Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC

2014-03-15 Thread William Scott Lockwood III
It's amazing how much dumber I feel for having read your drivel. Please for the love of $diety stop posting to this list. -- W. Scott Lockwood III AMST Tech (SPI) GWB2009033817 http://www.shadowplayinternational.org/ There are four boxes to be used in defense of liberty: soap, ballot, jury

Re: [Full-disclosure] OT What is happening with bitcoins?

2014-03-11 Thread Ron Scott-Adams
Julius hit the nail on the head here. Transaction malleability is not some heretofore undiscovered bug in the Bitcoin implementation. It was a known entity long ago, and presumably with the creator(s) awareness. It really isn’t a problem itself; it’s perfectly mitigable with the correct

[Full-disclosure] Remote Command Injection Vulnerability in SkyBlueCanvas CMS

2014-01-24 Thread Scott Parish
Vulnerability in SkyBlueCanvas CMS Vulnerability Type: Remote Command Injection Version Affected: 1.1 r248-03 (and probably prior versions) Discovered by: Scott Parish - Center for Internet Security Vendor Information: SkyBlueCanvas is an easy-to-use Web Content Management System, that makes

[Full-disclosure] EE BrightBox router hacked - bares all if you ask nicely

2014-01-15 Thread Scott Helme
credentials. You can read the full article here: https://scotthelme.co.uk/ee-brightbox-router-hacked/ Scott.___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

Re: [Full-disclosure] [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application

2013-12-17 Thread William Scott Lockwood III
Hilarious. If I were just plain ignoring the PCI DSS, I'd want to hide evidence of it, too. If you really want to ruin their day, report this to VISA. -- W. Scott Lockwood III GWB20090338817 AMST Tech On Dec 17, 2013 3:12 AM, Fyodor fyo...@nmap.org wrote: On Fri, Dec 6, 2013 at 8:07 PM

[Full-disclosure] Pastebin Captcha Bypass

2013-11-28 Thread Scott Arciszewski
. If nothing else, you can spare yourself the trouble of solving a captcha next time you decide to dump IRC logs or your rivals' mail spools and something happens to contain a hyperlink. Happy thanksgiving, Scott Arciszewski ___ Full-Disclosure - We believe

[Full-disclosure] CVE-2013-2210

2013-06-27 Thread Cantor, Scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 CVE-2013-2210: Apache Santuario XML Security for C++ contains a heap overflow during XPointer evaluation Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to

[Full-disclosure] CVE-2013-2153: Apache Santuario C++ signature bypass vulnerability

2013-06-18 Thread Cantor, Scott
CVE-2013-2153: Apache Santuario XML Security for C++ contains an XML Signature Bypass issue Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to V1.7.1 Description: The implementation of XML digital

[Full-disclosure] CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability

2013-06-18 Thread Cantor, Scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 CVE-2013-2154: Apache Santuario XML Security for C++ contains a stack overflow during XPointer evaluation Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to

[Full-disclosure] CVE-2013-2155: Apache Santuario C++ denial of service vulnerability

2013-06-18 Thread Cantor, Scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 CVE-2013-2155: Apache Santuario XML Security for C++ contains denial of service and hash length bypass issues while processing HMAC signatures Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML

Re: [Full-disclosure] CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability

2013-06-18 Thread Cantor, Scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 CVE-2013-2156: Apache Santuario XML Security for C++ contains heap overflow while processing InclusiveNamespace PrefixList Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library

[Full-disclosure] Microsoft Internet Explorer textNode Use-After-Free

2013-06-05 Thread Scott Bell
( . ) `) ( . ' . ' `. (, ) (, . `.' ) ('.', ). , ('. ( ) ( (_,) .`), ) _ _, / _/ / _ \ _ \ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ |\\ \__( _ ) Y Y \ /__ /\___|__ / \___

Re: [Full-disclosure] how do I know the fbi is followin

2013-03-03 Thread William Scott Lockwood III
Beware hippies. Especially red headed ones. Why, just the other day, my phone picked up the FBI surveilance van. I'm sure it was looking for anyone from New Jersey, since I was next to a Jersey Mike's sub shop in Lisle, Il. Starbuck's is a known CIA front. The ashen taste of their coffee is the

[Full-disclosure] Microsoft Internet Explorer SLayoutRun Use After Free

2013-02-13 Thread Scott Bell
= Microsoft Internet Explorer SLayoutRun Use After Free = = Author: Scott Bell scott.bell[at]security-assessmemt.com = = Vendor Website: www.microsoft.com = = Affected Version: Microsoft Internet Explorer 8 = = Advisory URL

Re: [Full-disclosure] Are software cracks also a form of security vulnerabilities?

2013-01-17 Thread Scott Herbert
Firstly anything that can be done in software can be broken via software, and so nothing is non-tamper-proof, it may take a long time but at some point someone will break it. So to get back to the question, Are software cracks also a form of security vulnerabilities? IMHO No. to draw an analogy

Re: [Full-disclosure] petition to remove Aaron Swartz prosecutor

2013-01-14 Thread Scott Herbert
On 14/01/2013 20:35, valdis.kletni...@vt.edu wrote: On Mon, 14 Jan 2013 11:02:26 -0500, Jeffrey Walton said: On Mon, Jan 14, 2013 at 10:34 AM, richa...@fastmail.fm wrote:

Re: [Full-disclosure] Google's robots.txt handling

2012-12-11 Thread Scott Ferguson
/From/: Hurgel Bumpf l0rd_lunatic () yahoo com /Date/: Mon, 10 Dec 2012 19:25:39 + (GMT) Hi list, i tried to contact google, but as they didn't answer my email, i do forward this to FD. This security feature is

Re: [Full-disclosure] Google's robot.txt handling

2012-12-11 Thread Scott Ferguson
about not following the listed directories, not about not listing the robots.txt. Next you'll want laws against bad weather and furniture with sharp corners. Don't put things you don't want seen to see in places that can be seen. On Mon, Dec 10, 2012 at 8:19 PM, Scott Ferguson

Re: [Full-disclosure] MySQL (Linux) Database Privilege Elevation Zeroday Exploit

2012-12-05 Thread Scott
Maybe read the code??? $mysql_version = 51; # can be 51 or 50 if ($mysql_version eq 50) { $inject = select 'TYPE=TRIGGERS' into outfile'.$folder.$database./rootme.TRG' LINES TERMINATED BY '\\ntriggers=\\'CREATE DEFINER=`root`\@`localhost` trigger atk after insert on rootme for each rownbegin

Re: [Full-disclosure] Full-Disclosure Digest, Vol 93, Issue 11

2012-11-12 Thread Scott Miller
You seem to be assuming that denying a random user access to FB is a security liability ;] full-disclosure-boun...@lists.grok.org.uk wrote on 11/10/2012 07:00:02 AM: -- Message: 2 Date: Thu, 08 Nov 2012 04:28:33 -0300 From: Chris C. Russo ch...@calciumsec.com

[Full-disclosure] Wordpress plugin abtest vulnerable to a directory traversal attack

2012-10-11 Thread Scott Herbert
. Vulnerability made public via my blog and the full disclosure email list. -- Scott Herbert http://blog.scott-herbert.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia

Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2

2012-10-08 Thread Scott Herbert
Message- From: Henri Salo [mailto:he...@nerv.fi] Sent: 08 October 2012 15:42 To: Scott Herbert; secur...@zenphoto.org Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2 On Tue, Oct 02, 2012 at 07:16:11AM +0100

[Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2

2012-10-02 Thread Scott Herbert
: 12-Sept-2012 Zenphoto and UK-CERT informed 18-Sept-2012 Zenphoto confirmed and fixed (see http://www.zenphoto.org/trac/changeset/10836). 1-Oct-2012 Zenphoto 1.4.3.3 released fixing hole. -- Scott Herbert Cert Web Apps (Open) http://blog.scott-herbert.com/ Twitter @Scott_Herbert

Re: [Full-disclosure] Cookie stealing and XSS vulnerable in Zenphoto version 1.4.3.2

2012-10-02 Thread Scott Herbert
At the time I thought this was the correct way to report things. I've since stopped spamming them with every little hole I find. I couldn't find a n00b's guide to reporting, so I'm making it up as I go along. If there is a guide online somewhere I'd 1) love to read it and 2) think it should be

[Full-disclosure] XSS vulnerability in wordpress plugin abc-test

2012-09-26 Thread Scott Herbert
of the vulnerability, via the full disclosure and http://scott-herbert.com/blog/2012/09/26/xss-vulnerability-in-wordpress-plug in-abc-test-1107 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-26 Thread Scott Solmonson
I can't tell if I'm being trolled or not... Inlined- On Wed, Jul 25, 2012 at 7:04 AM, Григорий Братислава musntl...@gmail.com wrote: Is I am on your network, good luck is find me especially in is post exploitation as I am is liable to float around is piggyback from one machine is to the

Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-23 Thread Scott Solmonson
, Григорий Братислава musntl...@gmail.com wrote: On Wed, Jul 18, 2012 at 12:20 PM, Scott Solmonson sco...@scosol.org wrote: Shortcutting other responses- 2) assume the worst, don't isolate, monitor spread tactics, perceptually contain and then analyse. This is make sense! Do not isolate. Let hacker

Re: [Full-disclosure] Linux - Indicators of compromise

2012-07-19 Thread Scott Solmonson
Shortcutting other responses- A suspect node that you want to keep live can only be treated in two ways: 1) if you need to know who is behind the shenanigans, you monitor net traffic and isolate/simulate reach and then do what you can to get what you need. 2) assume the worst, don't isolate,

[Full-disclosure] Security Advisory: CVE-2011-2516

2011-07-07 Thread Cantor, Scott E.
-- Scott Cantor CVE-2011-2516: Apache Santuario XML Security for C++ contains buffer overflows signing or verifying with large keys. Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Santuario XML Security for C++ library versions prior to V1.6.1 Description

Re: [Full-disclosure] http://cms.netrix.hu - hacked by anti-sec

2009-07-21 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ant-Sec Movement wrote: Dear Reader, The anti-sec movement has officially pwned http://cms.netrix.hu in order to spread our message and our goals. Sincerely, -anti-sec

[Full-disclosure] Blog post about anti-sec postings on Full Disclosure

2009-07-17 Thread Scott Mortimer
From: Scott Mortimer sc...@scott.mortimer.name To: full-disclosure@lists.grok.org.uk Date: Fri, 17 Jul 2009 14:26:20 +0200 Subject: Blog post about anti-sec postings on Full Disclosure I have written a blog post about the recent spat of anti-sec postings on Full Disclosure. Shortly thereafter

[Full-disclosure] Blog post about anti-sec postings on Full Disclosure

2009-07-17 Thread Scott Mortimer
I have written a blog post about the recent spat of anti-sec postings on Full Disclosure. Shortly thereafter, some one from an IP address in Italy starting trying directory traversal attacks on my blog. Read more about it here: http://www.cybersec.eu/?p=181 I will forward the information to his

Re: [Full-disclosure] Multiple Flash Authoring Heap Overflows - Malformed SWF Files

2008-10-16 Thread scott
Paul Craig wrote: Multiple Flash Authoring Heap Overflows - Malformed SWF Files Vendor Website: http://www.adobe.com Affected Versions: Adobe Flash Professional CS3/Flash MX2004 Vendor Notified. July 2008 Public

Re: [Full-disclosure] security industry software license

2008-10-16 Thread scott
I hope you choke on your anti-depressants and drown in your own vomit you fucking cunt. That was just rude. Netdev is a delusional paranoiac with a need to be accepted for what he's worth. Oh yeah, I forgot. I filtered him out a long time ago. I still love the Doonesbury-esque quality of his

Re: [Full-disclosure] Media backlash begins against HD Moore and I)ruid

2008-08-05 Thread scott
[EMAIL PROTECTED] wrote: On Tue, 05 Aug 2008 18:40:32 BST, n3td3v said: Are you suggesting HD Moore had prior knowledge that the Austin Texas ATT servers were vulnerable? No - simply saying that either they were vulnerable, or they weren't. If they weren't vulnerable, HD didn't have

Re: [Full-disclosure] What the UK government care about in a hacker

2008-06-26 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 wac wrote: | How will the UK government contact you? Brute guys will jump out of a | range rover land rover which will have darkened windows and will give | you an offer you can't refuse after abducting you for five minutes | based on your research

[Full-disclosure] Free IT Security Training

2008-05-09 Thread scott
or comments, you can reach me at: [EMAIL PROTECTED] Best regards, Scott ([EMAIL PROTECTED]) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Full-Disclosure Digest, Vol 39, Issue 20

2008-05-09 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joey Mengele wrote: | Valdis, | | Furthermore, using scholarly resource WikiPedia, I have been able | to find more flaw in your statement. As it turns out, the jews | actually *are* a small subset: | | http://en.wikipedia.org/wiki/Jewish_population |

Re: [Full-disclosure] To the I)ruid

2008-04-24 Thread scott
Doctor this, Welcome to my killfile. Micheal Chatner wrote: Dear Sir, I find it incredibly curious that you would try to pass off my CFP as your own. I did a little research into the matter and found that you are a subpar security researcher for the subpar BreakingPoint Systems. I

Re: [Full-disclosure] EUSecWest CFP Closes April 14th (conf May21/22 2008)

2008-04-10 Thread scott
That's pretty funny. I used to get a kick out of your BS but, I must say, you are getting very monotonous with your over inflated self-worth. You have admitted that all you do is scrape other sites and post their knowledge to your agenda group. Basically, you're saying you are a journalist

Re: [Full-disclosure] n3td3v has a fan

2008-04-07 Thread scott
Joey Mengele wrote: Dear Tree, On Mon, 07 Apr 2008 18:20:49 -0400 Tremaine Lea [EMAIL PROTECTED] wrote: Razi, at this point you've pretty much gone over the line. I'd consider calling him a lot of things, but spammer isn't one of them. You're definition of spam is not a generally

Re: [Full-disclosure] n3td3v has afan

2008-04-05 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm the one at the forefront of security trying to make a difference, and what are you? He supports me because of my cause to stop the Storm Worm, so what solutions have you got, instead of annoying everyone? What security are you at the

Re: [Full-disclosure] Fwd: Let's outlaw mass securityconferencespamming its f****** gay

2008-04-03 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 He has no clue what it means to live in a democracy, much less a federation. Let's let the comedy go on, shall we? Definitely breaks the monotony of everyday BS. Garrett M. Groff wrote: netdev, I'll begin by confessing that I merely skimmed your

Re: [Full-disclosure] Fwd: Let's outlaw masssecurityconferencespamming its f****** gay

2008-04-03 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 That is what full-disclosure was created for!? Due to the massive influx of media attention, it has come to this. Mary Landesman wrote: I think the concerns you're raised about profiteering/marketing on the list are valid. I hadn't thought of it

Re: [Full-disclosure] Fwd: Let's outlaw mass securityconferencespamming its f****** gay

2008-04-03 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 O how I love your posts. They're all over the place, and at the same time, primitive. I would normally filter such a troll as you, but you keep me in stitches!! N3td3v rocks!! Just not in the way he thinks!! n3td3v wrote: On Thu, Apr 3, 2008 at

Re: [Full-disclosure] sans handler gives out n3td3v e-mail to public

2008-03-22 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 n3td3v wrote: On Fri, Mar 21, 2008 at 3:18 PM, Kern [EMAIL PROTECTED] wrote: Well . . . worried DOES have a good point . . . I think SANS dropped the ball on that, BUT I don't know if this is going to be a media event. I have had a little dealing

Re: [Full-disclosure] us cyber command

2008-03-04 Thread scott
with a preposition. Regards, Scott -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHzjCZs+9h2X0fCGcRAlsQAJ4jzBdQnixeNmONMsWNZLbwZvxnWwCfbzHw Vk4iRfmmuf81XF0Ux8iKZzQ= =3xcU -END PGP SIGNATURE

Re: [Full-disclosure] [ MDVSA-2008:048 ] - Updated Firefox packages fix multiple vulnerabilities

2008-02-23 Thread Scott
. ___ I guess Mandriva's Mozilla dev(s) were out when Mozilla introduced this update... -- Scott http://angrykeyboarder.com I've never used an OS I didn't (dis)like. I'm angrykeyboarder™ and I approved this message

Re: [Full-disclosure] in Memory of Dude VanWinkle / Justin Plazzo

2008-02-11 Thread scott
He will definitely be missed. Especially his witty siglines. RIP Dude! Regards, Scott Abilash Praveen wrote: You have the same feeling as what I had a couple of years back when my 23 years old friend (only son for his parents and a Microsoft VIP) passed away in his sleep. Everything seems

Re: [Full-disclosure] Some Hashes

2008-02-08 Thread scott
Joey Mengele wrote: Dear Openphugu, LOLOLOL. This list is called full disclosure not whine like a fucking dumb faggot about hashes. Go fuck yourself. J LOL - Adolf Hitler On Fri, 08 Feb 2008 21:13:12 -0500 Maxim [EMAIL PROTECTED] wrote: This list is called full-disclosure, not

Re: [Full-disclosure] Firefox 2.0.0.12 SSL Spoofing and Domain Guessing vulnerabilities

2008-02-04 Thread scott
This is obviously a bug in the newest beta release and should be reported there.Why the OP chose not to do this is a matter for speculation. Regards, Scott steve menard wrote: I get a warning on 2.0.0.11 Linux Ubuntu You are about to log into the site google with the username [EMAIL

Re: [Full-disclosure] Save XP

2008-01-31 Thread scott
Yes and MS quietly extended 98 for a few more years until they came out with 2000.A much better OS than ME at the time,IMHO. Scott mgk.mailing wrote: Were there similar cry's for windows 95 / 98 in years past ? /mgk James Matthews wrote: Ok signed up! I hope it works! On Jan 28, 2008 9

[Full-disclosure] Save XP

2008-01-28 Thread scott
=savexpblog080114Source_BC=13Script=/LP/80276783/reg; Maybe we can stop this. Regards, Scott signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored

Re: [Full-disclosure] what is this?

2008-01-16 Thread scott
something new turns them off. :-( Lord Help InfoSec, Scott Tremaine Lea wrote: Probably because Gadi is at least close to on topic whether the majority of readers appreciate the posts

Re: [Full-disclosure] Critical Vulnerability in [Full-Disclosure]

2008-01-02 Thread scott
world. I shouldn't waste my time responding to a teeny- bopper,anyway. Scott reepex wrote: So you included me in here because my name has something to do with farm equipment? Did your message have a point? You wrote a bunch of nonsense flattering your favorite security stars and then attempted

Re: [Full-disclosure] N3TD3V INTERNET SECURITY THREAT CENTER

2007-11-01 Thread scott
to control spam to one that I have to go through a couple thousand posts to find anything worthwhile. Try a little bit harder.It does take some work. Good luck in this endeavor.I might check back in a month. Regards, Scott reepex wrote: thanks for your document design.. i would have chose

Re: [Full-disclosure] Flash that simulates virus scan

2007-10-31 Thread scott
/ You might learn something regarding the dangers of XSS. Cheers, Scott reepex wrote: dont you listen to pdp ever? the government uses xss and bruteforces remote desktop logins http://seclists.org/fulldisclosure/2007/Oct/0417.html pdp: military grade exploits? :) dude, I am sorry man.. but you

Re: [Full-disclosure] MySpace URL redirection

2007-10-27 Thread scott
be able to protect against it?Much less see if a site(s) are vulnerable. Keeping up with the Jones' is a good way to learn the technique du jour.Closing yourself off from the real world will leave you stale and out of the loop. Regards, Scott worried security wrote: On 10/27/07, Morning Wood

Re: [Full-disclosure] lol @ you

2007-10-27 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 So? [EMAIL PROTECTED] wrote: hahahahaha you can't stop us, silly whitehats there are more of us, and we are smarter -EAT A DIK ___ Full-Disclosure - We believe in it. Charter:

Re: [Full-disclosure] pdp is leaving us

2007-10-27 Thread scott
behind the firewall using your browser.How can you not see a threat? Regards, Scott reepex wrote: It seems our good friend and fellow poster pdp|architect is leaving our scene for something else. http://www.gnucitizen.org/about/pdp#comment-61753 pdp took alot of heat after his home router

Re: [Full-disclosure] Google Sacure

2007-10-26 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 They can't even spell 'secure'.What the hell is 'sacure'? Regards, Scott [EMAIL PROTECTED] wrote: The truth about Sacure is that they have little to no capabilities or talent what so ever. Their website has been malfunctioning since well

Re: [Full-disclosure] Google Sacure

2007-10-25 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 First off,it's on GoDaddy (dot)com.That should be the first pointer. Michael Bann wrote: Maybe it's a joke. :-) Fabrizio wrote: Way too much info. Let's map out some tables names now http://www.sacure.com/login_process.php On

Re: [Full-disclosure] DHS need to get on top of this right now

2007-10-23 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You and some other people on this list hold themselves in such high esteem.It's just a shame no one else does. So what military experience do you have?Or in law enforcement?For that matter,what experience do you have in anything?Good luck in the job

Re: [Full-disclosure] Come on, let's do funding for Mac OS TrueCrypt porting !

2007-10-20 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I think they need to go find a hacker forum to play on! Fabio Pietrosanti wrote: http://www.osxcrypt.org - http://www.osxcrypt.org - http://www.osxcrypt.org http://www.osxcrypt.org - http://www.osxcrypt.org - http://www.osxcrypt.org u sux! I

Re: [Full-disclosure] Someone is impersonating Gadi Evron and spamming this list

2007-10-20 Thread scott
Reported to abuse at linuxmail.org,including full headers. phioust wrote: Anthony V. Vitale == captian obvious quit with your spam On 10/20/07, Anthony V. Vitale [EMAIL PROTECTED] wrote: Hello, From past postings on this list, I know that there are people that do not like Mr. Evron.

Re: [Full-disclosure] the disappearance of the dog lover Petko D. Petkov

2007-10-20 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Does your mommy know you're using her computer to try and take over a mailing list? Huh?Whats that?Bottle-feeding time? phioust wrote: As the whole security industry knows Petko D. Petkov ( pdp architect ) has been releasing daily 0day daily

Re: [Full-disclosure] the disappearance of the dog lover Petko D. Petkov

2007-10-20 Thread scott
will respond with: No, but your mom does On 10/20/07, scott [EMAIL PROTECTED] wrote: Does your mommy know you're using her computer to try and take over a mailing list? Huh?Whats that?Bottle-feeding time? phioust wrote: As the whole security industry knows Petko D. Petkov ( pdp architect

Re: [Full-disclosure] Marc Vilanova Vilasero está au sente de la oficina.

2007-10-19 Thread scott
There really should be a rule on this list prohibiting multiple aliases from one IP. lulzlulzluzluz wrote: please keep this subject on security issues. On 10/19/07, Kurt Dillard [EMAIL PROTECTED] wrote: Apparently you're not bright enough to read or write English either, much less

Re: [Full-disclosure] pdp architect, drraid, beastiality, and incest

2007-10-15 Thread scott
Why don't you grow up and go away! [EMAIL PROTECTED] wrote: What do these things have in common? Well for one pdp and drraid share an extremme fetish for sick porn, but also they love to post info on future ( read non-existant ) 0day/exploits that they have possession of. As noted in

Re: [Full-disclosure] pdp architect, drraid, beastiality, and incest

2007-10-15 Thread scott
. The only thing i can think of is 'fame' and its obviously working against them. *pdp architect, drraid, beastiality, and incest* On 10/15/07, scott [EMAIL PROTECTED] wrote: Why don't you grow up and go away! [EMAIL PROTECTED] wrote: What do these things have in common? Well

Re: [Full-disclosure] [EMAIL PROTECTED]

2007-10-14 Thread scott
OK Dudette and VanWanker, Take it to the street!Have it out,just not here!!! Some people actually like a clean list. Regards, Scott Dude VanWinkle wrote: On 10/14/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Explain your joke Mister

Re: [Full-disclosure] [EMAIL PROTECTED]

2007-10-13 Thread scott
You people argue like teenagers on dope! I seriously doubt Gadi cares whether you like him or not!He has a life of his own.Why don't you try it. Regards, Scott worried security wrote: On 10/13/07, Dude VanWinkle [EMAIL PROTECTED] wrote: Whoops and sorry Richard! I thought you were

Re: [Full-disclosure] defining 0day

2007-09-25 Thread scott
Catch a good belly laugh with Steve Shockley's response to Thor(Hammer of God) over on Bugtraq. Cheers, Scott [EMAIL PROTECTED] wrote: The game king of the hill comes to mind watching this. Who will stand alone on top with all others bowing down before him? Geoff Sent from my BlackBerry

Re: [Full-disclosure] [Dailydave] Hacking software is lame -- trymedical research...

2007-09-23 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I just want to know how this thread got linked with [Dailydave].If [Dailydave] wouldn't accept it,why accept it here?He cut this off at the start. Cheers, [EMAIL PROTECTED] wrote: Try cyanide. Faster, better, cheaper, and long lasting. Geoff

Re: [Full-disclosure] Greek Web Election System Sucks - Remote File Inclusion?

2007-09-23 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ROFL! Spanish backdoors exported gold and other valuables in the past!Entire continents even? Joey Mengele wrote: This comes as no surprise. Most Greek stuff is susceptible to a back door style attack. This type of assault has been documented

Re: [Full-disclosure] [Dailydave] Hacking software is lame -- trymedical research...

2007-09-23 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My point is that this thread would not have made it onto the [Dailydave] mailing list. At least not after the second or third post. J.M. Seitz wrote: I just want to know how this thread got linked with [Dailydave].If [Dailydave] wouldn't accept

Re: [Full-disclosure] Very strange nmap scan results

2007-09-20 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Did this particular person,or persons know what you were going to do? Looks like a honeypot,to me. Been wrong before,won't be the last.I hope,for the sake of whomever you are auditing,that this is the case. Cheers, Redwolfs always Juan B wrote:

Re: [Full-disclosure] Came across this site

2007-09-14 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 scott wrote: This site seems to have a lot of registered users.But I only see posts by this one guy.Really stealing news from other sites and posting them there. Let's call this guy out.He claims to be an MCSE privately,but I seriously doubt

[Full-disclosure] What does everyone make of this

2007-09-11 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://www.abovetopsecret.com/forum/thread302187/pg1 If real,this is scary!! Regards, scott -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

Re: [Full-disclosure] [Reality Behind LSNN/Fake Reports/Lamer Buster] Who Actually this person is ?

2007-09-09 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Not true.I just sent a bunch of you to a totally innocent site. The guy obviously doesn't want script-kiddies attacking other sites.He even says so. In the time I've been here,n3td3v, and a few others,have been the most disruptive. It's no wonder

[Full-disclosure] Amazing insecurity from within

2007-09-09 Thread scott
to see what all the fuss was about.I just found it surfing around(yeah,I try to find the dark corners). I will not try this crazy stunt here again.I just hope the guy that runs it doesn't read this list.(Like I care) See ya, Scott -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux

[Full-disclosure] Came across this site

2007-09-08 Thread scott
://hacking-passion.com Now I know I will catch a lot of flames for this,so I'm putting on my Nomex suit right now. Scott -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

Re: [Full-disclosure] What do you guys make of this?

2007-09-07 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 People,lets get a grip. The US has been pushing into territory the Russians have claimed as their own. NATO has pushed the limit for the edges of a sovereign power in my opinion. The Russian military is feeling squeezed between the European Union

Re: [Full-disclosure] 0day for sell

2007-09-05 Thread scott
of questions. ROFL! Regards, Scott Slythers Bro wrote: i need your name and your address, i will sell it to the police. :P -- ___ Full-Disclosure - We believe in it. Charter: http

Re: [Full-disclosure] Full-Disclosure Digest, Vol 30, Issue 50

2007-08-31 Thread Scott McIntosh
I am out of the office until Tuesday, Sept. 4th. NOTICE: This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of this e-mail by you

Re: [Full-disclosure] Full-Disclosure Digest, Vol 31, Issue 1

2007-08-31 Thread Scott McIntosh
I am out of the office until Tuesday, Sept. 4th. NOTICE: This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of this e-mail by you

Re: [Full-disclosure] 0day for sell

2007-08-20 Thread scott
I say the same as others on this list.The name says it all.FULL-DISCLOSURE doesn't mean...Hey man,I've got a one-eighth-disclosure for you. If you will pay for it,I will give the other seven-eighths-disclosure. what do you care if someone posts saying they have 0day for sale, or if they're for

Re: [Full-disclosure] Xbox live accounts are being stolen (is the training working?)

2007-08-09 Thread Scott Hirnle
and as a result, our agents don't have visibility into it and our entitlement process is different for each line of business. Scott -Original Message- From: Kevin Finisterre (lists) [mailto:[EMAIL PROTECTED] Sent: Thursday, August 09, 2007 8:21 AM To: full-disclosure@lists.grok.org.uk Cc: Ashley

Re: [Full-disclosure] EXPLOITS FOR SALE (AUCTION SITE)

2007-07-08 Thread scott
time job--to someone else,simply because they might make a name for themselves using my work. Anonymous works well for me,at this time anyway. Regards, Scott George Ou wrote: Michal, I completely agree with you about the ethics of selling exploits to the black-market. However, there needs

Re: [Full-disclosure] Rutkowska faces '100% undetectable malware' challenge, teasing?

2007-07-01 Thread scott
,possibly, these types of things,but they are easily defeated. Scott Peter Ferrie wrote: The problem is that she wants the money upfront, in order to develop the 100% undetectable thing that she doesn't have right now. So that's a problem. From

Re: [Full-disclosure] DOS on phrack?

2007-07-01 Thread scott
their time responding to such a despot as me. Sorry to waste your time so you could waste more time by replying in such an unambiguous way! Ooops.There's my Xanax.I knew I needed it! Bad day.Sorry for the rant.^~^ scott Jeff MacDonald wrote: why is it that when a website is unavailable

Re: [Full-disclosure] Persistent XSS and CSRF and on network appliance

2007-06-27 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Even better ,if you push a hash on us,do tell whether it's a 0-day or a known exploit. Regards, Redhowlingwolves __ It's all about (IN)Security http://www.hacking-passion.com Brian Eaton wrote: On 6/27/07,

Re: [Full-disclosure] Harry Potter 0day

2007-06-19 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You would love to have some of my 0-Days.I do OS-dev work in my spare time.Which,by way of responsibility,I have plenty of! Got it,Give it! Regards,(although rudeness isn't appreciated,it will be tolerated) Scott Knud Erik Højgaard wrote

Re: [Full-disclosure] Dear Neal Krawetz, will the real n3td3v please stand up?

2007-06-19 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 At this point I believe gobblez,or whoever,is just a nuisance to ignore! When,or if,they have something worthwhile to say,maybe everyone else will pay attention.Until then ...:P Dr. Neal Krawetz PhD wrote: If you believe my method(s) was

Re: [Full-disclosure] Harry Potter 0day

2007-06-19 Thread scott
to get me anywhere!Prosecuted?Nah. scott wrote: You would love to have some of my 0-Days.I do OS-dev work in my spare time.Which,by way of responsibility,I have plenty of! Got it,Give it! Regards,(although rudeness isn't appreciated,it will be tolerated) Scott Knud

Re: [Full-disclosure] Harry Potter 0day

2007-06-18 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Who are you people and why should I care? Maybe a new exploit would be more useful. Cheers, Scott go harry wrote: * Harry Potter 0day

[Full-disclosure] Tcpdfilter

2007-06-13 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Anyone know where I can get a copy of tcpdfilter?The site on Freshmeat is gone and Googling doesn't come up with anything Or is there a replacement for it? Any help will be much appreciated, Regards, Scott -BEGIN PGP SIGNATURE- Version

[Full-disclosure] If you know,why can't you teach

2007-06-06 Thread scott
. http://www.hacking-passion.com Got something to say?Or just feel like ..whatever. You know where it is. Regards, Scott ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted

Re: [Full-disclosure] TCP/IP vulnerability

2007-05-22 Thread Scott Renna
All you need is a tool that can craft packets to your desired specification. There are many choices out there. Google is your friend. So is Packetstorm and SecurityFocus. On May 22, 2007, at 4:19 AM, Mohit Kohli wrote: Hi Guys, I got an assignment to write a white paper on TCP/IP

Re: [Full-disclosure] iDEFENSE VCP Challenge and botnet technologies

2007-05-21 Thread scott
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Ragan wrote: Wow What is with all the junk mail over the last few days on the list? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Sunday, May 20, 2007 7:16 PM To:

  1   2   >