There were some trojans back in the day that would imitate normal browsing
(proxying cnn.com for instance) and it'd stuff a encrypted command packets
in there.
Combine that with a load balancing check-back time in the response, you can
probably support a very large number of bots on a single
I like the idea of advertising a 'free * for your phone' around interesting
targets, perhaps posting fake adverts in the DC subway system? I think
people will trust print more than web and jump at the opportunity to scan
and install anything.
-Travis
On Sun, Sep 11, 2011 at 12:04 AM, Augusto
Maybe he should build a vulnerability into each version, so he can announce
each new version with the disclosure and satisfy your constraints.
-Travis
On Wed, Aug 10, 2011 at 10:44 AM, Steven Pinkham steve.pink...@gmail.comwrote:
valdis.kletni...@vt.edu wrote:
On Tue, 02 Aug 2011 22:17:58
nothing.
On Wed, Aug 3, 2011 at 5:08 PM, RandallM randa...@fidmail.com wrote:
have you heard much about the #RefRef tool? What so unique and hasnt
been done or triedd before?
--
been great, thanks
___
Full-Disclosure - We believe in it.
tl;dr
ACID IS A LOT OF FUN AMIRITE?
-TRAVIS
On Sun, Jun 12, 2011 at 8:36 PM, Christian Sciberras uuf6...@gmail.comwrote:
Fractal fractal fractal, even us that coined the concept can't keep it
going forever.
Seems evident that each subsystem looses key aspects of its parent, this
might turn
LOL @
A timing attack on ssh passwords over the net?
and
I think its just a bruteforce.
-Travis
On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia
chuksjo...@gmail.com wrote:
I think its just a bruteforce.
On 6/6/11, Andreas Bogk andr...@andreas.org wrote:
Excerpts from
Will you be presenting at BlackHat?
-Travis
On Mon, Jun 6, 2011 at 9:57 AM, Benji m...@b3nji.com wrote:
(picture found by looking through dir)
On Mon, Jun 6, 2011 at 2:54 PM, Andreas Bogk andr...@andreas.org wrote:
Excerpts from Benji's message of Mo Jun 06 15:32:11 +0200 2011:
messages to a public forum like this
is a bit dumb. If you're trying to say something, just say it.
Ryan
- Original Message -
From: T Biehn tbi...@gmail.com
To: full-disclosure Full-Disclosure@lists.grok.org.uk
Sent: Thursday, March 10, 2011 1:22:50 PM GMT -05:00 US/Canada Eastern
I'm pretty sure the ps3dev crowd aren't responsible for any sort of breach
of Sony's servers. But, I guess, if you didn't understand what they were
talking about you'd see 'hack' and 'psn'.
-Travis
2011/5/1 アドリアンヘンドリック unixfreaxj...@gmail.com
Dear operators of Full disclosure,
Please do not
I sent this only to Romain,
Some other posters wanted to know the other scenarios.
-Travis
-- Forwarded message --
From: T Biehn tbi...@gmail.com
Date: Wed, Apr 6, 2011 at 10:33 AM
Subject: Re: [Full-disclosure] password.incleartext.com
To: Romain Bourdy achil...@gmail.com
SA: R8P6PtAlwn2bQobnedI2g7TxgqL4n091Fcq44nRh6CY-
L: qCb_hz5hQVQezObhN.VP8HYkBdubli1el0xDUxDpvrU-
SO:?
V:?
Do the replace live: value key=gallery.gallery-urllocalhost/value
Also,
First!
-Travis
--
FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C
Working on something, I'm wondering about a few settings on Sammy's vs LG
tvs for YTV.
Shoot me an e-mail if you're interested!
-Travis
--
FD1D E574 6CAB 2FAF 2921 F22E B8B7 9D0D 99FF A73C
http://pgp.mit.edu:11371/pks/lookup?search=tbiehnop=indexfingerprint=on
http://pastebin.com/f6fd606da
You need at minimum 2x the number of IPs your target has to take it down.
Via proxies, bots, whatever.
Targets can implement per IP throttling/blacklisting. Which means you need
more than IPs than that.
IIRC Aol throttles connection attempts.
-Travis
On Tue, Dec 14, 2010 at 10:13 AM, Cyber
a+ troll.
-Travis
On Sun, Oct 31, 2010 at 9:24 AM, Christian Sciberras uuf6...@gmail.comwrote:
Only thing, there's the danger of someone using stolen certificates.
But I'm sure there's another fix for that.
In my opinion, all in all, you're creating a yet another overly complex
system with
Shit man, I was keeping notes for my class in pedantry, can't you two keep
it going for a few more days?
-Travis
On Wed, Sep 15, 2010 at 7:19 PM, Stefan Kanthak stefan.kant...@nexgo.dewrote:
Christian Sciberras wrote:
Yes. Once again: get your homework done!
You could setup a website that proxies submissions to virustotal, anubis (so
it's from the future) and retain the executables. Post this website to FD.
You could also deploy a botnet of your own and use them as honeypots then
jack the networks of the lower tier *ircbot fellows to expand your
This is fairly classic, not novel.
Your POC is fairly classic, not novel.
-Travis
On Wed, Jul 7, 2010 at 1:54 PM, BlackHawk hawkgot...@gmail.com wrote:
Hi list, i recently discovered a very small Windows XP bug, kind of
useless alone but that could be usefull in some scenarios.
Explanation:
I wonder if someone writes down all that pseudo-intellectual philosophical
bullshit that is so carefully crafted by FD members (myself included)?
Maybe I should:
???
Profit
-Travis
On Thu, Jun 24, 2010 at 5:45 AM, Walter van Holst
walter.van.ho...@xs4all.nl wrote:
On Thu, June 24, 2010 11:08,
Ouch dude:
http://www.cbc.ca/canada/toronto/story/2010/06/23/tor-g20-arrest.html
Guess you ate a dick too.
On Wed, Jun 16, 2010 at 7:05 PM, Byron Sonne blso...@halvdan.com wrote:
Looks like Andrew/weev/n3td3v finally gets to do what he likes the most
Performing fellatio on his fellow
Didn't Philip K. Dick wrote about this sort of thing in Radio Free Albemuth?
I doubt the search warrant will hold up in court.
-Travis
On Wed, Jun 16, 2010 at 9:27 AM, Milan Berger
m.ber...@project-mindstorm.net wrote:
Looks like Andrew/weev/n3td3v finally gets to do what he likes the
most
with no password which allows you to scrape
content you have a legal right to scrape that content.
-Travis
On Wed, Jun 16, 2010 at 11:10 AM, valdis.kletni...@vt.edu wrote:
On Wed, 16 Jun 2010 10:09:22 EDT, T Biehn said:
I doubt the search warrant will hold up in court.
Do you have any actual basis
Reminds be of Al Capone and tax evasion ;-)
Good ol' America.
On Wed, Jun 16, 2010 at 7:49 PM, T Biehn tbi...@gmail.com wrote:
Yes.
The FBI was investigating the ATT incident, presumably the ATT incident
was what the fed were serving against.
What possible valid search warrant could
like:
password would clearly be illegal to brute force.
An analogy to a case with CLEARLY AND EXPLICITLY defined law regarding
private property doesn't really seem to fit.
-Travis
On Wed, Jun 16, 2010 at 3:58 PM, T Biehn tbi...@gmail.com wrote:
So what grants you legal access to aol.com (HTTP
It's a good thing I ran that anti-hacker script!!!
On Fri, Jun 11, 2010 at 11:28 AM, Benji m...@b3nji.com wrote:
because when she gets 0wn3d she can be all like 'ruh roh, well, 0day
can happen to anyone'
On Fri, Jun 11, 2010 at 4:01 PM, Benjamin Franz jfr...@freerun.com
wrote:
On
Totally, I'd work on getting a dog too.
On Jun 11, 2010 12:20 PM, musnt live musntl...@gmail.com wrote:
On Fri, Jun 11, 2010 at 12:03 PM, T Biehn tbi...@gmail.com wrote:
It's a good thing I ran that a...
It's a good thing there is to be a local bomb squad near me.
http://www.cbc.ca/world/story
So far so good.
You've been able to go from t biehn - Travis Biehn - Bomber Article
(parent's names, city, state, country) - whitepages.com (Address and Phone
number) - (not clear on your jump here, did you google their name or for
the address?) Real estate listings.
Now to pull the SS and CC #'s
What the fuck.
On Mon, Jun 7, 2010 at 7:52 AM, hacxx20 hacx...@gmail.com wrote:
Hi,
I have been developing a tool in batch to block general malware for
some time now and recently i found an exploit that can add the
registry keys from a web browser.
Hacxx Anti Malware for Windows XP
Actually,
The code is clean (Yes I looked), other than him setting his website as the
search provider for IE.
-Travis
On Mon, Jun 7, 2010 at 10:49 AM, mrsta...@gmail.com wrote:
All it takes is one. Same with the email spamming crap
Sent on the Sprint® Now Network from my BlackBerry®
note, would anyone know how to uninstall this?
thx intentrnets.
On Mon, Jun 7, 2010 at 4:27 PM, T Biehn tbi...@gmail.com wrote:
Actually,
The code is clean (Yes I looked), other than him setting his website
as
the
search provider for IE.
-Travis
On Mon, Jun 7, 2010
I don't think UT is anyone's 'boy toy.' The guy is massive.
I'm sure he'll meet all kinds of experienced scam artists and criminals and
learn all sorts of neat things for use when he gets out.
-Travis
On Tue, Jun 1, 2010 at 6:13 AM, Anders Klixbull a...@experian.dk wrote:
I'm so sorry that
Bipin;
Firstly: You know what you did.
Secondly: Screw you for not crediting the master.
(I am the master, you are the dog.)
Greetz Love, Harmonious Profitability!
-Travis
On Wed, May 26, 2010 at 1:03 AM, valdis.kletni...@vt.edu wrote:
On Wed, 26 May 2010 10:15:32 +0545, Bipin Gautam said:
Misuse, mis-implementation of cryptographic primitives.
Errors in state based code, skipping authentication states and moving to
authenticated states, for instance.
For everything else see whatever publication.
Why did I answer this :(
-Travis
On Mon, May 31, 2010 at 8:56 AM, Christian
If you thought this article had any merit then it is true for you.
Swap over to Hamburger University kids, nothing to see here.
If you thought this article was bullshit then that is true for you.
It's just too bad this wasn't by design, eh?
-Travis
On Mon, May 31, 2010 at 12:04 PM, Georgi
individuals work for your sourcefires of the world.
-Travis
On Mon, May 31, 2010 at 5:14 PM, Christian Sciberras uuf6...@gmail.comwrote:
Regardless of merit, it is open to debate. Let's just hypothesize that it
was.
;-)
On Mon, May 31, 2010 at 6:23 PM, T Biehn tbi...@gmail.com wrote
A proxy or 'web-service firewall' prior to the 'protected' web service is
the correct answer.
Obfuscating the client code be it JavaScript, Interpreted (Java, CLR, etc)
or Native ignores the notion that the client controls hardware, OS, the
executing process and the network.
Signals can be
It's important to create a thriving market for these utilities, and as part
of the internet community to foster their development.
The 'malicious code' - profit ecosystem is paramount to maintaining order
between corporate, governmental and public interests.
lol.
-Travis
On Mon, May 3, 2010 at
Which is why this analogy is flawed.
-Travis
On Mon, May 3, 2010 at 12:27 PM, Marsh Ray ma...@extendedsubset.com wrote:
If your knife is found in a dead body, you've going to have some
explaining to do.
If it turns out that you're a restaurant supply business that sells 3000
of that model
I once logged a guy on IRC who said he was going to packet me off the face
of the tubes.
So I sent my Mirc logs to the FBI when i lost my AOL connection.
He went to jail forever.
-Travis
On Mon, May 3, 2010 at 1:56 PM, J Roger securityho...@gmail.com wrote:
I can see that you have no
on irc after a paypal payment cleared your account probably
wouldn't be much of a defense in court.
On Thu, Apr 29, 2010 at 12:05 PM, T Biehn tbi...@gmail.com wrote:
Or you could just auction it off to the 'highest bidder.'
-Travis
On Tue, Apr 27, 2010 at 6:48 PM, J Roger securityho
It could be used as a technique for defeating the login images used as
two-factor-authentication by some online services.
The application of using filesize to fingerprint an image is somewhat novel.
This is a decidedly 'old' vector, though.
-Travis
2010/4/21 Владимир Воронцов
Hey, you actually posted information! Congrats!
Did you learn about this 'information channel' from your numerous 'blackhat'
friends?
-Travis
On Apr 22, 2010 2:17 PM, Dan Kaminsky d...@doxpara.com wrote:
Also, Billy Hoffman has done a lot of fun work in this space, see
Awesome. A+ ruin.
2010/4/19 Erez Metula erezmet...@appsec.co.il:
Hi all,
I'm happy to announce about a new version of ReFrameworker V1.1 !
ReFrameworker is a general purpose Framework modifier, used to reconstruct
framework Runtimes by creating modified versions from the original
If there were an account lockout after 5 tries would you be telling us
about how there was a DOS vector on the same software?
-Travis
On Mon, Apr 5, 2010 at 4:35 PM, MustLive mustl...@websecurity.com.ua wrote:
Hello Full-Disclosure!
I want to warn you about security vulnerabilities in TAK
, Haris Pilton harispilto...@gmail.com wrote:
On Tuesday, March 30, 2010, T Biehn tbi...@gmail.com wrote:
Nah, I'm saying a GSM jammer would block your prepaid cell signal.
So if your adversary were to cut the power, cut the net AND jam GSM
you'd be out of luck in getting notification.
Very tru
Buy a prepaid cell, rig your comp phone up to a battery backup.
Breakout board on your Serial port, or from a USB-DB9 RS232 adapter.
Have the text messaged banged out on the prepaid, rig wires from the
breakout board to the cell phone, rig wires from your security sensors
into your breakout
on your roof,) pager, etc.
-Travis
On Tue, Mar 30, 2010 at 10:39 AM, ja...@smithwaysecurity.com wrote:
Good idea u saying also I should by a gsm jammer this a good idea I will
try.
Sent from my iPhone
On Mar 30, 2010, at 11:30 AM, T Biehn tbi...@gmail.com wrote:
Buy a prepaid cell, rig your
HELLO AND THANK YOU FOR YOUR NOTICE I WILL QUICKLY DOWNLOAD THESE
APPLICATIONS AND ERADICATE MY EVIL STREAMS.
On Sun, Mar 28, 2010 at 10:15 PM, evil fingers
contact.fing...@gmail.com wrote:
StreamArmor is the sophisticated tool for discovering hidden alternate data
streams (ADS) as well as
This will cause segmentation of the 'moderate trolling list' market.
I am impressed at your trolling prowess John, you're a natural.
-Travis
On Wed, Mar 24, 2010 at 2:17 PM, Paul Schmehl pschmehl_li...@tx.rr.com wrote:
--On Wednesday, March 24, 2010 15:33:54 + John Cartwright
Excellent point.
Travis
On Fri, Mar 19, 2010 at 12:24 PM, james o' hare
jamesohar...@googlemail.com wrote:
On Thu, Mar 18, 2010 at 6:42 PM, Fetch, Brandon bfe...@tpg.com wrote:
But wait! That paper fingerprint can be captured and added to the RFID
data already saved!
*tongue firmly in
X,
The point is that material isn't consistent.
Duh.
-Travis
On Mar 19, 2010 4:58 PM, mrx m...@propergander.org.uk wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Consider a production line for printing anything that...
sample of the material printed/magnetised or otherwise marked during
What 'limits'? What 'acceptable range' are you talking about?
I think they scan the surface doing pit depth / pit counts like an expensive
cd reader.
Within this presumption, you have to fingerprint either the whole document
or a small square. It cannot be duplicated, it cannot be used to
Ridiculous.
Generate some valid, non-far-fetched use-cases to justify this if I'm wrong.
-Travis
On Thu, Mar 18, 2010 at 11:21 AM, james o' hare
jamesohar...@googlemail.com wrote:
On Thu, Mar 18, 2010 at 3:17 PM, Gadi Evron g...@linuxbox.org wrote:
I saw this release today, and just had to
, james o' hare
jamesohar...@googlemail.com wrote:
On Thu, Mar 18, 2010 at 3:36 PM, T Biehn tbi...@gmail.com wrote:
Ridiculous.
Generate some valid, non-far-fetched use-cases to justify this if I'm wrong.
The Mossad going to Dubai and assassinating people
in hotel rooms, then I'm all
I've heard about these ninjas, the only way to escape their powers is
a ten-strip to your face.
On Tue, Mar 2, 2010 at 11:19 AM, Benji m...@b3nji.com wrote:
If Yahoo has ninjas, what does Google have ?! @#!
Sent from my iPhone
On 2 Mar 2010, at 16:08, James Rankin kz2...@googlemail.com wrote:
Simon: What you need is a constant source of income. I suggest you
study TAO Spam (more than just inboxing, mind you.)
You will need an anonymous corporation for fund intake. You will want
a business bank account. You will want to transfer the funds that come
into your account into electronic
Alzo see: USB DMA.
On Fri, Feb 26, 2010 at 8:29 AM, McGhee, Eddie eddie.mcg...@ncr.com wrote:
Its simply using USB autorun to launch and install itself, not sure how much
it is picked up but tbh you could build one yourself possibly with the
features you need, just look into getting some
Jonathan,
There are a few things you can do if the target of a government
investigation. First and foremost you must acquaint yourself with the
preeminent guide to the infinite investigative journeys: Kafka's The
Trail. If you are lacking in literary concentration Orson Welles
directed a very
Kafka's The *Trial. My sincere apologies.
On Mon, Feb 22, 2010 at 12:51 PM, T Biehn tbi...@gmail.com wrote:
Jonathan,
There are a few things you can do if the target of a government
investigation. First and foremost you must acquaint yourself with the
preeminent guide to the infinite
Rainbowcrack-Online was doing precomp dictionary attacks in conjunct
with rainbowtables in 2k5.
The hype spike for RC tables was back in 2k4.
You're off by 5 years Christian.
-Travis
On Thu, Feb 4, 2010 at 7:21 AM, McGhee, Eddie eddie.mcg...@ncr.com wrote:
Are you serious? People have been
No you don't understand, your premise is shit. Research what's already being
done instead of trying to improve what you don't understand.
lol @ ddos.
On Jan 26, 2010 11:09 PM, Bipin Gautam bipin.gau...@gmail.com wrote:
Enough noise, Lets wrap up:
Someone said: Forensics requires more than
You made the argument against youself; apparently you didn't comprehend the
points made in 90% of the on-topic responces to this thread.
On Jan 27, 2010 9:34 AM, Bipin Gautam bipin.gau...@gmail.com wrote:
McGhee T Biehn !
Thankyou for putting up your best argument sadly that is the
BEST
examiners do, they are tool dependent).
(i wish to make fun of you, but maybe another email! ;)
-bipin
On 1/27/10, T Biehn tbi...@gmail.com wrote:
You made the argument against youself; apparently you didn't comprehend the
points made in 90% of the on-topic responces to this thread
Entropy vs zeros vs random content.
Plausible deniability will only be there if there is legitimate data
that looks like it's been used and the prosecutor cannot construe any
of your data as that used for wiping or otherwise obscuring the data
on your drive. If you don't have this you better
Oh yeah, another note: If you use a chaining block cipher than you
only need to wipe the first block to make the rest of your data
unrecoverable. Most FDE's actually use a pw to decrypt the actual
decryption key, that block functions much the same, if you can wipe
that then the rest of the data is
Overwritten files require analysis with a 'big expensive machine.'
I doubt they ever recover the full file.
-Travis
On Tue, Jan 26, 2010 at 11:04 AM, Christian Sciberras uuf6...@gmail.com wrote:
I was thinking, since all this (reasonable) fuss on wiping a disk over 10
times to ensure
take bluerays vs dvds for example.
On Tue, Jan 26, 2010 at 5:11 PM, T Biehn tbi...@gmail.com wrote:
Overwritten files require analysis with a 'big expensive machine.'
I doubt they ever recover the full file.
-Travis
On Tue, Jan 26, 2010 at 11:04 AM, Christian Sciberras uuf6...@gmail.com
I should have brought up the increased density problem Valdis, excellent points.
-Travis
On Tue, Jan 26, 2010 at 1:26 PM, valdis.kletni...@vt.edu wrote:
On Tue, 26 Jan 2010 11:11:52 EST, T Biehn said:
Overwritten files require analysis with a 'big expensive machine.'
Assuming a disk drive
Unknown malware? Infections recently deleted by A/V?
The realm of data ownership is ridiculous. If I run an wifi AP with
WEP or no auth, my router keeps no logs, and my computer is a host to
malware then I would imagine that I cannot be convicted of a computer
crime without verification by
Do you really want to be buying
an entire operating system from somebody who just admitted they can't even
produce a workable browser with all their resources?
Valdis makes the novice assumption that people consider valuations of
this sort when buying the newest iteration of Microsoft products.
me directly.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message - From: T Biehn tbi...@gmail.com
To: Jeff Williams jeffwilli...@gmail.com
Cc: MustLive mustl...@websecurity.com.ua;
full-disclosure@lists.grok.org.uk
Sent
Hmm,
Wouldn't it be more useful to the sec community to have a algorithm
that abstracts at the -interpreted- content level? That is when
analyzing binaries I wouldn't think that this would classify two with
near identical functionality together, even though it is removing a
significant chunk of
Hey MustLive!
If you read the HTML specification you can find all sorts of XSS
attack vectors that people just assumed would be redundant to write
entire articles on!
Here!
http://www.w3.org/TR/REC-html40/interact/scripts.html
-Travis
On Sun, Jan 3, 2010 at 10:29 PM, Jeff Williams
:41 PM, T Biehn tbi...@gmail.com wrote:
Hmm,
Wouldn't it be more useful to the sec community to have a algorithm
that abstracts at the -interpreted- content level? That is when
analyzing binaries I wouldn't think that this would classify two with
near identical functionality together, even
This is an orgiastic dump of information, you must really hate ETB; or
you must be really excited for lulz.
-Travis
On Tue, Dec 29, 2009 at 5:23 AM, Cilia Pretel Gallo
cpretelga...@yahoo.com wrote:
I've recently discovered a security hole on the modems (which double as
routers) used by a
for ETB's netblocks would not be an obvious
first step.
Ahem.
-Travis
On Tue, Dec 29, 2009 at 11:36 AM, Lee ler...@gmail.com wrote:
On Tue, Dec 29, 2009 at 10:23 AM, T Biehn tbi...@gmail.com wrote:
This is an orgiastic dump of information, you must really hate ETB; or
you must be really excited
There are no fundamental truths. That's the only axiom you can really
rely on. The acceptance of this fact is the first on the road to
enlightenment... or Schizophrenia.
Thats all for now, the suited men from a 1950's spy flick are watching
me from a vintage crown vic. Joke's on them, I've
Any hexadecimally represented 16 bytes is obviously an MD5.
For those interested in finding signal where there is none:
LM hashes are 16 bytes, but are actually two concatenated 8 byte DES hashes.
On Tue, Dec 1, 2009 at 2:52 PM, McGhee, Eddie eddie.mcg...@ncr.com wrote:
N3td3v i am Scottish and
Can't you make a good hunk of low-risk cash by 'pretending' to be a
money mule? (Profile: 20s, looking for 'easy' work.)
-Travis
On Tue, Oct 6, 2009 at 8:40 AM, RandallM randa...@fidmail.com wrote:
...when I grow up Daddy, I want to be a Money Mule!
--
been great, thanks
a.k.a System
VK, obviously you don't own the account you have them send the money to.
You just happen to have an 'entangled' ATM card.
-Travis
On Tue, Oct 6, 2009 at 11:00 AM, valdis.kletni...@vt.edu wrote:
On Tue, 06 Oct 2009 10:46:19 EDT, T Biehn said:
Can't you make a good hunk of low-risk cash
Prepaids can be had in the US and Canada sans ID. Fake IDs cheap, easy to get.
DIDs are cheap, usually free.
How many of those nett'd households have VoIP phone service? Hijack
inbounds for re-routing to your own (free) SIP server provider?
Implementing some sort of automated call verification
You could run IP against spam bl's, ISC lookup, dronebl, proxybl for flagging.
-Travis
On Tue, Sep 22, 2009 at 2:36 PM, Steven Anders anders...@gmail.com wrote:
Thanks Andrew for the suggestion.
Yes, it does make sense to do all the checks you described. These days, as
manual process, we just
Mapping weev-IRL has no real impact, as he has either an entirely
different identity or a DBA, if this was a fictional account on weev's
part it would be certainly easy, effective, and feasible for him to
change a single letter in his name.
For the next part, you might want to grab some calming
That's cool, your mom still
superfluous.
-Travis
On Fri, Aug 28, 2009 at 12:50 PM, Gavinnetmatt...@gmail.com wrote:
2009/8/28 T Biehn tbi...@gmail.com:
Dear Gavin:
My internet pseudonym is List.
I suggest that you stop spreading libel about me on the internet or I
will be forced
I'm sure the man already has his big eye on Michael, especially since
his last name is Crook, these are facts they wouldn't miss.
On Tue, Aug 25, 2009 at 10:49 AM, valdis.kletni...@vt.edu wrote:
On Tue, 25 Aug 2009 10:07:07 -, Michael Crook said:
~ John Doe / n3td3v
Do what thou wilt shall be the whole of the law
On Fri, Aug 21, 2009 at 11:16 AM, Paul Schmehl pschmehl_li...@tx.rr.com wrote:
--On Friday, August 21, 2009 04:03:40 -0500 netdev.doc...@hushmail.com wrote:
Hey weev.
Now that the FBI and everything are all out to get you, I was
Very exclusive membership of notable fallators. Avoid option 5.
-Travis
On Tue, Aug 11, 2009 at 5:00 PM, anti...@hushmail.com wrote:
Tell your faggot friend he can't be in our club.
On Tue, 11 Aug 2009 16:24:09 -0400 someone lawyer
some...@lawyer.com wrote:
List,
My client is genuine, he
Richard,
The approach I outline in my post is the correct one, that is, making
it computationally expensive to crack. I'm not trying to protect
passwords, think anonymizing account numbers and the like.. That is,
the possible combinations are a set that is unacceptably small.
Without an expensive
While your publications are slightly pretentious (who am I to talk?) I
applaud your idealism in an age of rampant cynicism.
Don't log into any US Government systems looking to liberate secret
UFO docs tho, that gets you extradited.
A small suggestion, do not use a consistent pseudonym, post
n3td3v, ureleet, and anti-sec are actually all Hitler, posting after
being recently unfrozen from cryogenic sleep. He is using this as part
of his black magic scheme to bring back nazi occultism and rule the
world once again.
Careful review of all posts shows the superstructure of a subconscious
:26 PM, valdis.kletni...@vt.edu wrote:
On Sun, 09 Aug 2009 20:14:57 EDT, T Biehn said:
Soliciting random suggestions.
Lets say I have data to one-way-hash.
The set has 9,999,999,999 members.
Actually, if you're using a 10-digit decimal field, you probably have 10**10
possible members - all
SIGNED MESSAGE-
Hash: SHA1
Travis,
On Mon, 10 Aug 2009 22:50:32 +0200 T Biehn tbi...@gmail.com wrote:
I don't have control over the set. Sorry I wasn't more explicit
about
this. Although, it should have been obvious that the solution
needed
to satisfy the conditions:
Data to one way hash
Soliciting random suggestions.
Lets say I have data to one-way-hash.
The set has 9,999,999,999 members.
It's relatively easy to brute force this, or create precomp tables.
So you add a salt to each.
Still easy to brute force.
If you were to create it in such a way that the hash could exist
Anyone been to this?
http://www.iacr.org/conferences/crypto2009/program.html
Worth it?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Sorry to spam...
http://www.iacr.org/cryptodb/data/author.php?authorkey=207
So excited to find non-pay papers... Everything on IEEE and ACM reqs
you shell out cash.
On Fri, Jul 31, 2009 at 10:20 AM, T Biehntbi...@gmail.com wrote:
Anyone been to this?
Travis wonders when Fredrick Diggle has time for his highly trained
and effective security enterprises knowing that he spends most of his
time grooming monkeys and feeding giraffes, which is very difficult to
do when the monkeys decide to start an inter-species war because the
giraffes are
This is a joke, right?
-Travis
On Mon, Jul 27, 2009 at 11:53 AM, YGN Ethical Hacker Group
(http://yehg.net)li...@yehg.net wrote:
CodeIgniter Global XSS Filtering Bypass Vulnerability
Discovered by:
Aung
1) Register 'Anti-Sec *' with Free Mail Provider
2) Claims to Full Disclosure
3)
4) PROFIT.
On Mon, Jul 20, 2009 at 10:16 AM, BlackHawkhawkgot...@gmail.com wrote:
wasn't anti-sec the one fighting against guys who share exploits with
the world so script kiddies use them?
lol, now those
Is there any nudity in this film?
-Travis
On Fri, Jul 17, 2009 at 3:24 AM, Valdis'
Mustachesecuritas.must...@gmail.com wrote:
To whom it may concern:
I am frankly at a loss as to why Mr. Wallace has decided to hitch his pasty
and pockmarked Scottish girth to the recent resurgence of the
dox pull got doxed?
ironic.
On Fri, Jul 17, 2009 at 1:16 PM, anti-anti...@hushmail.com wrote:
LMH, can you and your Security Justice friends please get laid
and leave the rest of us alone? This Anti-Sec rebranding is more
boredom.
Oh- we know where you work, and who some of you really are. I
I was about to tarball my directory of XSS 0days for them...
Thanks Ureleet!
/typical fd post
-Travis
On Thu, Jul 16, 2009 at 8:54 AM, Ureleeturel...@gmail.com wrote:
careful. n3td3v has found his way back onto the list. he is now
posting as ant-sec. he is hacking and spreading
1 - 100 of 201 matches
Mail list logo
