hello
>The claim that he makes is surely interesting. I tried running the md5crack
>on my system which is a linux6.1 Intel pentium 3 733 MHz and I was able to
>get around 1/100 of what he claims. Although he uses a 1GHz AMD can the
>performances be so different ???
try without -v/-V (verbose),
he wishes to open it anyway. Guess what should be a typical user
behavior ? ;)
this script need the useful arptool from Cristiano Lincoln Mattos and our
favorite web server (for hotmail spoofing and fake messenger update)
use it for educationnal purpose only.
cheers,
Gregory Duchemin
hello
>This is the exact same thing APOP does - server sends a string, client
>appends password to string, takes MD5 hash and sends back. If your
>cracker is what you say it is (I haven't checked) then APOP should be
>just as vulnerable.
>
>Greetz, Peter
yep,
looking briefly at the rfc 1939, i f
hello,
know if the TCP silly window syndrome might be used too ?
Uploading/downloading files byte per byte to/from a remote ftp server with a
stupid window size of one byte may generate a very high overhead.
My tanenbaum book say that Clark solution consists in avoiding sender
(attacker) from
y as possible.
Finally, never never trust hotmail and any other web based free accounts for
you very own mails.
Gregory Duchemin
Security Consultant
NEUROCOM CANADA
1001 Bd Maisonneuve Ouest, Suite 200
Montreal Quebec
H
Microsoft has finally patched today the css/div hole in hotmail.
Absolute positionning in 'style' is now filtered with static.
Others web based mailers, sites with bookmark, forum etc ... should quickly
do the same.
Above, the original mail from wouter Westerveld who informed me.
Cheers
s activity.
Have a nice day
===
Gregory Duchemin - Security Consultant -
NEUROCOM CANADA
1001 bd Maisonneuve Ouest - suite 200
H3A 3C8 Montreal - Quebec - CANADA
[EMAIL PROTECTED]
_
Get Your Private, Free E
abuse and copyright violation.
did work fine with MSIE, would need some little changes to work on Netscape.
Be warnned when hotmail ask u next time ;)
Cheers,
Gregory Duchemin
http://c3rber.multimania.com/merci.txt" method="G
ck), just use the IP address your really need !.
Have a nice day,
===
Gregory Duchemin -- Security consultant
NEUROCOM CANADA
1001 bd maisonneuve Ouest, suite 200
Montreal, Quebec, H3A 3C8 Canada
[EMAIL PROTECTED]
===
hi bugtraqers
wingate 4.1.1
rial was
needed.
== horsemail.com ==
Have a nice day,
=
Gregory Duchemin
NEUROCOM CANADA
1001 bd Maisonneuve Ouest - suite 200
Montreal(Quebec) H3A 3C8 CANADA
[EMAIL PROTECTED] ;)
_
Get Your Priva
ion between clients, web based-server and admin
workstation. But that 's not enough, they may use session id concept for
cgi access too.
regards,
==
Gregory Duchemin
Network and security engineer
http://www.securite-internet.com
NEUROCOM
==
g in a possible denial of service
attack.
Have a nice day
******
Gregory Duchemin
Security & networks Engineer
Email: [EMAIL PROTECTED]
http://www.securite-internet.com
onymously.
The last one is a denial of service with an icmp redirect
storm against the printer ip stack.
Use winfreez.c to test it.
The printer 'll not respond anymore during the attack.
Have a nice day,
Gregory Duchemin.
-
NEUROCOM
http://www.neurocom.com
179/181 Av
al Linux exploit for
w3-auth
Authentication module from mini-sql package
Gregory Duchemin Aka c3RbeR
Neurocom -- Mai 1999
E-mail: [EMAIL PROTECTED]
**
/
#include
#include
#include
#include
#include
#include
#define GREEN "
trary
code.
i'm going to write an exploit.
Have a nice day
---
Gregory Duchemin - [EMAIL PROTECTED]
Security Engineer
NEUROCOMhttp://www.neurocom.com/
179/181 avenue Charles de Gaulle 92200 Neuilly Sur Seine
Tel: 01.41.43.84.84 Fax: 01.41.43.84.80
ory in your site, ok...in
this case, u don't matter with this bug
Otherwise, don't put your .htpasswd files under apache root
(change your link in .htaccess)
and contact quickly Hughes Technology.
have a nice day
Gregory Duchemin
(security engineer)
Neurocom
179-181 Av Charles De Gaulle
92200 Neuilly Sur Seine
16 matches
Mail list logo
