B.,%P_TNF2<%ZQ'*=^=F%[2
> M;&!Q7**LW'GCYVX`1Q^U#2CH`IWDFOT3]*;9?+'XW%\C)@F1@'/0%!O>0ZF#
> M)?+FG"\5ROZFJXH'=8L,W5&$:^3XT PROTECTED], T&
> M"2J&2(;W#0$!!04`,('1,0LP"08#500&$P):0

Re: [Full-disclosure] Bluetooth: Theft of Link Keys for Fun and Profit?

2005-08-12 Thread milw0rm Inc. 
Nice work KF.

/str0ke

On 8/12/05, Adam Laurie <[EMAIL PROTECTED]> wrote:
> KF (lists) wrote:
> > Adam Laurie wrote:
> >
> >>
> >> Excuse me? You are skipping over the only important bit of your
> >> "disclosure"!
> >
> >
> > When did I claim this was a "disclosure", this was simply some notes
> > that I have jotted down while messing around with bluetooth link keys. I
> > was not "disclosing" and new vulnerabilities, I am simply documenting
> > how things can be done after you have obtained a link key. I have not
> > seen any documentation on this anywhere so I figured I would create it.
> 
> My apologies - I took the posting to "full-disclosure" too literally...
> You are right - background info is also useful for those that are
> starting to get into this (rich) field of research...
> 
> > If I could get  some valid non pseudo code to calculate e22 and e21 I
> > would gladly release some of my own.  Apart from generic pseudo code I
> > haven't seen any. Maybe you would like to share yours with the rest of us?
> 
> I do not have that code, but I know it exists...
> 
> >
> >> Apart from a $10,000 sniffer?
> >>
> > Mine was only $1600, sounds like you got ripped off. =]
> 
> Heh. No, mine cost me $0.00 :)
> 
> >> Please explain - if you're "stealing" a key from a machine you're
> >> running hcid on, then you already own that key anyway, surely?
> >
> >
> >
> > Who said I was stealing it from the machine I am running hcid on?
> >
> > Which would in turn allow a remote attacker to run commands on the
> > machine running hcid.
> >
> > Maybe it would make you feel better if I said I took root on a linux box
> > that I did not own and stole the /etc/blueooth/link_keys file.
> >
> > Or perhaps I stole /var/root/Library/Preferences/blued.plist off an OSX
> > machine.
> >
> > I could have even taken it from \HKLM\SOFTWARE\Widcomm\BtConfig\Devices\
> > on a windows box that I had previously broken into.
> >
> 
> Fair point. Leverage one vulnerability to exploit another, and you have
> a useful attack.
> 
> >>
> >>
> >> You could try the "bdaddr" tool in the BlueZ package.
> >>
> > Good info! Is that documented somewhere or is it like the Ericsson
> > opcode that was mysteriously left out of the documentation?
> 
> AFAIK 'bdaddr -h' and the source are the only docs, but it works with
> all of the dongles I've tried it with (all CSR based). Check with Marcel
> for full capabilities, but I know it supports Ericsson, CSR and Zeevo.
> 
> Once again, my apologies if I came across too critical - I really was
> looking at your post from the wrong angle...
> 
> cheers,
> Adam
> --
> Adam Laurie Tel: +44 (0) 20 7605 7000
> The Bunker Secure Hosting Ltd.  Fax: +44 (0) 20 7605 7099
> Shepherds Building  http://www.thebunker.net
> Rockley Road
> London W14 0DA  mailto:[EMAIL PROTECTED]
> UNITED KINGDOM  PGP key on keyservers
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] The best 0-day exploit source

2005-08-10 Thread milw0rm Inc. 
Ill take your cash for 0day ;P

/str0ke

On 8/10/05, Ahmad N <[EMAIL PROTECTED]> wrote:
> Hi there, 
>   
> I'm looking for the best 0-day exploit source, a source I can really count 
> on for the newest and most reliable exploits. 
>   
> can anybody suggest a website??? 
>   
> Thx 
> ___
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Cisco IOS Shellcode Presentation

2005-08-01 Thread milw0rm Inc. 
You must actually be on the Cindy Crawford mailing list then?  lmfao.

/str0ke

On 8/1/05, John Kinsella <[EMAIL PROTECTED]> wrote:
> This is getting like the Cindy Crawford mailing list...
> 
> On Mon, Aug 01, 2005 at 03:55:02PM +0300, [EMAIL PROTECTED] wrote:
> > hi to all
> >
> > can someone send me the famous Cisco IOS Shellcode Presentation ??
> > please..
> > my mail is [EMAIL PROTECTED]
> >
> >
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Cisco IOS Shellcode Presentation

2005-08-01 Thread milw0rm Inc. 
http://www.milw0rm.com/sploits/lynn-cisco.pdf

/str0ke

On 8/1/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> you didn't search a lot , do you know of google ? because I'm not
> sure fd is owning the searching market :>
> 
> http://www.google.com/search?hl=en&lr=&q=lynn+cisco+pdf
> 
> 
> At 14:55 01/08/05, [EMAIL PROTECTED] wrote:
> >hi to all
> >
> >can someone send me the famous Cisco IOS Shellcode Presentation ??
> >please..
> >my mail is [EMAIL PROTECTED]
> >
> >
> >
> >___
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
> 
> KEY: 0xA7C69C5F
> PRINT: 694C 3495 BCC4 2F8B D794  6BD4 AF8B 457B A7C6 9C5F
> 
> 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2rc2 (MingW32)
> 
> iQIVAwUBQu4fQK+LRXunxpxfAQK7VxAAmfSu2sLCkazkcqhLM6d5bpPGDjwQpudB
> JY4NVxJZzpyCpiSDBt4j9Pwyxvn7IQRJVwt1knypyGMESWTWeYUNYZrx1YZ1z3Ep
> +B+dY7u924FMNLiATkH7j6yWpjTD9rllmDOQxVFQ13GJRPN+noKKaaY6FvqA320s
> UyVUw6DBa6cO37TgnJgv0t4GuWSh4hVb6sevc9/0v6djdY8yc3pmPYckuIuJaFWL
> EYPmTS/K53AywL0+xgveubKzHwn1oDAoPzaH2KyiLxeXEaieyVDMAfSDAIxznNm1
> d11YvmJTU7bWWwIVw2B+wbySWfMxxjYN/wVaT6FV46VK60Mw70r6E2Uo9jboGc8F
> DgvUB2KocMEyoCAbf9vom0TkHsgw096JGBD7tNuikrNIKFDfiJg4Jhi3ne1+dE8j
> 1JZyLZJNXLGKyn9rV2qremAU4W/Gf534L4u3hrACTiiQjmW1sP0o+Yw8bxIxuXYy
> pdur3DRlnaB44Sa/RXcd72BWSdkMpIYRw2l2swSUc7HVz1eqH5Tx5kPsSwUv2xCn
> HmrjnnQCo8pZOesfrRvhvLNbaC1CD37B/Bw73R/vfHaiN1y6UURZX4pYEjsQlt82
> tkT2l2wI1f2kURX0wjnrF3C2cMypU08aEYxN4sOmThI/BetxD4sr5zrCAdj4kBRY
> zMnx0BqVYdo=
> =VD5+
> -END PGP SIGNATURE-
> 
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] INFOHACKING and illusion brazilian b0ys ownage

2005-07-26 Thread milw0rm Inc. 
lol,

anyone notice whats wrong with the url?

/str0ke

On 7/26/05, Hugo Vazquez Carapez <[EMAIL PROTECTED]> wrote:
> The main website of the squid proxy  (www.squid.org) was compromised
> and defaced by "llusion brazilian b0ys" and me (INFOHACKING.com) .
> 
> We do the defacement and all files in the CVS are backdored!!
> 
> MUAHAHAHAHA
> 
> 1.1 What is Squid?
> 
> Squid is a high-performance proxy caching server for web clients,
> supporting FTP, gopher, and HTTP data objects. Unlike traditional
> caching software, Squid handles all requests in a single,
> non-blocking, I/O-driven process.
> 
> Squid keeps meta data and especially hot objects cached in RAM, caches
> DNS lookups, supports non-blocking DNS lookups, and implements
> negative caching of failed requests.
> 
> Squid supports SSL, extensive access controls, and full request
> logging. By using the lightweight Internet Cache Protocol, Squid
> caches can be arranged in a hierarchy or mesh for additional bandwidth
> savings.
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Security of phpBB

2005-06-21 Thread milw0rm Inc. 
Nick,

Its in the development stages right now.  I am currently waiting on 24
machines to finish up the rainbow tables and then I will kick start
it.  There will only be 160 people waiting at a time (first come first
serve without a 30 day waiting list).  The mod updates the password
fields the second they are cracked to open up more room for others.

Should be finished by the middle of next week.

/str0ke  

On 6/21/05, nick johnson <[EMAIL PROTECTED]> wrote:
> Offtopic: str0ke, I just noticed that md5 cracker on your page, does
> that just wait for 40 hashes and do them all at once?
> 
> On 6/20/05, milw0rm Inc. <[EMAIL PROTECTED]> wrote:
> > How goes it Tom.
> >
> > The link below will show you the exploits that are out in the wild for 
> > phpbb.
> >
> > http://www.milw0rm.com/remotephp.php?it=phpBB
> >
> > Regards,
> > /str0ke
> >
> > On 6/20/05, Tom Edwards <[EMAIL PROTECTED]> wrote:
> > > Hi,
> > >
> > > I am new to this list and to security in general so please excuse my
> > > question. A friend told me that our forum software phpBB is not very 
> > > secure
> > > and told me about this. Where can I get information on that? What must I 
> > > do
> > > to make it secure?
> > >
> > > Thank you.
> > >
> > > Kind regards,
> > > Tom Edwards, Manager
> > >
> > > _
> > > MSN Hotmail. Anmelden und gewinnen! http://www.msn.de/email/webbased/ Ihre
> > > Chance, eines von 10 T-Mobile MDA II zu gewinnen!
> > >
> > > ___
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > Hosted and sponsored by Secunia - http://secunia.com/
> > >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Security of phpBB

2005-06-20 Thread milw0rm Inc. 
How goes it Tom.

The link below will show you the exploits that are out in the wild for phpbb.

http://www.milw0rm.com/remotephp.php?it=phpBB

Regards,
/str0ke

On 6/20/05, Tom Edwards <[EMAIL PROTECTED]> wrote:
> Hi,
> 
> I am new to this list and to security in general so please excuse my
> question. A friend told me that our forum software phpBB is not very secure
> and told me about this. Where can I get information on that? What must I do
> to make it secure?
> 
> Thank you.
> 
> Kind regards,
> Tom Edwards, Manager
> 
> _
> MSN Hotmail. Anmelden und gewinnen! http://www.msn.de/email/webbased/ Ihre
> Chance, eines von 10 T-Mobile MDA II zu gewinnen!
> 
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Not even the NSA can get it right

2005-05-25 Thread milw0rm Inc. 
lol are you guys joking?  They wouldn't allow an xss bug on their
website on purpose come on now.

/str0ke

On 5/25/05, James Tucker <[EMAIL PROTECTED]> wrote:
> On 5/25/05, Dan Margolis <[EMAIL PROTECTED]> wrote:
> > On Wed, May 25, 2005 at 07:47:39AM +1200, Steve Wray wrote:
> > > James Tucker wrote:
> > > > Please, define right.
> > > >
> > > > Theirs is a world of deception, therefore any judgement you make based
> > > > upon any information may be comprised of as much disinformation as
> > > > information. In effect, you can't define such things for them.
> > >
> > > absolutely, and I'm glad someone said it. So many people get so mislead
> > > by this sort of bullcrap.
> > >
> > > Whenever I read any info volunteered, or even leaked, by an organisation
> > > like that, I have to think 'what do they gain by me believing this?'
> > >
> > > They live in paranoia, fear and suspicion. Like the ninja of feudal
> > > Japan they live and die in darkness. This is no way for a human being to
> > > exist. But then I have been watching 'Shintaro the Samurai' :)
> >
> > Wait, so are you folks saying that the NSA intentionally allowed an XSS
> > bug on their Web site so that someone here would report it for some
> > unknown-to-us devious end?
> 
> No I'm saying they might have done. This is just one of many possible
> explanations fo rtheir actions, and is as viable as ANY other
> explanation. You forgot again, that we know nohting, and this means we
> can also make no inferences.
> 
> 
> 
> >
> > --
> > Dan
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/