On Tue, Mar 9, 2010 at 5:17 AM, Andrew Horton
and...@morningstarsecurity.com wrote:
I've just released a new version of GeoIPgen
Description: GeoIPgen is a country-to-IPs generator. It's a geographic IP
generator for IPv4
networks that uses the MaxMind GeoLite Country database. Geoipgen is
It's no secret that there are tons of broadband routers/modems with
exposed admin interfaces (HTTP/SSH/Telnet/whatever) using default/weak
credentials.
While the Chuck Norris botnet is interesting in that it shows that the
problem is real, it shouldn't surprise anyone who has researched the
3APA3A,
I was actually *agreeing* with you! lols. I think something got lost
in translation! Sorry if I confused anyone really.
Good luck.
2009/6/17 Vladimir '3APA3A' Dubrovin 3ap...@security.nnov.ru:
Adrian,
If you can execute javascript - what is a reason to wait for user to
click
.
2008/10/31 Adrian P [EMAIL PROTECTED]:
Hello folks,
Yesterday, I presented for the first time [1] a new method to perform
universal website hijacking by exploiting content filtering features
commonly supported by corporate firewalls. I briefly discussed [2] the
finding on GNUCITIZEN
just said it was a recent
(or as you might put it, *recent*) example of this type of
vulnerability. I've this sort of vuln myself with client software and
so has a number of other people I know. Glad to see the majority of
your email is completely irrelevant.
2008/11/1 Adrian P [EMAIL
Hello folks,
Yesterday, I presented for the first time [1] a new method to perform
universal website hijacking by exploiting content filtering features
commonly supported by corporate firewalls. I briefly discussed [2] the
finding on GNUCITIZEN in the past without giving away the details, but
Welcome to the web!
1 website = content retrieved from dozens/hundreds of sites. Much more than
what the browser's address bar shows ;)
Think of ad banners, analytics JS (legit spyware), static content served from
high-speed embedded httpds, etc ...
And yes, there are security implications
, Adrian P wrote:
* Exploring the UNKNOWN: Scanning the Internet via SNMP! *
http://www.gnucitizen.org/blog/exploring-the-unknown-scanning-the-internet-via-snmp/
Hacking is not only about coming up with interesting solutions to
problems, but also about exploring the unknown
* Exploring the UNKNOWN: Scanning the Internet via SNMP! *
http://www.gnucitizen.org/blog/exploring-the-unknown-scanning-the-internet-via-snmp/
Hacking is not only about coming up with interesting solutions to
problems, but also about exploring the unknown. It was this drive for
knowledge
http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub-5
It's known that UPnP [1] is inherently insecure for a very simple
reason: administrative tasks can be performed on a Internet Gateway
Device (IGD) without needing to know the admin password whatsoever!
This on its own is quite
Hi folks!
Just wanted to say that it IS possible to make good money and have fun
breaking security. Lots of security researchers out there are offered
very generous positions which sometimes allows them to work from home.
In many of these positions the researcher chooses what to break, and
the
comment inline ;)
On Nov 20, 2007 8:23 PM, Steven Adair [EMAIL PROTECTED] wrote:
Right this problem has existed for a long time, but it's not the end of
the world for someone to point it out again I suppose.
I think it's obvious that there's another main issue here and that's the
way
Remote assistance now appears to be disabled. That definitively gets
rid of the worst threat: backdooring the Home Hub router by enabling
remote access permanently (could be done by editing the config file).
Telnet has also been disabled, and the contents of the config file is
now
Hello Juergen,
With all my respect, is it that hard to see that gaining access to a
Gmail session can lead to your identity being stolen?
Nowadays your webmail account means your online life/presence. Let's
have a walk through attack shall we?
1. Your Gmail session is hijacked (i.e.: via the
Hi guys,
I just have a few comments for the sake accuracy.
On 10/12/07, Valery Marchuk [EMAIL PROTECTED] wrote:
gnucitizen may be responible for bt being under a massive attack right
now.
Oh my God, people stop talking nonsense!
Have you seen the video provided by gnusitizen.org with
http://www.gnucitizen.org/blog/bt-home-flub-pwnin-the-bt-home-hub
The BT Home Hub, which is probably the most popular home router in the
UK, is susceptible to critical vulnerabilities.
BT's plan is to sneak one of this boxes into every UK home. Not only
does the BT Home Hub support broadband but
We found multiple vulnerabilities on Axis 2100 IP cameras affecting both
old firmware versions and the latest firmware (2.43).
The research is made of two components: a purple paper and a video. The
research doesn't just cover boring PoCs, but actual Hollywood-style
exploits :-). Yes, this
There are two vanilla XSS on 'wp-register.php'. Only versions =2.0.1
appear to be affected.
More info can be found on GNUCITIZEN's BlogSecurity:
http://blogsecurity.net/wordpress/2-vanilla-xss-on-wordpress-wp-registerphp/
Regards,
--
pagvac
gnucitizen.org, ikwt.com
18 matches
Mail list logo
