Now now, don't ban people for getting owned
We don't discriminate against retards
On Mon, Sep 14, 2009 at 10:22 PM, wrote:
> D-vice wrote:
> > To Dan, being well known is now the same as having your ass
> handed to ya by
> > the like of me
>
> now that we banned n3td3v can we ban dan kamins
D-vice wrote:
> To Dan, being well known is now the same as having your ass
handed to ya by
> the like of me
now that we banned n3td3v can we ban dan kaminsky as well? ;)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/fu
To Dan, being well known is now the same as having your ass handed to ya by
the like of me
Think about it, its like you saying I'm jealous of Bush becouse he is was
the president and Im not
I'm not retarded, I don't envy epic fails
On Fri, Sep 11, 2009 at 6:27 PM, wrote:
> On Fri, 11 Sep
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of mrx
Sent: Friday, September 11, 2009 6:58 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Plain Text Password Disclosure vulnerability
in rediff mail
Rohit Patnaik wrote:
> full-censors...@hushmail.com wrote:
>
Rohit Patnaik wrote:
> full-censors...@hushmail.com wrote:
>
>> On Fri, 11 Sep 2009 22:27:41 +0100 valdis.kletni...@vt.edu wrote:
>>
>>
>>> On Fri, 11 Sep 2009 21:49:00 BST, you said:
>>>
>>>
>>>
would one not rather hire someone *not* well-known and *doesn't*
full-censors...@hushmail.com wrote:
> On Fri, 11 Sep 2009 22:27:41 +0100 valdis.kletni...@vt.edu wrote:
>
>> On Fri, 11 Sep 2009 21:49:00 BST, you said:
>>
>>
>>> would one not rather hire someone *not* well-known and *doesn't*
>>>
>>> get owned?
>>>
>> Feel free to hire that
On Fri, 11 Sep 2009 22:27:41 +0100 valdis.kletni...@vt.edu wrote:
>On Fri, 11 Sep 2009 21:49:00 BST, you said:
>
>> would one not rather hire someone *not* well-known and *doesn't*
>
>> get owned?
>
>Feel free to hire that guy flipping burgers at McD's to do your
>security
>assessment.
the burge
On Fri, 11 Sep 2009 21:49:00 BST, you said:
> would one not rather hire someone *not* well-known and *doesn't*
> get owned?
Feel free to hire that guy flipping burgers at McD's to do your security
assessment. Let me know how it turns out.
Also, remember that there is an asymmetric component to
On Fri, 11 Sep 2009 17:27:53 +0100 valdis.kletni...@vt.edu wrote:
>On Fri, 11 Sep 2009 12:23:17 +0200, D-vice said:
>
>> you the fuckard that got owned
>
>You're just jealous that Dan is well-known enough to be a target,
would one not rather hire someone *not* well-known and *doesn't*
get owned?
On Fri, 11 Sep 2009 12:23:17 +0200, D-vice said:
> you the fuckard that got owned
You're just jealous that Dan is well-known enough to be a target, and quite
likely jealous of the fact that Dan *has* a site to be targeted.
pgpufMM7nv3G7.pgp
Description: PGP signature
___
you the fuckard that got owned
LULz
On Fri, Sep 11, 2009 at 2:36 AM, Dan Kaminsky wrote:
> Beyond that, most web applications that do use SSL, still forget to set
> their cookies to secure (see
> http://fscked.org/blog/incomplete-list-alleged-vulnerable-sites ). Not to
> mention the hordes of
fuck.kaminsky
2009/9/11 Dan Kaminsky
> Beyond that, most web applications that do use SSL, still forget to set
> their cookies to secure (see
> http://fscked.org/blog/incomplete-list-alleged-vulnerable-sites ). Not to
> mention the hordes of sites that have SSL logins off HTTP pages. Even the
Beyond that, most web applications that do use SSL, still forget to set
their cookies to secure (see
http://fscked.org/blog/incomplete-list-alleged-vulnerable-sites ). Not to
mention the hordes of sites that have SSL logins off HTTP pages. Even the
oft-repeated "well, the attacker won't get the p
And? Every web application sends passwords as plain text unless they are using
SSL. Pretty much any "encryption" that they may do client side that isn't SSL
is meaningless. I hardly see how being able to sniff passwords from a site
that isn't using SSL is big news.
_
This particularly came in handy when we had those cable connections
wide spread. Basically this is there since the time rediff started.
Sent from my iPhone
On Sep 10, 2009, at 4:14 PM, kalyan wrote:
Dear all
is it a good mail?what do you feel guys?.It doesn't encrypting your
passwords
Dear all
is it a good mail?what do you feel guys?.It doesn't encrypting your
passwords
POST /cgi-bin/login.cgi HTTP/1.1
Host: mail.rediff.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3)
Gecko/20090824 Firefox/3.5.3
Accept: text/html,application/xhtml+xml,applicatio
16 matches
Mail list logo