e _want_ null
> passwords. This is not a bug.
>
> On 6/22/05, class <[EMAIL PROTECTED]> wrote:
>
> OSXvnc for MACOSX allows you to setup a VNC server, the problem is
> the same as RealVNC, you can setup a null password without any
> warning; you can remotely scan wich OS is running
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OSXvnc for MACOSX allows you to setup a VNC server, the problem is the
same as RealVNC, you can setup a null password without any warning;
you can remotely scan wich OS is running this vnc and if yes/no
password setup.
http://lists.grok.org.uk/piper
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You have to breakpoint right before an instance in ntdll.dll which
looks like this:
cmp dword [ebp-20],esi
jne adress
mov eax,[UEF]
cmp eax,esi
je address
call eax
if I remember dword [ebp-20] points to 0x and esi to
0x (it should be
s it's passworded" isn't really a very helpful
> description, given that "password" is a noun! It sounds like
> dfind's developers really mean "Is configured to require a
> password". Again, you may wish to suggest a change of text to
> them.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> Of course, if you think you know of any viable attacks on VNC
> servers then feel free to get in touch.
sure I have mailed you a nice list of ip:5900 shomydeskt0p :) funny no
? good lines ? ;)
> The output that you've included just seems to show t
rus companies to come up with new detection methods
> which don't rely solely on checksumming of files.
>
> Robert Perriero Montclair State University
>
> On Thu, 2005-06-16 at 14:08 +0200, class wrote:
>
> [EMAIL PROTECTED] a écrit :
>
>> = Advisory:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] a écrit :
> = Advisory: Sophos doesn't recognize keylogger after string
> alteration =
>
> During a Penetrationtest RedTeam found out that Sophos Anti-Virus
> (SAV for short) won't recognize a keylogger as malware, after
> alteratio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have been interested today to look at the HOD exploit code for the old
MS04-031 remote netdde vulnerability. There is a scanner in it wich
help you to grab the computername via netbios if you are permitted.
But while testing it I found out and you p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
me I have AOL and it ownz your COX
John McGuire a écrit :
> I have Cox in Arizona and haven't had any problems at all this
> week.
>
>
> John McGuire
>
> -Original Message- From:
> [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
>
rflow. This was tested on the demo
> version of netvault. We considered mailing the vendor on this one,
> but figured we'd recieve the same response class did, which was
> none. So perhaps a second critical vulnerabilty will wake Bakbone
> up to their software faults.
>
> A no
uch as you reports a security hole we can not put all
> works on the ground and say yes: we are fixing it"
>
> What kind of bullshit is that! I am glad I am not a customer of
> theirs.
>
> What kind of man must you be to make them say "yes: we are fixing
> it"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
btw: *http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1009
*class a écrit :
> As a recall, there is now two months, the Hat-Squad has published 2
> high security risks still UNPATCHED for BakBone NetVault 6.x/7.x
> all versio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
As a recall, there is now two months, the Hat-Squad has published 2
high security risks still UNPATCHED for BakBone NetVault 6.x/7.x all
versions. In an Open Letter:
http://phx.corporate-ir.net/phoenix.zhtml?c=67723&p=irol-newsArticle&t=Regular&id=70
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
While replicating, it's possible to guess the OS and SP, in addition
you have the heap base address.
Conclusion: all needed for a skilled hacker to intrude a vulnerable
computer, however a script kiddie wont be able to do something because
each wrong
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
While replicating, it's possible to guess the OS and SP, in addition
you have the heap base address.
Conclusion: all needed for a skilled hacker to intrude a vulnerable
computer, however a script kiddie wont be able to do something because
each wrong
Application overview:
Sentinel LM is a software-based license management application
allowing application developers to implement multiple pre-built license
models with a single software development integration effort. Developers can
sell or deliver multiple license types simply by cha
Application overview:
Sentinel LM is a software-based license management application
allowing application developers to implement multiple pre-built license
models with a single software development integration effort. Developers can
sell or deliver multiple license types simply by cha
uhaus" <[EMAIL PROTECTED]>
To: "class 101" <[EMAIL PROTECTED]>
Sent: Friday, March 11, 2005 10:48 PM
Subject: Re: [Full-disclosure] [SPAM] Fw: Newest Internet Security Patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am not sure what attachment you removed, but
> nothing would have happened to the hacker, if he had not published his
> eye-catching stuff.
> the corporation wanted to punish this hacker because he somehow ruined
> their reputation ... and they did it successfully.
Omg and how is the reputation of ms ? oracle? phpbb ? ca ? etc .. is their
r
[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>;
Sent: Thursday, March 10, 2005 8:05 PM
Subject: RE: [Full-disclosure] 2 nice pop/pop/ret :) (update)
> >From: "class 101" Date: Wed, 9 Mar 2005 10:01:57 +0100
>
> Hi there class 101!
>
> > Here is the result
better is stops talking about thos fuckers at TEGAM,
To resume their job, they spend your money in court instead of to enhance
their crappy AV.
Cheers to my compatriot tena...
-
class101
Jr. Researcher
Hat-Squad.com
This might be helpful to spot out this fake
microsoft mail telling you to download the attachement.
It does several times that Im receiving it and I
guess many users trusts it's from ms but it is not.
(attachement removed from this mail), looks like
the sender is a wanadoo.fr host.
Details:
ProductName: Microsoft® Windows® Operating System
ProductVersion: 5.1.2600.2180
-
class101
Jr. Researcher
Hat-Squad.com
-
- Original Message -
From: "clas
-
- Original Message -
From: "class 101" <[EMAIL PROTECTED]>
To: "Dave Korn" <[EMAIL PROTECTED]>; "Full-Disclosure"
Sent: Thursday, March 10, 2005 11:33 PM
Subject: Re: [Full-disclosure] 2 nice pop/pop/ret :) (update)
> >
Here is the result of comparing some huge list of pop/pop/ret of XP SP1,
SP1a, SP2 ENGLISH
I got 2 universal offsets accross those 3 Os
SP2 ENGLISH
0x71ABE325 pop esi - pop - retbis - WS2_32.DLL
0x77E7F69E pop ebx - pop - retbis - RPCRT4.DLL
SP1a ENGLISH
0x71ABE325 pop edi - pop - retbis - W
Here is the result of comparing some huge list of pop/pop/ret of XP SP1,
SP1a, SP2 ENGLISH
I got 2 universal offsets accross those 3 Os
SP2 ENGLISH
0x71ABE325 pop esi - pop - retbis
0x77E7F69E pop ebx - pop - retbis
SP1a ENGLISH
0x71ABE325 pop edi - pop - retbis
0x77E7F69E pop ebx - pop - retb
quad.com
-
- Original Message -
From: "class 101" <[EMAIL PROTECTED]>
To: ;
Sent: Sunday, March 06, 2005 12:40 AM
Subject: [HAT-SQUAD] new exploit code
I let you know that a new exploit code is available at class101.org
ch
27 matches
Mail list logo
