Michele Orru.. Sorry to write you directly to the list.. But you did it
too.. So.. please allow me to answer..
Exploit Pack != Beef ... Just similar projects.. different approaches
In fact you came to a webcast where I showed the code of Exploit Pack... I
remember you saying that Exploit Pack is
That was a bit ambiguous and I apologize for that. I meant that I had
reproduced the issue several times, not created test accounts. I'm willing
to bet it's not just a few accounts being affected.
-Original Message-
From: Jann Horn [mailto:jannh...@googlemail.com]
Sent: Sunday, May 20, 2
On Sat, May 19, 2012 at 12:04:43PM -0700, Michael J. Gray wrote:
> On why I don't want to provide my email address to Google:
>
> It's a different email address which I don't want associated with this email
> address for various reasons. That is why I am not going to provide it.
>
> Your assumpti
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2012:079
http://www.mandriva.com/security/
_
Right. I think you're entirely correct to call this out as a distinct
feature from checking the user's raw credentials. The point of this
function is, as Mike said, to try to protect against bulk use of stolen
credentials--the starting assumption is thus that the attacker already has
valid credenti
Back at the Phoenix Sorry for the late notice, but you know the
score by now :)
Speakers:
'Why Industrial System air-gaps suck.'
Eireann Leverett of IOActive
A talk on why industrial systems can increasingly be found on the
internet, and how to work with CERTs to change it.
We've als
Sounds like this is a mission for Attrition.org
On Sun, 20 May 2012 11:40:04 +0100, Michele Orru
wrote:
> An btw, his WebSecurity tool is a pure clone of BeEF.
>
> If you try it, and analyze the Javascript hook file, is the same thing.
> He just change the global variable name from beef to bot,
