I had no idea division-by-zero was a person until I read n3td3v's posts on
FD.
http://img.4chan.org/b/src/1211167023499.jpg
p.
Shut up you fucking fag, you just want this presentation given so you
can sell more tickets and become rich you complete dick head,
I know the national security
Connections are coming from all over the Internet (various
different IPs) specifically to this IP.
This sounds like a textbook case of Cross Site Scripting (XSS).
[see attachment]
attachment: hijacked.jpg___
Full-Disclosure - We believe in it.
From: trains [EMAIL PROTECTED]
The AddType statement for php is normally system-wide, which means
the web server will execute php scripts that may be found in the
upload directory. This can be fixed multiple ways:
They will just place an .htaccess and do addtype themselves.
php_admin_flag
Yes we are an easy
target for php0t etc right now, but in the future we will be the
biggest on the internet in the long term.
I didn't know 'being targetted' means somebody replies to one of your mails
(OFF LIST!) to express an opinion. What is going to change about this in the
long term
I think he meant the hushmail users (at least those mentioned in the
article), not the crew.
- Original Message -
From: Simon Smith [EMAIL PROTECTED]
To: Paul Melson [EMAIL PROTECTED]
Cc: full-disclosure@lists.grok.org.uk
Sent: Thursday, November 08, 2007 8:20 PM
Subject: Re:
After all this crap, you guys still fall for the trollbait? f*cking sad :-(
No? I've just recently applied here https://www.mi5careers.gov.uk/ homo, so
watch your
back with who you're talking to.
___
Full-Disclosure - We believe in it.
Charter:
As long as we're sharing random thoughts; has anyone here considered the
possibility that trying to hide catches more attention than sitting
quietly
as part of a vast crowd?
Just for the record, that's a sincere question.
Reminds me of virustotal.com's Don't send a copy to anti-virus
Does anybody else have something obvious to point out regarding this
flatdev-started trollbait?
Keep it coming, get it out of your system! :-)
p.
How do you know the hacker was attacking from his own IP address? That's a
pretty bold assumption. Surely he could've hacked from a
Is bungie.net's title originally 'Satisfying Your Mom Since 1991' ?
Google says, it should be This One Goes To Eleven.
If it's obvious or normal, discard this email.
___
Full-Disclosure - We believe in it.
Charter:
How exactly does such data get captured? Somebody placed a link
somewhere with the url having the user/password in it ? What would be
the point of that? And if not, where did that come from? I peeked at
http://www.google.com/tools/firefox/safebrowsing/faq.html to learn more
but it only has
Didn't have the chance / interest to meet Vista myself as of yet, but
if what you wrote isn't user error or something specific and limited to
only a few computers then excuse me a moment while i lmao. BTW, is there
anything in vista's agreement in legalish that could be translated into
'you
One thing you might try is instead of cutting it off entirely from the
internet, use an external device to limit what internet
addresses it can talk to so that it has a valid and working gateway
but it can't phone home.
I doubt Vista wants to google for porn instead of phoning home.
After
It just can't be that simple. There has to be more to what happened to
the guy. Lots of computers are offline for several
days at a time, it's inconceivable that they didn't test that.
Yeah, probably - but just for the fun of it I'm curious what happened
(unless it's some dumb user error).
This is probably the funnier part, whatever is causing it
[ Illegal characters in file path:
/home/system/www/bbcone/listings/nav_today
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thierry
Zoller
Sent: Sunday, August 27, 2006 10:13 PM
To:
. (There might be some circumstances blocking this in practice,
like if they require a Turing test for completing money transactions
etc).
php0t
ps: a poc showing how to fake a whole webpage?! :-)
I wonder what is interesting in this , usually a poc show us we can
upload a crafted webpage
Thanks for the 0day advisory! It helped out a lot.
(ps: 10yrs English course, 10yrs security would have been a better
choice for you if you ask me)
HELLO, MY NAME AMIT. I SECURITY RESEARCH FROM ALL OVER WORLD AND
CURRENTLY THIS MY FIRST
ADVISORY TO ANYONE RESARCHING. I POST TO MAILING
problem is that I do not get paid for
this - well - I am happy
that you are so much after what's best for me but I can do fine on my
own - thanks.
php0t / zorro.hu
You are wasting your time trying to prove you can find holes in
software that you AREN'T *PAID FOR* FINDING BUGS.
Nice advisory
default
logfile
[EMAIL PROTECTED]:/tmp$
Vulnerable
iPlanet Messaging Server 5.2 HotFix 1.16 (built May 14 2003)
php0t / zorro.hu
www.zorro.hu
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
IP's?
It could be just a proxy or a firewall set up to change the user-agent
to some random string, but whether they're surfers or bots you can tell
by looking at all such lines - to me, an index.html alone doesn't tell
me much, maybe others have seen this though and know what it is.
php0t
Found a new javascript escape for yahoo webmail, works with explorer,
cookie stealing can begin yet again.
You must give a correct source address to be able to get a cookie. Do
not abuse, thx.
Proof-of-concept (kind-of):
http://zmailhost.ath.cx/
php0t
www.zorro.hu
Title: Message
That
doesn't work any more.
Another one, for Internet Explorer however does work that i found the
other day.
Send
yourself one using my POC :)
http://zmailhost.ath.cx/
or
http://zmail.zorro.hu/
php0t
/ zorro.hu
-Original Message-From:
[EMAIL PROTECTED
Title: Message
Oh, I've CC'd [EMAIL PROTECTED], but if someone else would
give them a proper write-up, and encourage
them to close the hole, that'd be wonderful.
Since
yahoo isn't known for fixing bugs fast unless it's serious (and even then),
here's something i wrote up today.
The
Title: Message
For
the record: 30 minutes after I posted this, onLoad got changed to onfiltered -
problem fixed by yahoo. :)
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
php0tSent: Tuesday, June 13, 2006 2:28 AMTo:
Title: Message
Would
it be a big think to ask that you try to get along?
Steven: hardcoding tor node IP'sinto a module, blocking tor as a
means of securityisweirdI agree but cussing and flaming never
helped anybody -I've read other replies in the thread that were a lot more
useful than
with this one)...
$5000(?), Jason still couldn't catch the hacker, so blocking tor
globally won't help the problem more than it hurts privacy towards legit
tor users.
Blacklisting IP addresses is no substitute for actually fixing the
vulnerabilities on your servers.
Right.
php0t
into laugter. The bubbles
were kind of painful, I have to give him credits for finding a 0day to
cause pain to some remote guy using only email.
What I actually meant to say was: LOL (literally).
php0t
___
Full-Disclosure - We believe in it.
Charter
Ha Ha. Yes, not a proper fiend hey. But I take it that I would be
anonymous
technically.
If I were to do it for real I'd probably set up an internet connection
in an
assumed name complete with a fake bank account so there'd be no one
for the
cops to berate, just the computer [with no logs]
Title: Message
If you
kept your word (and didn't post my emails back to the list), it'd be better.
:)
-Original Message-From: n3td3v
[mailto:[EMAIL PROTECTED] Sent: Friday, March 31, 2006 10:47
PMTo: php0t; full-disclosure@lists.grok.org.ukSubject:
Re: [Full-disclosure
responded this time because 1) it was a
personal attack based on nothing, and 2) because it's my last email that has the
word netdev in it. (sent or received ;]) - and i can keep my word, unlike 'some
people'.
php0t
-Original Message-From: n3td3v
[mailto:[EMAIL PROTECTED] Sent
Title: Message
No,
please.. Really, keep your word just this one time.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
n3td3vSent: Thursday, March 30, 2006 10:55 PMTo:
s89df987 s9f87s987f; full-disclosure@lists.grok.org.ukSubject: Re:
Title: Message
You
need a hug.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
n3td3vSent: Thursday, March 30, 2006 12:57 AMTo:
full-disclosure@lists.grok.org.ukSubject: Re: [Full-disclosure]
Noise
I finished school 11 years ago,
the default CentOS page for a 'hack'.
Priceless.)
php0t
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
: ...
n3td3v: fine, go screw yourself, be proud to be an american, you just
couldn't help bash other peoples google and yahoo vulnerabilities!
chiq: leaves
n3td3v: Oh well, time to get back to what counts, and thats research
into Google and Yahoo
php0t
-Original Message-
From: [EMAIL
vulnerabilities, and I amsure I speak in all FD posters` names when I say
that you are the yet the most helpful person in the IT business, and you have a
big future.
php0t.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
n3td3vSent
and when you
get bored with it or just simply don't like what you see, you can always
filter outgoing data or just disconnect the poor bastard. Manual
honeypot, we could say.. :-)
ciao
php0t
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michel
Pereira
Sent
Then the spam would simply come from list subscribers :-(
But then it would all be coming from one or two addresses. It's easier
to delete that way.
SMTP. They can come from whatever address.
___
Full-Disclosure - We believe in it.
Charter:
, it wouldn't make deleting
much
easier, since then you'd have to pay attention to not delete legit
subscribers`
emails. They could just send one email 'from' each subscriber that
posted in
the last couple of months.
php0t
___
Full-Disclosure - We believe
This has been going on for about a day... Come on. I know it's Sunday,
but... You know.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Yes, because firefox probably doesn't execute javascript if the
location is in an IMG tag.
I don't know why they posted that in the first place.
Here's a link that will probably work under both browsers
http://ws.arin.net/whois/?queryinput=%3Cscript%3Ealert('666')%3C/script%
3E
Right,
a whois at the shell, iwouldn't like to
seelt/gt instead of the the html opening tags. The idea ain't
bad though, it's probably fun to see info about some percentage of the people
that do whois on our domains/ip's.
php0t
___
Full
it was a couple of bugs (I
didn't find neither insect, neither bug in the list), then it was
umbrellas with an exception picture - it was more like a pain in the
ass, a computer would have better luck by going through the option list
:P
Eagerly waiting for examples,
php0t
Ps: these are what I found
rotation, deformation, maybe letters in 3D (adding extra edges
;])
6) layer more words on each other
7) if you sense too much spam, change a few things
etc
etc
etc
I probably left out a lot of things that should be considered, so
additional ideas are very welcome.
php0t
A big part of the problem you mention can be solved by requiring a
Turing test for the actions that you don't want a bot to be able to do.
php0t
Recently, new bots rendered current anti spam techniques for blogs
almost useless. Here is a short write-up on the subject of comment
spam
php0t wrote:
A big part of the problem you mention can be solved by requiring a
Turing test for the actions that you don't want a bot to be able to
do.
I guess you missed all the historic discussion of how cheap it is, in
Western terms, to employ what passes as skilled labour
better by using captcha-like implementations.
This is all I said, but you're both right about pointing out the
problems of spammers having money / using people, etc as well.
php0t
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk
Poem was horrific, [EMAIL PROTECTED] notified about the gif.exe.
- Original Message -
From: Dude VanWinkle [EMAIL PROTECTED]
To: full-disclosure@lists.grok.org.uk
Sent: Saturday, December 17, 2005 11:28 AM
Subject: [Full-disclosure] Seasons Beatings
p.s.: here is your card:
specific and doesn't have any relevant info i suggest
not boring the others with it.
Next time you have something to say, tell me in advance that you're _NOT_
quoting otherwise I will think it's spam and not really your opinion.
Cheers,
php0t.
- Original Message -
From: Dude
I hope... this is all a joke.. right?
php0t.
ps: looking into postfix regexp filters when i wake
up, thanks for the tip.
- Original Message -
From:
Joe
Average
To: GroundZero Security ; full-disclosure@lists.grok.org.uk
Sent: Sunday, December 18, 2005 4:47
AM
Jesus tap dancing christ. Stop.
- Original Message -
From: n3td3v [EMAIL PROTECTED]
To: full-disclosure@lists.grok.org.uk
Sent: Sunday, December 11, 2005 4:09 PM
Subject: Re: [Full-disclosure] Famous n3td3v quotes - The Director's
Cut(outnow on DVD)
You haven't been able to find in
Fav post fav answer
I could make you look more stupid in public by reveiling my
nickname on your IRC channel and your direct involvement with me by
yourself and your channel operators and users of BSRF.
If you are an active user of BSRF, and if you are a great friend of
mine, and you do
Proof of concept: a class=newlink
href=http://www.google.com/url?sa=Dq=http://www.google.com?
scriptalert(document.cookie)/script
Remarks: This is my second Google disclosure in under a year. That
makes two vulnerabilities for Google I have discovered.
Credit: n3td3v
wall ... bad...
How'bout adding direct printing on lpt of new one-time usage passwords? :)
In order to get the passwords, they'd have to hook the printing, too. Not
too common, yet.
I agree but what about the second random password and challenge
authentification? Both should be unique and usage once.
Yes, obviously not perfect or even near, i didn't even say that. Just a
plus, an alternative to having to depend on keyboard / screen / files to
help out with the authentication discussed.
php0t
- Original Message -
From: Nick FitzGerald [EMAIL PROTECTED]
To: full-disclosure
,
like it is now. Now I feel kind of bad that i added to this noise. sorry.
Thanks for all your 20 seconds:
php0t.
- Original Message -
From: Jason [EMAIL PROTECTED]
To: full-disclosure@lists.grok.org.uk
Sent: Friday, November 25, 2005 6:20 PM
Subject: Re: [Full-disclosure] Re: Return
54 matches
Mail list logo