Dear Sacure Corporation, Todd Michael Cohan and FD:
This will be my last email, its getting boring, but I figured that
I'd give Sacure the chance to clear the air.
I've done a bit of research on the Sacure Corporation (Google) and
decided that instead of bashing Sacure I'd just ask them some
On 10/27/07, reepex [EMAIL PROTECTED] wrote:
please stop trying to ruin a noname company - all you are doing is
giving n3td3v more things to talk about so that people click his link
and his terrorist cell can be funded by adsense.
I'm a lawful researcher and n3td3v is a non-profit
ole:
your site itself has problems! how are you going to solve others problems?
Welcome ole! Your request has been directed to the Customer
Servicedepartment. Please wait for our operator to answer your call.
Call accepted by operator JC. Currently in room: JC. ole:
any answers?
JC:
Hello Ole
God, this is just more proof that they have no idea what they are
doing. How long does it take to fix errors on a website? I mean, I
know that they are using Godaddy.com and don't host their own
stuff...
wait... that can't be right!
How can a leader in Managed Security Services not have the
please stop trying to ruin a noname company - all you are doing is
giving n3td3v more things to talk about so that people click his link
and his terrorist cell can be funded by adsense.
If you want a company to laugh at you should instead try irm and
their cisco xss.
On 10/27/07, [EMAIL
How can security companies protect us if they can't even configure their
shit right?
More on that :
From their Pen Test Whitepaper on http://www.sacure.com/index.php
The Web-based authentication is exploited by using XSS (cross-site shipping)
or SLQ injection or MITM (Man-in-the-Middle)
When typing these words _shipp_ing and script_ing_ these keys aren't even near
each other on the keyboard... :)
- Juha-Matti
alexandre jodoin [EMAIL PROTECTED] wrote:
How can security companies protect us if they can't even configure their
shit right?
More on that :
From their Pen
WTF is cross-site shipping ???
A way to implement RFC 1149.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
In fine prints, at the end of the document (Pen Test Whitepaper) :
While every precaution has been taken in the preparation of this document,
Sacure assumes no responsibility for errors,
omissions or damages resulting from the use of the information herein.
What a joke...
The truth about Sacure is that they have little to no capabilities
or talent what so ever. Their website has been malfunctioning since
well before August 2007 and they never caught it. Why would anyone
hire a “Managed Security” company that can’t detect issues in their
own network? How the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
They can't even spell 'secure'.What the hell is 'sacure'?
Regards,
Scott
[EMAIL PROTECTED] wrote:
The truth about Sacure is that they have little to no capabilities
or talent what so ever. Their website has been malfunctioning since
well
On Sat, 2007-10-27 at 00:06 -0400, scott wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
They can't even spell 'secure'.What the hell is 'sacure'?
Perhaps it's suppose to be sauce. :-)
-Jim P.
___
Full-Disclosure - We believe in it.
How can security companies protect us if they can't even configure
their shit right?
http://www.sacure.com/news/index.php
Warning: mysql_pconnect(): Access denied for user:
'[EMAIL PROTECTED]' (Using password: YES) in
/home/content/s/a/c/sacure/html/news/snews.php on line 457
Warning:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So their sql server fell over. Shit happens.
- ---
Tremaine Lea
Network Security Consultant
Intrepid ACL
Paranoia for hire
On 25-Oct-07, at 1:19 PM, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
How can security companies protect us if they
Fell over a few months ago. They're supposed to be a security
company... you'd think that they would notice.
This is G o o g l e's cache of http://www.sacure.com/news/index.php
as retrieved on Aug 22, 2007 08:14:11 GMT.
On Thu, 25 Oct 2007 15:47:25 -0400 Tremaine Lea
[EMAIL PROTECTED]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
...
I take it all back. You were right :)
Heck, you'd think *any* company would notice.
- ---
Tremaine Lea
Network Security Consultant
Intrepid ACL
Paranoia for hire
On 25-Oct-07, at 3:53 PM, [EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Fell
amen.
On Thu, 25 Oct 2007 18:02:17 -0400 Tremaine Lea
[EMAIL PROTECTED] wrote:
...
I take it all back. You were right :)
Heck, you'd think *any* company would notice.
---
Tremaine Lea
Network Security Consultant
Intrepid ACL
Paranoia for hire
On 25-Oct-07, at 3:53 PM, [EMAIL PROTECTED]
http://www.sacure.com/news/home/sacure-to-offer-security-staffing-and-consulting-services/
generates the same result as well.
- Juha-Matti
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
Way too much info.
Let's map out some tables names now
http://www.sacure.com/login_process.php
On 10/25/07, Juha-Matti Laurio [EMAIL PROTECTED] wrote:
http://www.sacure.com/news/home/sacure-to-offer-security-staffing-and-consulting-services/
generates the same result as well.
-
Maybe it's a joke. :-)
Fabrizio wrote:
Way too much info.
Let's map out some tables names now
http://www.sacure.com/login_process.php
On 10/25/07, *Juha-Matti Laurio* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
First off,it's on GoDaddy (dot)com.That should be the first pointer.
Michael Bann wrote:
Maybe it's a joke. :-)
Fabrizio wrote:
Way too much info.
Let's map out some tables names now
http://www.sacure.com/login_process.php
On
21 matches
Mail list logo