RE: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?

> views? Only on 2 of them > -- > AES I would put my money on this one because this is a std. does all the encryption very fast and can be extended as per the security requirments: you want more security than 128 bit you can have 192, you want more you can go to virtually any number AES2

RE: [Full-disclosure] how to describe this tool ?

> I have a perl script I'd like to release(GPL), but I don't really know > how to describe it. Don't do anything - just release the source code and let others decide what it is :) If your audience a bit buiness minded who like good words then it is an auditting tool for sure. __

Re: [Full-disclosure] how to describe this tool ?

bam bam, i call it enumeration tool :) -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) "oh yeah oh yeah... another wannabe, in hackerland!!!" On 11/2/05, Native.Code <[EMAIL PROTECTED]> wrote: > Depends the use you put it on. I will call it auditing tool. > > > > > On

Re: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?

On 11/1/05, Brandon Enright <[EMAIL PROTECTED]> wrote: > Brute forcing an algorithm suggests that you are not attacking a weakness or > known flaw in the algorithm but rather just running through the keyspace > trying to recover the plaintext. In that case, whichever allows you to use > the most b

[Full-disclosure] [SECURITY] [DSA 879-1] New gallery packages fix privilege escalation

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 879-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze November 2nd, 2005

Re: [Full-disclosure] how to describe this tool ?

Depends the use you put it on. I will call it auditing tool.   On 11/2/05, news-letters <[EMAIL PROTECTED]> wrote: Hi list,I have a perl script I'd like to release(GPL), but I don't really knowhow to describe it. To make it short here's a session on one (remote)machine.(but it'sintended to be run o

[Full-disclosure] On Interpretation Conflict Vulnerabilities

In a post "SEC-CONSULT-SA-20051021-0: Yahoo/MSIE XSS", Bernhard Mueller said: >SEC-Consult believes that input-validation thru blacklists can just be >a temporary solution to problems like this. From our point of view >there are many other applications vulnerable to this special type of >problem

Re: [Full-disclosure] New Online RainbowCrack Engine

Is your webserver a 9-5 service or is it just down for other reasons? /str0ke On 11/1/05, MR BABS <[EMAIL PROTECTED]> wrote: > Hey guys, > > Just finished everything up on RainbowCrack-Online, wasn't sure if > anyone would be interested, there's a membership fee, as servers, generation > and

[Full-disclosure] MDKSA-2005:204 - Updated wget packages fix vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:204 http://www.mandriva.com/security/

[Full-disclosure] MDKSA-2005:203 - Updated gda2.0 packages fix string format vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:203 http://www.mandriva.com/security/

[Full-disclosure] MDKSA-2005:202 - Updated squirrelmail packages fix vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDKSA-2005:202 http://www.mandriva.com/security/

[Full-disclosure] New Online RainbowCrack Engine

Hey guys,       Just finished everything up on RainbowCrack-Online, wasn't sure if anyone would be interested, there's a membership fee, as servers, generation and cracking machines are expensive, you guys know the score.   Really nice collection of tables, you can take a look-see at www.rainbo

RE: [Full-disclosure] new IE bug (confirmed on ALL windows)

Rofl... there is always someone to play with words... -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Greg Envoyé : mardi 1 novembre 2005 21:32 À : full-disclosure@lists.grok.org.uk Objet : Re: [Full-disclosure] new IE bug (confirmed on ALL windows) ---

[Full-disclosure] Cisco Security Advisory: Cisco IPS MC Malformed Configuration Download Vulnerability

configuration deployment process. Cisco has made a free software patch available to address this vulnerability for affected customers. This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20051101-ipsmc.shtml. Affected Products = Vulnerable Products

[Full-disclosure] Re: readdir_r considered harmful

I wrote: > readdir_r considered harmful > A second revision of this advisory (and any future revisions) can be found at . I have updated the recommendations to cover HP-UX and Tru64 properly. Ben. -- Ben Hu

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

- Original Message - From: "Greg" <[EMAIL PROTECTED]> To: Sent: Wednesday, November 02, 2005 7:31 AM Subject: Re: [Full-disclosure] new IE bug (confirmed on ALL windows) Sorry to be the "Negative Nark" here but yes, the crash works on IESP2 with XPSP2 but NO it does NOT crash WIN98S

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

- Original Message - From: <[EMAIL PROTECTED]> To: Sent: Wednesday, November 02, 2005 4:00 AM Subject: [Full-disclosure] new IE bug (confirmed on ALL windows) I think I have found by chance this weekend a security bug,while browsing the website news, within iexplorer on all windows

[Full-disclosure] Gateway 7001 A/B/G AP: Selection of improper regulatory domains and channels

Issue: Gateway 7001 AP allows selection of restricted 802.11a/b/g channels Author: Network Chemistry Labs Vendor: Gateway Products: Gateway 7001 802.11 A/B/G Dual Band Wireless Access Point Type: Input Validation Exploit: Not required I. Intro The IEEE 802.11 family of standards define the chan

Re: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?

On Nov 1, 2005, at 12:11 PM, Brandon Enright wrote: IIRC, there aren't any good known attacks against Blowfish, AES, or Twofish so the *RIGHT* algorithm is whatever works best for your application. Depending on the situation, there may be a feasible cache-timing attack on software impleme

Re: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?

On 01 Nov 05, at 10:11, Brandon Enright wrote: Brute forcing an algorithm suggests that you are not attacking a weakness or known flaw in the algorithm but rather just running through the keyspace trying to recover the plaintext. In that case, whichever allows you to use the most bits is w

Re: Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

Mini version of IECrash confirmed IE 6.0 Windows XP Pro SP2 (English version) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

RE: [Full-disclosure] RE: Full-Disclosure Digest, Vol 8, Issue 48

Nick FitzGerald zei: > Martijn Lievaart wrote: > >> Hihi, clamav cought that... :-] > > Your point? I thought this thread was about evading virusscanners. So modifying a batch virus and pasting it in the middle of an email does not fool at least one virusscanner, fwiw. One can argue it is a false

Re: [Full-disclosure] readdir_r considered harmful

3APA3A wrote: > Dear Ben Hutchings, > > > If someone uses pathconf to determine buffer size it's his own problem > and he creates vulnerability by himself. You can list such applications > as vulnerable to race conditions. > NAME_MAX is defined in limits.h and should be 255 according to la

[Full-disclosure] Re: RFID docs & tools ?

http://openmrtd.org/ Eric. Mark Sec wrote: Alo folks, Well , does anyone know links to buy "lectors" RFID ? I would like to do a "PoCs" on Hacking RFID , also i need tools, pappers, PoCs & links related with this. thanks :-) - Mark ___ Full-Disc

[Full-disclosure] Snort Back Orifice Preprocessor Exploit (Win32 targets)

Dear All I wrote Snort Back Orifice Preprocessor Exploit for Win32 targets. It's for educational purpose only. This exploit was tested on - Snort 2.4.2 Binary + Windows XP Professional SP1 - Snort 2.4.2 Binary + Windows XP Professional SP2 - Snort 2.4.2 Binary + Windows Server 2003 SP1 - Snort 2.

[Full-disclosure] how to describe this tool ?

Hi list, I have a perl script I'd like to release(GPL), but I don't really know how to describe it. To make it short here's a session on one (remote)machine.(but it's intended to be run on ip ranges with mostly windows hosts). Starting script.pl ... searching hosts in 192.168.0.100 ...

RE: [Full-disclosure] Comparing Algorithms On The List OfHard-to-brut-force?

Brute forcing an algorithm suggests that you are not attacking a weakness or known flaw in the algorithm but rather just running through the keyspace trying to recover the plaintext. In that case, whichever allows you to use the most bits is what you want. IIRC, there aren't any good known attack

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

It is definitely a margin/padding problem. For example the following code will crash it: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd";> .supp IMG { VERTICAL-ALIGN: middle } . While this wont: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd";> .supp IMG { VERTICAL-ALIGN

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

I believe that this is an illegal operation problem. The IE box model is a bit messy. The div tag is trying to position vertically every IMG element in the middle. Probably, IE is trying to calculate the margin or the padding. Petko Petkov wrote: >This is a mini version of IECrash: >"http://www.w

[Full-disclosure] Comparing Algorithms On The List Of Hard-to-brut-force?

hello list, Which Algorithm in the list is hard hard (more resource/computation consuming) to brute-force... (in order?) considering all other factor 'ALMOST' similar? views? -- Blowfish AES Twofish AES-BLOWFISH Serpant CAST5 AES-Twofish Serpant-AES AES-BLOWFISH-SERPANT Twofish-SERPANT Tr

RE: [Full-disclosure] new IE bug (confirmed on ALL windows)

Removing div, p , /p , , the .css , will also stop it so not sure.. I have notice so a missing for closing the first one HELLO WORLD! Can come from here so dunno Letting browser's experts to do their job now :) -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De l

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

>I think I have found by chance this weekend a security bug,while browsing >the website news, within iexplorer on all windows versions. >I haven't enough knowledge (and don't want) into web browsers security to >conduct a full investigation, at least Just the ".supp IMG" is enough to trigger it.

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

This is a mini version of IECrash: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd";> .supp IMG { VERTICAL-ALIGN: middle } HELLO WORLD! If you remove the DOCTYPE IE does not crash. I believe that this is some sort of parsing vulnerability and directly affects IMG tags. Peter Ferrie

Re: [Full-disclosure] new IE bug (confirmed on ALL windows)

>I think I have found by chance this weekend a security bug,while browsing the website news, within iexplorer on all windows versions. >I haven't enough knowledge (and don't want) into web browsers security to conduct a full investigation, at least It's a null pointer access, but it's not clear fo

[Full-disclosure] new IE bug (confirmed on ALL windows)

I think I have found by chance this weekend a security bug,while browsing the website news, within iexplorer on all windows versions. I haven't enough knowledge (and don't want) into web browsers security to conduct a full investigation, at least, I took the source of the webpage and wit

Re: [Full-disclosure] readdir_r considered harmful

Dear Ben Hutchings, If someone uses pathconf to determine buffer size it's his own problem and he creates vulnerability by himself. You can list such applications as vulnerable to race conditions. Recommended (according to POSIX) way is to use NAME_MAX: buf = (struct dirent *)malloc( of

[Full-disclosure] Snort Back Orifice Preprocessor Exploit (Win32 targets)

Dear All I wrote Snort Back Orifice Preprocessor Exploit for Win32 targets. It's for educational purpose only. This exploit was tested on - Snort 2.4.2 Binary + Windows XP Professional SP1 - Snort 2.4.2 Binary + Windows XP Professional SP2 - Snort 2.4.2 Binary + Windows Server 2003

[Full-disclosure] Snort Back Orifice Preprocessor Exploit (Win32 targets)

Dear All I wrote Snort Back Orifice Preprocessor Exploit for Win32 targets. It's for educational purpose only. This exploit was tested on - Snort 2.4.2 Binary + Windows XP Professional SP1 - Snort 2.4.2 Binary + Windows XP Professional SP2 - Snort 2.4.2 Binary + Windows Server 2003

RE: [Full-disclosure] for IE researchers, found a link crashing IE

So in the case of the website go off or remove the webpage, attached is the saved page also crashing IE while loaded offline. Cheers Nb: can't attach, size restriction, here is a direct link http://class101.org/poc.rar -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] E

[Full-disclosure] HYSA-2005-009 Elite Forum 1.0.0.0 XSS Vulnerability

--   HYSA-2005-009 h4cky0u.org Advisory 009 -- Date - Tue Nov 1 2005 TITLE: == Elite Forum 1.0.0.0 XSS Vulnerability SEVERITY: = Medium SOFTWARE: = Elite Forum 1.

[Full-disclosure] Re: Advisory 18/2005: PHP Cross Site Scripting (XSS) Vulnerability in phpinfo()

Hello Matthew, > That's a hell of a turnaround for you, Esser. It's the first security > bug I've reported in your software that's actually been fixed. And it > only took you *THREE YEARS*. We're finally making some progress here. Mr. Murphy, I don't know what your problem is, but the bug you

[Full-disclosure] readdir_r considered harmful

readdir_r considered harmful Issued by Ben Hutchings <[EMAIL PROTECTED]>, 2005-11-01. Background -- The POSIX readdir_r function is a thread-safe version of the readdir function used to read directory entries. Whereas readdir returns a pointer to a system-al

Re: [Full-disclosure] ICMP injection

Le mardi 01 novembre 2005 à 00:11 -0600, Josh Perrymon a écrit : > Anyone familiar with injecting ICMP or DNS packets with NC? You won't be able to inject ICMP with netcat (nc). Injecting DNS is possible, but you have to craft your UDP payload yourslef. You should try Scapy : http://www.