Hi
I concur that we are mainly discussing a terminology problem.
In the context of a Penetration Test or WAPT, this is a Finding.
Reporting this finding makes sense in this context.
As a professional, you would have to explain if/how this finding is a
Weakness*, a Violation (/Regulations, Compli
they are more detailed. Inspections are more about code smell, if you
> know what I mean. So there aren't specific files, lines, etc.
>
> Harry
>
>
>
> On 20/02/2014 08:39, Jerome Athias wrote:
>>
>> It is valuable
>> I concur (# line of code, file names and
It is valuable
I concur (# line of code, file names and CVE submission).
I would also suggest to use common classifications (or a mapping) such
as OWASP TOP10, WASC, CWE (CAPEC) for your criterias.
Providing details regarding the methodology or/and tools used for the
assessment would be also valu
Hi
I would like to know if you guys have links/background about a "security by
destruction principle"?
This question follows the behavior observed recently by a bank (I won't
reveal tHiS Big bank name), multiple times (including but not limited to my
case) where they simply block, retain and destr
Hi,
fyi
I've seen Chrome (on Mac OSX) doing at least two requests to the
"first domains" of the results of a search
It appears to be like a pre-cache functionality, however I didn't
investigate more (so I don't know if it is related to pre-load / Do
Not Track)
I wonder how it could be used in comb
tk3.rylyo.com/14/usb.htm?p=cf&mel=jer...@netpeas.com&adm=alert('p0wned');&l=fr
smime.p7s
Description: Signature cryptographique S/MIME
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and spo
)
Thanks
My 5 euro cents
--
Jerome Athias - NETpeas
VP, Director of Software Engineer
Palo Alto - Paris - Casablanca
www.netpeas.com
-
"The computer security is an art form. It's the ultimate martial art."
smime.p7s
Description: Signature
--
ID chan# line-id board-id address name
00 1 00 00804bf8a4 enet0
01 2 00 00804bfe34 enet1
MT882a>
--
Jerome Athias - NETpeas
VP, Director of Software Engineer
Palo Alto - Paris - Casablanca
Mobile: +212665346454
www.netp
(BlackHat website /
Packetstorm...)
Anyway, to publish the source code, i would like to collaborate with a
.Net programmer to share a better/clean/more understable code.
Anyway, in short it is an update of http://insecure.org/stf/smashstack.html
--
Jerome Athias - NETpeas
VP, Director of Software
ons? supp...@exploitpack.com
>
> Official site: http://exploitpack.com
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
--
J
YES WE sCAN!
> On Saturday 18 Feb 2012 20:29:02 Jerome Athias wrote:
>> can you (do you want) to share to the world?
>>
>> thanks
> It's in trunk of openvas-manager. It's implemented as an XSLT.
>
> Tim
___
Ful
Original Message-
From: scap-...@nist.gov [mailto:scap-...@nist.gov] On Behalf Of Kurt Seifried
Sent: Thursday, February 16, 2012 6:55 PM
To: Multiple recipients of list
Subject: Re: Vulnerability conceptual map
On 02/16/2012 06:11 AM, Jerome Athias wrote:
For me,
The problem:
we m
maybe useful for malwares?
http://www.labnol.org/internet/google-dmca/19256/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
http://code.google.com/p/capirca/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
IVIL is not EVIL
http://forum.pfsense.org/index.php/topic,46401.0.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
http://pfsense.bol2riz.com/downloads/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
It's in trunk of openvas-manager. It's implemented as an XSLT.
Sujet: Re: [Full-disclosure] Operation Bring Peace To Machines - War Game
Date : Sat, 18 Feb 2012 20:19:58 +
De :Tim Brown
Pour : Jerome Athias
OpenVAS already has a partial IVIL implementation, I know
Information here:
http://www.frhack.org/frhack-cfp.php
CFP extended : + 1 month
"*Hacker*
1. A person who enjoys exploring the details of programmable systems and
how to stretch their capabilities, as opposed to most users, who prefer
to learn only the minimum necessary. RFC1392, the Internet
1) one typo in the french word "malveuillantes"
it should be writen: "malveillantes"
2) "privateurs" comes from the latin word "privatus"; "/privative software"
http://venezuela-us.org/2011/08/16/u-s-programmer-richard-stallman-highlights-benefits-of-free-software/
/it is just an "open your mind"
.org
Pour : Jerome Athias
Les erreurs, ou faiblesses, dans le code des logiciels sont exploitées
par des méchants.
Pire encore, d'autres méchants introduisent des fonctionalités
malveuillantes dans leurs programmes privateurs. Par exemple,
Windows, MacOS, iOS (dans les iThing
"Your sound card works perfectly."
"Enjoying yourself?"
"It doesn't get any better than this!"
"Ready to serve."
"Yes?"
"My lord?"
"What is it?"
http://seclists.org/nmap-dev/2010/q3/278
Good luck!
/JA
Ref: http://www.wowwiki.com/Quotes_of_Warcraft_II
__
you or any of your I.M. Force be caught or killed, the
Secretary will disavow any knowledge of your actions.
This tape will always stay here.
--
Jerome Athias - NETpeas
VP, Director of Software Engineer
Palo Alto - Paris - Casablanca
www.netpeas.com
s visited from the referring site.
>
> More detailed write up with few examples is here:
> http://mixedbit.org/referer.html
>
> Cheers,
> Jan
>
> ___
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.u
k.org
[ - Information for attendees - ]
More information will be available soon on our website
http://www.frhack.org
or feel free to contact us at: frh...@frhack.org
We will also celebrate our new Hacker Space
and an Hacking challenge will be organized during the events.
Thanks and see you soon for FHRA
I hope, dear, that the code is better than your english.
Le 17/12/2010 08:26, Dave Nett a écrit :
> Deer List,
>
> Everything has in the title. I has to be a secret agent in the past so I
> know the project code.
>
> Use with awarenes.
<>___
Full-Discl
I did a quite similar script for oscommerce, more in a rainbowtables
building way.
$password = md5($salt . $plain) . ':' . $salt;
http://pastebin.com/mtciPcTM
Regards
/JA
http://www.linkedin.com/in/jeromeathias
"The computer security is an art form. It's the ultimate martial art."
smime.p7s
Hi,
I still not have read all your paper, but my first word is congratulations!
That's an hard job.
Since a quick search didn't give a result for it, and maybe others could
be interested:
The AVISPA (Automated Validation of Internet Security Protocols and
Applications) project aims at developing
g (and nowhere else)
It will be updated with everything regarding the conference.
- If you have questions, want to send us additional material, or have
problems, feel free to contact us at: [EMAIL PROTECTED]
Thanks and see you soon at FHRACK!
Jerome Athias, Founder, Chairman, Program Coordinator
/JA
Gadi Evron a écrit :
> On Tue, 12 Dec 2006, Joxean Koret wrote:
>
>> Wow! That's fun! The so called "Word 0 day" flaw also affects
>> OpenOffice.org! At least, 1.1.3. And, oh! Abiword does something cool
>> with the file:
>>
>
> This is NOT a 0day. It is a disclosed vulnerability in full-di
Dear Mi/aster Liu Die Yu,
I would like to let you know that i know you and i greatly respect your
work.
I'm not a security expert, but when i speak about IE vulnerabilities; i
speak about Liu Die Yu
just as
when i speak about oracle vulnerabilities, i speak about *Litchfield
when i speak about
Juha-Matti Laurio a écrit :
>
> It appears that the timestamp of updated Vgx.dll library is 18th
> September, 2006.
so M$ knows timestomp! http://metasploit.com/projects/antiforensics/
:-P
___
Full-Disclosure - We believe in it.
Charter: http://lists.g
Hi,
this was also nicely described for ASP by Brett Moore
http://www.security-assessment.com/Whitepapers/0x00_vs_ASP_File_Uploads.pdf
(French translation :
https://www.securinfos.info/jerome/DOC/0x00_vs_ASP_File_Uploads_FR.pdf )
Best regards
/JA
3APA3A a écrit :
Author: ShAnKaR
Title: multi
ExplorerXP : Directory Traversal and Cross Site Scripting
Software : ExplorerXP
Description :
Two vulnerabilities have been discovered in ExploreXP, which can be
exploited by malicious people to conduct directory traversal and Cross
Site Scripting attacks.
Directory Traversal : http://[target]/
Ophcrack is a Windows password cracker based on a time-memory trade-off
using rainbow tables. This is a new variant of Hellman's original
trade-off, with better performance. It recovers 99.9% of alphanumeric
passwords in seconds.
Changes:
v 2.2 - (feature) support of the new table set (alphanum +
Hi Fred,
nice paper
btw, what about H.323?
Regards
/JA
https://www.securinfos.info
- Original Message -
From: "Frederic Charpentier" <[EMAIL PROTECTED]>
Cc:
Sent: Thursday, March 23, 2006 3:43 PM
Subject: [Full-disclosure] VoIP Security whitepaper : a layered approach
> Hi FD,
> Our
his vulnerability was discovered by Jerome Athias.
https://www.securinfos.info/english/
#!/usr/bin/perl
# #
# ArgoSoftFTP.pl - PoC exploit for ArgoSoft FTP Server #
# Jerome Ath
$50,000 for reporting BSA that your neighbor uses an illegal version of
Window$ !
https://reporting.bsa.org/usa/home.aspx
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secu
did someone tried to perform a "sound bruteforce attack" against something
like a voice-password protected PDA?
/JA
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Hey guy, do you know something about XSS
1) Phishing?
2) encoded URL, UTF8...?
3) cookie steal?
...
it'll not be difficult to reproduce a website and have an url difficult
to understand for a basic user...
sure it's harder to spoof the url in the browser...
//
Native.Code a écrit :
> What a lame
"Applying the Principle of Least Privilege to User Accounts on Windows XP"
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/luawinxp.mspx
/JA
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter
http://www.nist.org/nist_plugins/content/content.php?content.25
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Note that you can register or unregister shimgvw.dll to enable or
disable WPFV:
- Disable: Start > Run > regsvr32 /u shimgvw.dll
- Enable: Start > Run > regsvr32 shimgvw.dll
You can also use these registry files:
https://www.securinfos.info/english/WPFV_disable.reg
https://www.securinfos.info/e
Hi,
maybe something similar to this:
http://seclists.org/lists/vuln-dev/2005/Feb/0007.html
Frank Dietrich wrote:
>Hi to all readers,
>
>this day I found a annoying misbehavior in Windows XP professional
>with SP2.
>
>I had a directory with some Java sources (*.java) and some backup
>files (*.j
Quite old Mister...
http://archives.neohapsis.com/archives/dailydave/2005-q3/0193.html
Allan zhang wrote:
>When I logon to cicso.com, I got the following message ;)
>
>
>===
>IMPORTANT NOTICE:
>
>* Cisco has determined that Cisco.com password protection has been
>compromised.
>* As a
Hi,
well, it's not new that some vulns are reported on personal websites and
public/private forums. Blog is quite the same as a little forum...
But many guys also send their researches to full-disclosure lists. And
that, often before to post them on their sites.
Another question that i'm asking t
btw Netscape is also affected...
smime.p7s
Description: S/MIME Cryptographic Signature
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
It is possible to remotely view the source code of web script files
though a specially crafted WebDAV HTTP request. Only IIS 5.1 seems to be
vulnerable. The web script file must be on a FAT or a FAT32 volume, web
scripts located on a NTFS are not vulnerable.
The information has been provided by In
It was posted by Andres Tarasco to full-disclosure allready
Additionaly:
1) french version of the advisory:
http://www.athias.fr/alertes-bulletins-securite/20050905_Microsoft.Windows_Validation.keybd_event.html
2) I use to use this trick to obtain SYSTEM privileges with just ADMIN
privileges:
Hi,
as you probably all know, Windows DLLs have different base addresses
across Windows/SP/languages
so i think it could be usefull to try to build a multi-lang opcodes
database, isn't it?
so, i have done VERY QUICKLY a little package based on a .BAT and some
tools :
Files included in the packag
http://trifinite.org/trifinite_stuff.html
/JA
http://www.athias.fr - Alertes et Bulletins de Sécurité
- Original Message -
From: "Mark Sec" <[EMAIL PROTECTED]>
To: ; ;
Sent: Wednesday, July 27, 2005 9:32 PM
Subject: bluetooth devices list ?
Hi,
you can try:
SYSTEM\CurrentControlSet\Services\LanManServer\Parameters\AutoShareServer
create a dword called AutoShareServer and set its
value to 0 (for a server) OR AutoShareWks=0 (for workstations). It removes all $ (hidden) shares EXCEPT IPC$ (need
reboot)
net share ipc$ /dele
2 things i remind myself...
1) http://seclists.org/lists/vulndiscuss/2004/Dec/0006.html
2) This is an answer of Thomas before a disclosure of some vuln that Secunia
found "at the same time" :
10/09/2004 19:40
Re: OpenOffice World-Readable Temporary Files Disclose Files to Local Users
Hi Jér
Hi,
http://secunia.com/advisories/16082/
Sophos Anti-Virus ZIP Archive Denial of Service Vulnerability
could be an answer.
You could also consider "BitDefender for Mail Servers Malware Detection
Bypass":
http://secunia.com/advisories/16085/
Regards,
JA
-
the file javaprxy.dll is present on my XP SP2 FRench (C:\WINDOWS\system32)
i have not tested the vuln yet
Regards
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - ht
Ok I think I get what you are saying, however to use this vuln, would
need to have a script running on a server some where that recieves the
username and password?
Or just based on what you have here this can be possible. If one does not
have knowledge of java script, all the would have to do i
My 2 eurocents:
http://www.multimania.lycos.fr/myaccount/?lsu_ssl=?_loginName=?_loginName=&lsu_err_msg=I%20LOVE%20XSS
http://trans.voila.fr/voila?systran_text=%3C/textarea%3E%3CBODY%20ONLOAD=document.write('I_LIKE_XSS!')%3E
Regards.
Jerome
___
Full-Disc
what about the IDN issue? ...
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
57 matches
Mail list logo