On Fri, Nov 8, 2013 at 7:47 PM, coderman coder...@gmail.com wrote:
surprised not a peep about this one here yet,... hmmm
a fun one ;)
we are accustomed to old software adding risk;
new (secondary effects of combined AUTH+ENC modes)
also carries risk!
Well know possibility, yes. In any
Please stop sending to fd.
Already everyone here could tell the same no other linux distro is
using fd for this, iirc.
Best
2013/4/16, secur...@mandriva.com secur...@mandriva.com:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, Aug 1, 2012 at 1:38 AM, Kyle Creyts kyle.cre...@gmail.com wrote:
Who uses something other than a browser in a virtual machine to follow
suspicious/possibly malicious links?
If you do, what do you use, and how did you choose it?
On fedora/RHEL with selinux enabled you can use the
On Sun, Jun 10, 2012 at 4:55 PM, Georgi Guninski gunin...@guninski.comwrote:
Stumbled upon this:
http://pastebin.com/5pjjgbMt
===
LinkedIn Leaked hashes password statistics (@StefanVenken)
Based on the leaked 6.5 Million hashes,
1.354.946 were recovered within a few hours time with
On Mon, May 28, 2012 at 5:34 PM, Peter Dawson slash...@gmail.com wrote:
is FLAME is actually a cyberweapon ?
Apparently YES
On Tue, Oct 25, 2011 at 8:26 PM, information security
informationhacke...@gmail.com wrote:
==
Microsoft Outlook Web Access Session
sidejacking/Session Replay Vulnerability
page.
If you're interested i have put all on github
even with the auto-generated tarball make distcheck. Perhaps some small
detail still needs to be fixed. Free of contact me if you're interested in
this.
https://github.com/yersinia/junkcode/tree/master/tool/t50/t50-2.45r-H2HC
Greetings
Nelson
On Thu, Jun 17, 2010 at 4:21 PM, Samuel Martín Moro faus...@gmail.comwrote:
I also don't want to change my ssh port, nor restrict incoming IPs, ... and
I use keys only to log in without entering password.
So you're not alone.
I had my IP changed several times, my servers are only hosting
Perhaps this news could be of interest to someone on this lists.
http://www.free-press-release.com/news-united-states-department-of-defense-embraces-hacker-certification-to-protect-us-interests-1267435223.html
Regards
___
Full-Disclosure - We believe
On Mon, Oct 19, 2009 at 12:15 PM, Loup Samuel sl...@corum.ch wrote:
Milw0rm is Closed 0_o
/str0ke have no more time for this job.
See this indafrench'kiss'lang blog :
http://www.cnis-mag.com/milw0rm-ferme-ses-portes.html
the question is: there is necessity of these kind of free information
On Mon, Oct 19, 2009 at 3:15 PM, yersinia yersinia.spi...@gmail.com wrote:
On Mon, Oct 19, 2009 at 2:22 PM, Alexandru Balan jay...@gmail.com wrote:
On Mon, Oct 19, 2009 at 2:48 PM, yersinia yersinia.spi...@gmail.com wrote:
On Mon, Oct 19, 2009 at 12:15 PM, Loup Samuel sl...@corum.ch wrote
On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious fred.vici...@gmail.comwrote:
Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no
DEP/ASLR there... But as you said, so far there's no known catch-all
technique against IE8.
Along with other security features (
On Tue, Sep 22, 2009 at 9:11 PM, Abhijeet Jain
abhijeet.ecsta...@gmail.comwrote:
Myth No. 2- Using Firefox does not make you safe! In fact, IE 7/8 is the
safest browser when used with Windows Vista because it runs on lower
privileges.
Not on Linux(Fedora) with Selinux Enabled, better if you
So it seems that it is not necessary to be a clever hacker as spender to
disable SELinux on a system
(http://grsecurity.net/~spender/exploit.txthttp://grsecurity.net/%7Espender/exploit.txt).
Just follow the directions of the vendor. This one require to disable
selinux for the proper function of
On Sat, Sep 5, 2009 at 12:58 PM, Adrenalin adrenali...@gmail.com wrote:
It seems like the plugins in Chrome are not in a sandbox
One additional, important area that is not covered by the sandbox are
plugins like Flash. Restricting what plugins can do does not fit well with
what users expect,
On Mon, Aug 3, 2009 at 5:49 PM, tahatahacaly...@gmail.com wrote:
On Sat, Aug 1, 2009 at 3:25 PM, yersinia yersinia.spi...@gmail.com wrote:
On Fri, Jul 31, 2009 at 5:58 PM, Kingcopekco...@googlemail.com wrote:
Hello people,
Yes there is a warning when the PoC is compiled. But I guess
% understanding
of the DNS protocol therefore I took a guess on my named.conf file and put the
address into the PoC.
Thanks for your time,
Kingcope
2009/7/31 yersinia yersinia.spi...@gmail.com:
Repost for mailing problem.
On Fri, Jul 31, 2009 at 12:14 AM, yersinia yersinia.spi...@gmail.com
Repost for mailing problem.
On Fri, Jul 31, 2009 at 12:14 AM, yersinia yersinia.spi...@gmail.com wrote:
On Thu, Jul 30, 2009 at 1:24 PM, Kingcope kco...@googlemail.com wrote:
Hello again,
the default setting of 127.in-addr.arpa is a bit weird
try
./bind ip localhost
Never mind. I have
On Mon, Jul 27, 2009 at 8:45 PM, anti...@hushmail.com wrote:
AntiSec is against hetrosexual relations and wifi cracking. AntiSec
is also against flooding the premier channel for hacker
communicationsthe full disclosure mailing list, with erroneous
posts about useless tools. Remember to use
On Fri, Jul 17, 2009 at 4:26 AM, Brad Spenglerspen...@grsecurity.net wrote:
Title says it all, exploit is at:
http://grsecurity.net/~spender/cheddar_bay.tgz
Everything is described and explained in the exploit.c file.
I exploit a bug that by looking at the source is unexploitable;
I defeat
2009/3/24 Rubén Camarero rjcamar...@gmail.com
If ATI and nVidia were web content developers, this may be a valid
argument, but they are not. They are graphics vendors, hardware and
software. Not to mention the fact that this isn't a serious issue. RFI is
a serious issue, IMHO.
Well, not
Wonderful.
On Fri, Feb 27, 2009 at 1:49 AM, Ivan . ivan...@gmail.com wrote:
http://olylug.org/read.php?73,13757
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
smbrelay in origin was, some years ago, created by CDC. M$ smb signing do it
historic. This tool is an evolution of this ?
Regards
On Fri, Nov 14, 2008 at 9:37 PM, Andres Tarasco [EMAIL PROTECTED] wrote:
I have published a new proof of concept tool, named Smbrelay3, that is
able to replay
Hello,
just to inform you that there is a new Yersinia version (0.7) with 802.1x
support. In addition, with lots of bugfixes and a new GTK interface.
The entire core has been redeveloped to support easy addition of new
protocols and attacks, and with the new GTK interface the tool is ready
to find any implementation, so here is
a step by step guide to perform a VLAN Hopping + ARP Poisoning, allowing
an user to sniff and (why not?) perform a mitm attack against other user
in another VLAN.
The tool described here, yersinia, can do this, among other fancy
features.
Note for the network
Hi,
we are pleased to announce the release of Yersinia, a framework for (mainly)
layer 2
attacks. The tool has been presented in BlackHat Europe 2005, so if any of you
could attend the conference will know what it is about.
Yersinia implements several attacks for the following protocols
26 matches
Mail list logo
