Re: [Full-disclosure] Free Tibet..

2008-03-26 Thread Eduardo Tongson
Not just Tibet. PRC wants to own every land around them [1]. [1] On Wed, Mar 26, 2008 at 11:35 PM, Robert Smits <[EMAIL PROTECTED]> wrote: > On March 24, 2008 10:31:55 pm Jerome Jar wrote: > > Please, I humbly think that you know possibly nothing ab

Re: [Full-disclosure] [Professional IT Security Providers - Exposed] PlanNetGroup ( F )

2008-01-22 Thread Eduardo Tongson
Should have made it a bit tricky. So the ensuing base64 and shar slugging could have been avoided. \x31\xc0\xbb\x01\x00\x00\x00\x50\x68\x70\x61\x6e\x79\x68\x20\x63\x6f\x6d\x68 \x79\x6f\x75\x72\x68\x6f\x72\x65\x20\x68\x6f\x20\x77\x68\x68\x75\x73\x20\x74 \x68\x70\x61\x79\x20\x68\x63\x61\x6e\x20\x68\

Re: [Full-disclosure] Load balancer ?

2008-01-15 Thread Eduardo Tongson
Hello seb, Yes it is probably an f5-BigIP. Thanks. Anybody else seen this with their BigIPs? Should not this be considered a bug? Ed On Jan 15, 2008 6:47 PM, <[EMAIL PROTECTED]> wrote: > > Hello folks, > > > > Does anyone know what load balancer has this behavior?. Apparently > > requesting

[Full-disclosure] Load balancer ?

2008-01-15 Thread Eduardo Tongson
Hello folks, Does anyone know what load balancer has this behavior?. Apparently requesting over HTTP 1.0 without a trailing slash reveals the internal IP addresses of the web servers. --> HEAD /docs HTTP/1.0 HTTP/1.1 301 Moved Permanently Date: Tue, 15 Jan 2008 09:59:57 GMT Server: Apache Locati

Re: [Full-disclosure] Wordpress Cookie Authentication Vulnerability

2007-11-20 Thread Eduardo Tongson
lexliu/publications/Cookie/cookie.pdf> [3] <http://www.openwall.com/phpass/> Eduardo Tongson NCCS On 11/21/07, James Matthews <[EMAIL PROTECTED]> wrote: > Wordpress never knew how to deal with cookies! > > > On Nov 20, 2007 9:23 PM, Steven Adair <[EMAIL PROTECTED]

Re: [Full-disclosure] 0day: PDF pwns Windows

2007-09-22 Thread Eduardo Tongson
That exploits the JavaScript [1] and open URI [2] feature through the Acrobat WebLink plug-in. Adobe put in JavaScript to PDF 1.3 specifications for Forms interaction. Opening up the calculator should not be a feature [3]. [1] /JS ({app.alert\("evil javascript active!"\);}\r{app.alert\("Oh wait! W

Re: [Full-disclosure] [ GLSA 200708-14 ] NVIDIA drivers: Denial of Service

2007-08-19 Thread Eduardo Tongson
On 8/20/07, Raphael Marichez <[EMAIL PROTECTED]> wrote: > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > Gentoo Linux Security Advisory GLSA 200708-14 > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >

Re: [Full-disclosure] Retrieving "deleted" sms/mms from Nokia phone (Symbian S60)

2007-05-20 Thread Eduardo Tongson
gd, You can also recover SMS from flash memory cards used in these Nokia phones. The phones has a feature wherein you can archive or backup SMS to the cards. So even if they delete the backup you could just undelete the .dat files using something like Testdisk to recover the messages. On 5/16/07,

Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)

2007-02-01 Thread Eduardo Tongson
On 2/2/07, Xavier Beaudouin <[EMAIL PROTECTED]> wrote: <> > > Allowing direct root login even with SSH is IMHO stupid... > Please elaborate why is it IYHO stupid. - ed ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-discl

Re: [Full-disclosure] http://prdelka.blackart.org.uk/paperz/VAstacksmash.txt

2005-10-11 Thread Eduardo Tongson
On 10/11/05, none none <[EMAIL PROTECTED]> wrote: > Can you point out where in the kernel tree this > randomization has been done? I havent seen anything on > LKML explaining this. in >=2.6.12 # sysctl kernel.randomize_va_space # cat /proc/self/maps

Re: [Full-disclosure] Local suid files and buffer overflows

2005-10-09 Thread Eduardo Tongson
> Hi, > > first of all apologies for asking such a newbie question but I am trying > to learn how to exploit buffer overflows and therefore wrote a little > program to exploit. This little program has the following permissions: > > $ ls -la test1 > -rwsr-sr-x 1 root root 17164 Oct 8 01:25 test1 >

[Full-disclosure] HT vulnerability & vendors

2005-07-23 Thread Eduardo Tongson
Most of you may have heard about the HT vulnerability [1][2][3], here's an interview of the researcher. an interesting bit there was his vendor experience. [1] [2]

Re: [Full-disclosure] TCP/IP Stack Vulnerability

2005-04-18 Thread Eduardo Tongson
spond -- Eduardo Tongson ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] linux bugs (survival stories)?

2005-04-13 Thread Eduardo Tongson
helloworld.bin and run that from a noexec mount works on 2.6.12-rc2-mm3 -- Eduardo Tongson ___ Full-Disclosure - We believe in it. Charter: ht

Re: [Full-disclosure] linux bugs (survival stories)?

2005-04-12 Thread Eduardo Tongson
[]) { printf("Hello world!\n"); return 0; } % sudo mount -o remount,noexec /tmp % wget http://pornadmin.net/~tongson/linux/helloworld.bin -O /tmp/helloworld.bin % /lib/ld-linux.so.2 /tmp/helloworld.bin Hello world! -- Eduardo T

Re: [Full-disclosure] linux bugs (survival stories)?

2005-04-12 Thread Eduardo Tongson
cause all of them are addressing *userspace* bugs. Stuff like for example circumventing noexec flags on mounted filesystems still is trivial even with the latest and development versions of the linux kernel I don't know if you could even consider it that sad. --

Re: [Full-disclosure] openbsd 3.8 under GPL?

2005-04-01 Thread Eduardo Tongson
> I heard that Theo is actually hired by Red Hat and that the whole > OpenBSD project is gonna be bought by Red Hat. It's april 1 or Theo and RMS are actually brothers. -- Edua