Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
Probably in fear that said attribution would kill the notion that they actually wrote the software they're trying to sell. IMHO, none of this ranting would happen if the tool had been free to begin with. It's a long lost cause now. On Thu, Jun 23, 2011 at 8:23 PM, root ro...@fibertel.com.ar wrote: Skipfish is Apache 2.0 and Metasploit is BSD. He don't even has to release the source. The only thing missing is attribution. On 06/23/2011 03:51 AM, Sergio 'shadown' Alvarez wrote: Juan, I've seen you are using Michal Zalewski's skipfish as engine, isn't it a license violation? Cheers, Sergio On Jun 23, 2011, at 3:16 AM, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- “There's a reason we separate military and the police: one fights the enemy of the state, the other serves and protects the people. When the military becomes both, then the enemies of the state tend to become the people.” ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
Juan, I've seen you are using Michal Zalewski's skipfish as engine, isn't it a license violation? Cheers, Sergio On Jun 23, 2011, at 3:16 AM, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
Woahh... nicely picked mate... Then, they dare to then market it, (with or even withut that guys lib), i mean pros would have theyre OWn lib if they were that serious...also, somany bugs in theyre own website picked out by a...@papsy.net.. i think FD just 'opened' theyre whole setup to being disclosed nice and openly, the truth will come as always does.. It is silly to assume that, the people on FD are stupid... this is the leetest group of ppl aqnywhere,simple..and you can keep ya hats. I guess thats what happens when ya force an item there is not even a valid downloadable demo, and now seems even more shifty as a product, because, it would have to have the Lic of the other guy listed as the package,or it is lisence fraud, wich i am sure the owner of the lib will...learn of this soon... but, what a really ssucks of a company!! i mean, the person spams to here, cant that be moderated ? seriously... Is bad enough he is prolly even gonna sell from this list, specially on here, because now, even more, people will be buying it to dissect it, (wish someone would sling me a copy for sure...id be happy to handle a few files to dissect) maybe if it was in an advisory, or better yet, i dont know why Adam, did not continue to fuzz it, and just find the REMOTE hole we would all love to see ;) , wich you seemed close to doin...would have put that up them... they simply neede to cc people, or some other such crap, and they will have nonstop forever spammage on FD... Why doesnt FD mods, make some FD m,ods, wich find and search for strings, im not talking about just some av bs,spam assasin bs, im talking somethin simple, wich just finds strings and blocks...this way, could just inseert some well known spam names, and nomatter what mailer, it is blocked..or make an addon for spamassis... i guess i have not installed qmail/s.assassin and sq-mail since the old FreeBSD v5.2.1 rocks-project package... but id be happy to setup and play around with some addon that would block this kind of mail from getting thru the mailer at box level.. kinda would be nice.. I dont keepup with mail systems, but i have a relative who works in mailenable.com ,i could get it pushed onto some servers if some such app or addon is made, for mailers as a whole, or as an addon... but, it would still fundamentally be the same code behind it..string-based searching, slower,but on cron.d and done at right times,then it wont hurt to bad :) About smartest thing ive said since i botched (yes i bothced my PoC for that silly backspace bug, and it exists! But, i botched that because i should have grabbed the proper Po,wich does cause some funky emails...but, is done with backspace,and it relatively still new... but i will get to it...it is documented here on my hd, i just will makesure to do better next time, and fix that b4 posting, but, i can take that crap, what i dislike is trolling thats rude... anyhow ppls...). thats enough on either story! xd no 'fd list' bonuses/discounts or demos, just straight-out spam (no anchors) yo! On 23 June 2011 16:51, Sergio 'shadown' Alvarez shad...@gmail.com wrote: Juan, I've seen you are using Michal Zalewski's skipfish as engine, isn't it a license violation? Cheers, Sergio On Jun 23, 2011, at 3:16 AM, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
OMG! --- phocean On Thu, 23 Jun 2011 19:16:11 +1000, -= Glowing Sex =- wrote: Woahh... nicely picked mate... Then, they dare to then market it, (with or even withut that guys lib), i mean pros would have theyre OWn lib if they were that serious...also, somany bugs in theyre own website picked out by a...@papsy.net.. i think FD just 'opened' theyre whole setup to being disclosed nice and openly, the truth will come as always does.. It is silly to assume that, the people on FD are stupid... this is the leetest group of ppl aqnywhere,simple..and you can keep ya hats. I guess thats what happens when ya force an item there is not even a valid downloadable demo, and now seems even more shifty as a product, because, it would have to have the Lic of the other guy listed as the package,or it is lisence fraud, wich i am sure the owner of the lib will...learn of this soon... but, what a really ssucks of a company!! i mean, the person spams to here, cant that be moderated ? seriously... Is bad enough he is prolly even gonna sell from this list, specially on here, because now, even more, people will be buying it to dissect it, (wish someone would sling me a copy for sure...id be happy to handle a few files to dissect) maybe if it was in an advisory, or better yet, i dont know why Adam, did not continue to fuzz it, and just find the REMOTE hole we would all love to see ;) , wich you seemed close to doin...would have put that up them... they simply neede to cc people, or some other such crap, and they will have nonstop forever spammage on FD... Why doesnt FD mods, make some FD m,ods, wich find and search for strings, im not talking about just some av bs,spam assasin bs, im talking somethin simple, wich just finds strings and blocks...this way, could just inseert some well known spam names, and nomatter what mailer, it is blocked..or make an addon for spamassis... i guess i have not installed qmail/s.assassin and sq-mail since the old FreeBSD v5.2.1 rocks-project package... but id be happy to setup and play around with some addon that would block this kind of mail from getting thru the mailer at box level.. kinda would be nice.. I dont keepup with mail systems, but i have a relative who works in mailenable.com ,i could get it pushed onto some servers if some such app or addon is made, for mailers as a whole, or as an addon... but, it would still fundamentally be the same code behind it..string-based searching, slower,but on cron.d and done at right times,then it wont hurt to bad :) About smartest thing ive said since i botched (yes i bothced my PoC for that silly backspace bug, and it exists! But, i botched that because i should have grabbed the proper Po,wich does cause some funky emails...but, is done with backspace,and it relatively still new... but i will get to it...it is documented here on my hd, i just will makesure to do better next time, and fix that b4 posting, but, i can take that crap, what i dislike is trolling thats rude... anyhow ppls...). thats enough on either story! xd no 'fd list' bonuses/discounts or demos, just straight-out spam (no anchors) yo! On 23 June 2011 16:51, Sergio 'shadown' Alvarez shad...@gmail.com wrote: Juan, I've seen you are using Michal Zalewski's skipfish as engine, isn't it a license violation? Cheers, Sergio On Jun 23, 2011, at 3:16 AM, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
I think he should keep advertising here and drag his customers here as well so they can see how well respect he and his tool are by the security industry geeks that rant him here. It's also fun to read about his customers on his own site, they are just making fools of themselves for admitting to having bought his crap. I wouldn't even consider spending a dime on it just to try it. Makes me wonder if his customers have granted that he uses their names as references. I very much doubt that he even cares judging from how little he respect this lists opinion about him spamming here. Sadly he isn't a high profile target, otherwise lulsec could take him down... /stained hat -= Glowing Sex =- skrev 2011-06-23 11:16: Woahh... nicely picked mate... Then, they dare to then market it, (with or even withut that guys lib), i mean pros would have theyre OWn lib if they were that serious...also, somany bugs in theyre own website picked out by a...@papsy.net http://papsy.net.. i think FD just 'opened' theyre whole setup to being disclosed nice and openly, the truth will come as always does.. It is silly to assume that, the people on FD are stupid... this is the leetest group of ppl aqnywhere,simple..and you can keep ya hats. I guess thats what happens when ya force an item there is not even a valid downloadable demo, and now seems even more shifty as a product, because, it would have to have the Lic of the other guy listed as the package,or it is lisence fraud, wich i am sure the owner of the lib will...learn of this soon... but, what a really ssucks of a company!! i mean, the person spams to here, cant that be moderated ? seriously... Is bad enough he is prolly even gonna sell from this list, specially on here, because now, even more, people will be buying it to dissect it, (wish someone would sling me a copy for sure...id be happy to handle a few files to dissect) maybe if it was in an advisory, or better yet, i dont know why Adam, did not continue to fuzz it, and just find the REMOTE hole we would all love to see ;) , wich you seemed close to doin...would have put that up them... they simply neede to cc people, or some other such crap, and they will have nonstop forever spammage on FD... Why doesnt FD mods, make some FD m,ods, wich find and search for strings, im not talking about just some av bs,spam assasin bs, im talking somethin simple, wich just finds strings and blocks...this way, could just inseert some well known spam names, and nomatter what mailer, it is blocked..or make an addon for spamassis... i guess i have not installed qmail/s.assassin and sq-mail since the old FreeBSD v5.2.1 rocks-project package... but id be happy to setup and play around with some addon that would block this kind of mail from getting thru the mailer at box level.. kinda would be nice.. I dont keepup with mail systems, but i have a relative who works in mailenable.com http://mailenable.com ,i could get it pushed onto some servers if some such app or addon is made, for mailers as a whole, or as an addon... but, it would still fundamentally be the same code behind it..string-based searching, slower,but on cron.d and done at right times,then it wont hurt to bad :) About smartest thing ive said since i botched (yes i bothced my PoC for that silly backspace bug, and it exists! But, i botched that because i should have grabbed the proper Po,wich does cause some funky emails...but, is done with backspace,and it relatively still new... but i will get to it...it is documented here on my hd, i just will makesure to do better next time, and fix that b4 posting, but, i can take that crap, what i dislike is trolling thats rude... anyhow ppls...). thats enough on either story! xd no 'fd list' bonuses/discounts or demos, just straight-out spam (no anchors) yo! On 23 June 2011 16:51, Sergio 'shadown' Alvarez shad...@gmail.com mailto:shad...@gmail.com wrote: Juan, I've seen you are using Michal Zalewski's skipfish as engine, isn't it a license violation? Cheers, Sergio On Jun 23, 2011, at 3:16 AM, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here:
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
On Wed, 22 Jun 2011 22:32:07 CDT, adam said: Blah blah blah. Some of these may or may not be serious but the fact is: it took less than 60 seconds to find all of it. Imagine what someone who is *really* bored could find. I think I'll pass on your oh so special *hacker* tool. I would have expected that Hey, let's point it at our own servers and see if it works would have been part of the testing process for the software. pgpvaFjXYFBNj.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Most people charge for that, the least Juan could do is give you a *free* license for his scamware(we know you want it ;) ). lamentAh, the state of so-called security these days...it's sad./lament elazar On Wed, 22 Jun 2011 23:38:06 -0400 adam a...@papsy.net wrote: *cough* *Directory indexes enabled:* http://www.insecurityresearch.com/wp-includes/ http://www.insecurityresearch.com/wp-content/uploads/ http://www.insecurityresearch.com/wp-content/plugins/wp-pagenavi/ http://www.insecurityresearch.com/wp-content/plugins/wp- postratings/ *Path disclosure:* http://www.insecurityresearch.com/wp-content/themes/eVid/ *Other:* - Using outdated version of SSL - Outdated SSL Certificate (2009) - Outdated version of mod_frontpage (which may be vulnerable to a root access exploit) - At *least* a dozen broken links - MySQL is exposed to the internet Blah blah blah. Some of these may or may not be serious but the fact is: it took less than 60 seconds to find all of it. Imagine what someone who is * really* bored could find. I think I'll pass on your oh so special *hacker* tool. -BEGIN PGP SIGNATURE- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQECAAYFAk4DWBoACgkQi04xwClgpZjqngP7BS/OSkELU/BGjpOSepaYERwBn47U k+pRpovVjQHLQTxNpV9cVm0HEGq8DGacPvTtQ/1F9krmA3KzwpcJrX/71sNyKIlWofAI XTVteAtIBL9ic9N0FTZq0QZpqKC5Ea2I/NXUE9+n7yz1X6jX6zMru/hJVKHqARVQ8Wvh U4lFMoo= =XzNo -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
Maybe they did. They are probably as thorough in development as they are in administration. t -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu Sent: Thursday, June 23, 2011 6:39 AM To: adam Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release On Wed, 22 Jun 2011 22:32:07 CDT, adam said: Blah blah blah. Some of these may or may not be serious but the fact is: it took less than 60 seconds to find all of it. Imagine what someone who is *really* bored could find. I think I'll pass on your oh so special *hacker* tool. I would have expected that Hey, let's point it at our own servers and see if it works would have been part of the testing process for the software. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 With such glowing reviews of your security product and such keen observation regarding your website, from what many would regard as well informed and skilled security personnel. Not to mention the wonderful indexing of Google, I would question the worth of soliciting custom from this list. regards D On 23/06/2011 02:16, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Mankind's systems are white sticks tapping walls. http://www.propergander.org.uk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEVAwUBTgN0irIvn8UFHWSmAQI0SAf+KGl4g621i1yI9yJO47MqF7/jTZoiPxss XgbbEQobFegWhiaToqCdtN1+oKuBo1yJ8n0h2xnQFbS1BBcfQdlDpHrzixz5L1y7 lvvj/HCpigGyp3zJe3bDvPZRQw14saXIb+MSeb6pkY8Hru07ALrUCSZPpZq8R4Ka iqcOA4107rx0wEgwwNPHeZHaaDSsf/fkZbJDr2KMIU9d+POpI9L64Fb9/cc48O1L V4iMV22iz1AtRgmkjWjJAdWb2yntpeB6EBQ/XyLdITdPPvfwSvnRk/oIrRDwBBAi LIQyjMaEXx759VRvUJqvR6NNYZI6RcVaKmRZdpDEGjM7FjSEGOn+MQ== =/waZ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
Skipfish is Apache 2.0 and Metasploit is BSD. He don't even has to release the source. The only thing missing is attribution. On 06/23/2011 03:51 AM, Sergio 'shadown' Alvarez wrote: Juan, I've seen you are using Michal Zalewski's skipfish as engine, isn't it a license violation? Cheers, Sergio On Jun 23, 2011, at 3:16 AM, Juan Sacco wrote: Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
OK, now this is just blatant sales spam. This list isn't your market - can't you just move on? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- boun...@lists.grok.org.uk] On Behalf Of Juan Sacco Sent: Wednesday, June 22, 2011 6:16 PM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- __ __ Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
OK, now this is just blatant sales spam. This list isn't your market - can't you just move on? ^^ thats the poor state of FD nowdays :P people do not even realise, i think, what the thing means :P lol... i think this maybe either due to language,simply not knowing english.. or, pure spam of an app wich has been mentioned beofre over and over... what kind of moderation is here ? uhmmm none posting to a moderated list, is nowdays a frigging joke. xd - fuall 3 On 23 June 2011 13:04, Thor (Hammer of God) t...@hammerofgod.com wrote: OK, now this is just blatant sales spam. This list isn't your market - can't you just move on? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- boun...@lists.grok.org.uk] On Behalf Of Juan Sacco Sent: Wednesday, June 22, 2011 6:16 PM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- __ __ Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
*cough* *Directory indexes enabled:* http://www.insecurityresearch.com/wp-includes/ http://www.insecurityresearch.com/wp-content/uploads/ http://www.insecurityresearch.com/wp-content/plugins/wp-pagenavi/ http://www.insecurityresearch.com/wp-content/plugins/wp-postratings/ *Path disclosure:* http://www.insecurityresearch.com/wp-content/themes/eVid/ *Other:* - Using outdated version of SSL - Outdated SSL Certificate (2009) - Outdated version of mod_frontpage (which may be vulnerable to a root access exploit) - At *least* a dozen broken links - MySQL is exposed to the internet Blah blah blah. Some of these may or may not be serious but the fact is: it took less than 60 seconds to find all of it. Imagine what someone who is * really* bored could find. I think I'll pass on your oh so special *hacker* tool. On Wed, Jun 22, 2011 at 10:20 PM, -= Glowing Sex =- doo...@gmail.comwrote: OK, now this is just blatant sales spam. This list isn't your market - can't you just move on? ^^ thats the poor state of FD nowdays :P people do not even realise, i think, what the thing means :P lol... i think this maybe either due to language,simply not knowing english.. or, pure spam of an app wich has been mentioned beofre over and over... what kind of moderation is here ? uhmmm none posting to a moderated list, is nowdays a frigging joke. xd - fuall 3 On 23 June 2011 13:04, Thor (Hammer of God) t...@hammerofgod.com wrote: OK, now this is just blatant sales spam. This list isn't your market - can't you just move on? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto: full-disclosure- boun...@lists.grok.org.uk] On Behalf Of Juan Sacco Sent: Wednesday, June 22, 2011 6:16 PM To: full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release Test your network security and audit your website using the same tools as hackers. INSECT Pro 2.6.1 is available for purchase right now worldwide through PayPal! * Run Faster: You not only want to make great security testing, you want a nice performance * Load Better: Major graphical interface and optimizations features * Module Search: Ever wondered where that module? We have a built-in search feature for you * Improvements, and Changes As always, we've added a lot of other features and optimizations * The latest exploits found in the wild We are always trying to be one step ahead of the competition, take a visual tour of some of INSECT Pro most popular features and discover INSECT Pro today! Start here: http://www.insecurityresearch.com Regards Juan Sacco -- __ __ Insecurity Research - Security auditing and testing software Web: http://www.insecurityresearch.com INSECT Pro 2.6.1 on track - Stay tunned ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
*cough* *Directory indexes enabled:* http://www.insecurityresearch.com/wp-includes/ http://www.insecurityresearch.com/wp-content/uploads/ http://www.insecurityresearch.com/wp-content/plugins/wp-pagenavi/ http://www.insecurityresearch.com/wp-content/plugins/wp-postratings/ *Path disclosure:* http://www.insecurityresearch.com/wp-content/themes/eVid/ *Other:* - Using outdated version of SSL - Outdated SSL Certificate (2009) - Outdated version of mod_frontpage (which may be vulnerable to a root access exploit) - At *least* a dozen broken links - MySQL is exposed to the internet Blah blah blah. Some of these may or may not be serious but the fact is: it took less than 60 seconds to find all of it. Imagine what someone who is * really* bored could find. I think I'll pass on your oh so special *hacker* tool. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [New Security Tool] INSECT Pro 2.6.1 release
On 2011-06-22, at 20:38, adam wrote: - Using outdated version of SSL - Outdated SSL Certificate (2009) And while we're beating this dead horse: You attempted to reach www.insecurityresearch.com, but instead you actually reached a server identifying itself as myinflatableboat.net. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
