Let's imagine there is someone out there able to crack any hash of the
entire set of DES-based crypt(3) hashes in a reasonable amount of time,
say 5-10 days.
Let's imagine that no matter how many hashes are submitted to the system,
1 or 1000, all of them are guaranteed to be cracked in this consta
Le Mon, Jul 30, 2007 at 12:09:18AM -0700, n/a n/a ecrivait :
>How much would you value this service ? Would you pay $100, $10, $1 per
>hash to crack ? Would you require anonymity to use the service ?
$10 sounds reasonnable for a hash.
Of course, I would require anonymity to use that service
All the large investment banks worldwide use enterprise messaging
systems to transport data concerning billions of dollars worth of
transactions daily. Therefore, the security of the messaging systems is
critical to the continuity of the ongoing business of these companies.
This paper discusses pot
Dear list,
TeamIntell discovered memory corruption bug in iBON 2006
(data collection of financial reports, companies and
active business subjects in Slovenia). Please see the
attached security advisory for details.
Cheers.
TISA2007-07-Public.pdf
Description: Adobe PDF document
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
$1-10/hash, and I'd actively seek/support an open source option.
- ---
Tremaine Lea
Network Security Consultant
Intrepid ACL
"Paranoia for hire"
On 30-Jul-07, at 1:09 AM, n/a n/a wrote:
>
> Let's also imagine this service becomes commercially av
Dear Tremaine Lea,
--Monday, July 30, 2007, 4:09:53 PM, you wrote to [EMAIL PROTECTED]:
TL> -BEGIN PGP SIGNED MESSAGE-
TL> Hash: SHA1
TL> $1-10/hash, and I'd actively seek/support an open source option.
5-10 days for full bruteforce? John-the-ripper on modern multi-core PC.
--
~/ZAR
Quoting n/a n/a <[EMAIL PROTECTED]>:
> How much would you value this service ? Would you pay $100, $10, $1 per
> hash to crack ? Would you require anonymity to use the service ?
I would pay $1 each for md5 cracks of this type, $5 for DES crypt.
Anonymity hosted outside the US would be an
On 7/30/07, 3APA3A <[EMAIL PROTECTED]> wrote:
>
> 5-10 days for full bruteforce? John-the-ripper on modern multi-core PC.
Let's be clear here.
JtR will only succeed if the password is based on frequently used
characters. If it is truly random and 8 characters long, JtR will not
be able to crack i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0036-1
Published: 2007-07-30
Rating: Moderate
Updated Versions:
vim=/[EMAIL PROTECTED]:1-devel//1/7.1.044-1-1
vim-minimal=/[EMAIL PROTECTED]:1-devel//1/7.1.044-1-1
gvim=/[EMAIL PROTECTED]:1-devel//
http://addxorrol.blogspot.com/2007/07/ive-been-denied-entry-to-us-essentially.html
http://www.blackhat.com/html/bh-usa-07/train-bh-us-07-hf.html
--
Kristian Hermansen
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclos
A president has an affair and we nearly impeach him. Another president ruins
the country, destabilizes the middle-east even more, takes away our rights
and freedom, yet we keep him in office. What gives?
Don't get me wrong, I love the US and all it has to offer me as a citizen,
but like most citiz
You will not find a more patriotic American than myself, but I watch allot
of C-SPAN and speeches in general, the government is backpedaling its
pretty obvious the real nasty stuff will not come out for 10-15 years.
http://www.youtube.com/watch?v=OgfzqulvhlQ
On 7/30/07, Simon Smith
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 1342-1[EMAIL PROTECTED]
http://www.debian.org/security/ Moritz Muehlenhoff
July 30th, 2007
Simon,
FUCK ILLEGAL ALIENS, GEORGE BUSH IS RIGHT. HOW DO WE KNOW THIS
DULLIEN LOSER ISN'T HERE TO RAPE OUR COUNTRY LIKE ALL THE OTHERS,
BROWN YELLOW OR PURPLE. YOU MIGHT AS WELL THROW THAT KF MAGGER BACK
TO UGANDA WHILE YOU ARE AT IT.
KEEPING FOREIGN TERRORISTS AND DMCA VIOLATORS OUT OF OUR CO
On 7/30/07, XRR . <[EMAIL PROTECTED]> wrote:
> On 7/30/07, 3APA3A <[EMAIL PROTECTED]> wrote:
> > 5-10 days for full bruteforce? John-the-ripper on modern multi-core PC.
> ...
> JtR will only succeed if the password is based on frequently used
> characters. If it is truly random and 8 characters lon
On 7/30/07, coderman <[EMAIL PROTECTED]> wrote:
> gotta pay off that copacobana? 10,000 hashes for breakeven @ $1, not bad...
yes, a joke. you'd need to charge at least $100 hash to make this
profitable, maybe down to $40-50 if you could leverage bulk pricing
for components.
cmon XRR, spill the
If that isn't blatant sarcastic humour at its finest, I don't know
what is. Thanks for the laugh!
dan
On Jul 30, 2007, at 3:18 PM, Joey Mengele wrote:
> Simon,
>
> FUCK ILLEGAL ALIENS, GEORGE BUSH IS RIGHT. HOW DO WE KNOW THIS
> DULLIEN LOSER ISN'T HERE TO RAPE OUR COUNTRY LIKE ALL THE OTHER
Dear coderman,
Whhooo! We will not see SPAM any more, because all botnets will be
overloaded with hash hacking!
--Monday, July 30, 2007, 11:30:51 PM, you wrote to [EMAIL PROTECTED]:
c> On 7/30/07, coderman <[EMAIL PROTECTED]> wrote:
>> gotta pay off that copacobana? 10,000 hashes for brea
>
> JtR will only succeed if the password is based on frequently used
> characters. If it is truly random and 8 characters long, JtR will not
> be able to crack it.
>
Sure it will, it just takes adjustments to john.conf and a *lot* longer.
djohn (distributed JtR) was written to address this :
For the month of August, we are launching the The Month of Hacker
Folklore project where you can win a book. We have ten Cross Site
Scripting Attacks: Xss Exploits and Defense books to give away and
what better way to do so than a completion. All you have to do is to
send us a piece of work that yo
On Mon, 30 Jul 2007 12:30:51 PDT, coderman said:
> cmon XRR, spill the beans. a bunch of PS3's? FPGA array? quantum search? :P
There's probably more CPU cycles available in all the botnets of the world than
there are total in the top500 list.
If you want to do it a bit more legally, the EFF d
On 7/30/07, Michael Holstein <[EMAIL PROTECTED]> wrote:
>
> Sure it will, it just takes adjustments to john.conf and a *lot* longer.
> djohn (distributed JtR) was written to address this.
Exactly. And my point is that it is only doable in a reasonable amount of
time if you have on the order of 1e5
Sunbelt Software is look for a Senior Security Response Engineer
Responsibilities
The Senior Security Response engineer will serve as a technical
supervisor to a team of engineers creating antivirus signatures. The
engineer will also be required to reverse engineer malicious code
threats with the
CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability
BACKGROUND:
===
BlueSkychat is a professional voice and video chat software widely used
by large chat websites in china.
DESCRIPTION:
Code Audit Labs Code Audit for BlueSkyCat ActiveX Control
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Foresight Linux Essential Advisory: 2007-0037-1
Published: 2007-07-30
Rating: Minor
Updated Versions:
unrar=/[EMAIL PROTECTED]:devel//1/3.7.6-2.1-1
group-dist=/[EMAIL PROTECTED]:1-devel//1/1.3.2-0.7-1
References:
http://cve.mitre.org/cgi
Give it until six months before the next presidential election...
Daniel H. Renner
President
Los Angeles Computerhelp
A division of Computerhelp, Inc.
818-352-8700
http://losangelescomputerhelp.com
[EMAIL PROTECTED] wrote:
Date: Mon, 30 Jul 2007
Actually Simon, we didn't "nearly" impeach him, we DID impeach him. He
simply wasn't removed from office by the Senate. And it wasn't for having
an affair, it was for perjuring himself while under oath. For those with
selective memory, Big Bill was being sued for sexual harassment. It was
during th
On Mon, 30 Jul 2007, [EMAIL PROTECTED] wrote:
> you that I qualify for the sobriquet; "Old Fart", and not only has the
> mideast been fucked for a VERY long time, I dispute that it is even
> POSSIBLE to make it worse. At best you can reshuffle the deck.
Hannigan - is that you?!?!?
--
Yours,
J.A
===
Ubuntu Security Notice USN-492-1 July 30, 2007
tcpdump vulnerability
CVE-2007-3798
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 6
29 matches
Mail list logo
