[Full-Disclosure] Animated Cursor Blue Screen?
Nick, Here is the original source I posted: http://www.milw0rm.com/id.php?id=721 The original author is Flashsky. Crappy when people use milw0rm.com for other purposes then testing the vuln on themselves. Regards, str0ke ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] Php Nuke Hack's
Please don't expose yourself. This is all I got for you. http://www.milw0rm.com/search.php?dong=php-nuke On Tue, 26 Oct 2004 20:18:51 +0200, .:: DarkDelphi ::. [EMAIL PROTECTED] wrote: Hi, i'm a spanish reader and.. y will try expose myself.. ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] JPEG GDI
Berry, I appreciate the information. I would think newgroup postings would be a little evil aswell. str0ke Here's my understanding of it: The bug can be exploited whenever an application that relies on a vulnerable version of gdiplus.dll to render jpeg image files onscreen (Or, I suppose, in any other way that gdiplus.dll can be used to process jpegs - I'm not familiar with the GDI+ interface). That includes IE, Office applications, or anything that relies on a vulnerable gdiplus.dll file. What are the ramifications of this? I think that the predictions of worms based on this are a bit far-fetched. Would it be possible to create a jpeg that would copy itself to other drives on a shared network in an auto-executable position? I suppose so... however, it would be noisy and probably wouldn't be amazingly successful. Having a worm installer within a jpeg is plausable, though. I'd consider the following scenarios to be plausable: - JPEG in nefarious web page includes malicious code. - JPEG in SPAM includes malicious code. - JPEG in mass-mailer worm includes malicious code. - JPEG in ad pop-up/sidebar includes adware/spyware installer. (malicious) - Mass-mailer worm includes an attachment for a known vulnerable third-party program that trigger the GDI+ vuln. (how sucessful this might be would depend on the application being attacked.) - Download.Jecht style mass-compromise of websites to embed malicious code inside of JPEGs. Those are the most plausable scenarios I can think up for this. Anything else is unlikely in my thoughts. -Barry / [EOF] ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
[Full-Disclosure] How to obtain hostname lists
fabio, I would think your meaning multiple hostnames out of the blue or ip addresses that have hostnames? If you wanted multiple hostnames out of the blue you could use a dictionary file with just random words while using the whois information. Such as, lappytop:~# whois goo GOO.NET GOO.COM A little script and you could have more domains in a list then you could wish for. If your meaning an axfr then you can find that on google. On your second question, (os, httpdver) would mean they would have to scan for this type of information. The latest nmap can be your friend. Multiple codes by multiple authors are everywhere for banner scanners. Im trying to figure out what exactly you want to do. If you are wanting to look for vuln servers then you would probably want to scan large amounts of ip addresses with a banner scanner. I don't really know if this is the place for this kind of question but ill take a chance and answer it. Regards, str0ke / Question /// Hi. I would like to know what techniques can Intruders use to obtain a lists of hostname and attack them with exploits code? For example, a huge list like: www.foo.com www.bar.com And so on. Also, they can have a lists with certain criteria in common (os, httpdver) and do a more selective attack. I want to know how they can obtain hostnames asnd create a huge database for potencial host victims? Thanks in advance. --__--__-- // EOF // ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html