I really wish people would stop comparing software agreements to car
warrantees, cars verses software?? Cars will always win, it's a hardware
thing.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Paul Tinsley
Sent: Monday, October 13, 2003 2:26 PM
To: Joshua
Answered one of my own questions: (Thanks to
http://www.ultrabac.com/kb/UltraBac_Help/UBQ_Articles_(FAQ_s)/UBQ000192.htm)
WSAECONNRESET
Error Number: 10054
Connection reset by peer.
A existing connection was forcibly closed by the remote host.
This normally results if the peer application on
I had better luck compiling the cyberphreak version (have since managed to
compile several flavors), but it still only seems to DoS patched and
unpatched systems.
The code gets stuck in a loop and always produces error 10054. Any idea
what that means?
if(ft)
{
int i=0;
On Sun, 12 Oct 2003 23:55:53 EDT, Robert W Vawter III <[EMAIL PROTECTED]> said:
> Knoppix ( http://knopper.net/knoppix/ ), a bootable CD containing a live
> Linux system, contains Nessus( http://www.nessus.org/ ), a security
> analysis tool. Is the possession of a Knoppix CD at someone else's pla
Common Hacker Stratifications:
Tier I
- The best of the best
- Ability to find new vulnerabilities
- Ability to write exploit code and tools
Tier II
- IT savvy
- Ability to program or script
- Understand wht the vulnerability is and how it works
- Intelligent enough to use the exploit code and to
Title: RE: Re: Bad news on RPC DCOM vulnerability
This code doesn't work without shellcode. The simple version of a "battle"
shellcode can be found here:
http://www.SecurityLab.ru/_exploits/bshell2
(add user 'a' with pass 'a' in administrator group)
You can change this shellcode as you need.
On Sun, 2003-10-12 at 22:40, Matt Carlson wrote:
> 1. What exactly defines a "script kiddie"?
See ESR's jargon file:
http://catb.org/~esr/jargon/html/S/script-kiddies.html
> 2. Does using a port scanner make you a "script kiddie" since you
> yourself did not write the code?
>
> 3. Does it make
On Sunday 12 October 2003 09:40 pm, Matt Carlson wrote:
> These question is off topic, I realize this, but please bear with me.
>
> 1. What exactly defines a "script kiddie"?
>
> 2. Does using a port scanner make you a "script kiddie" since you
> yourself did not write the code?
>
> 3. Does it make
On Oct 12, 2003, at 10:40 PM, Matt Carlson wrote:
1. What exactly defines a "script kiddie"?
2. Does using a port scanner make you a "script kiddie" since you yourself did not write the code?
3. Does it make you a script kiddie because it is a means of exploitation?
script kiddies pl.n.
On Sun, 12 Oct 2003 21:40:51 CDT, Matt Carlson <[EMAIL PROTECTED]> said:
> These question is off topic, I realize this, but please bear with me.
>
> 1. What exactly defines a "script kiddie"?
>
> 2. Does using a port scanner make you a "script kiddie" since you
> yourself did not write the code
These question is off topic, I realize this, but please bear with me.
1. What exactly defines a "script kiddie"?
2. Does using a port scanner make you a "script kiddie" since you
yourself did not write the code?
3. Does it make you a script kiddie because it is a means of exploitation?
Matt Ca
These question is off topic, I realize this, but please bear with me.
1. What exactly defines a "script kiddie"?
2. Does using a port scanner make you a "script kiddie" since you
yourself did not write the code?
3. Does it make you a script kiddie because it is a means of exploitation?
Matt Ca
Just out of curiosity could you specify why you consider the other one
"better code?" The only real differences between the two are that they
both "fix" the 'cs+=buf;' line differently which is kind of silly to
bother fixing in the first place, considering the function that line of
code sits o
Do you often buy cars directly from the manufacturer? I pretty much
assumed you didn't have a car drop shipped to your house and would have
a dealership in the loop... And I mean it's not like Microsoft doesn't
send out critical patching information, hell I get about 20 notices a
day, just cl
Hello,
On Sun, Oct 05, 2003 at 09:00:30PM +0200, Lorenzo Hernandez Garcia-Hierro wrote:
> - sql injections fix -
>
> // Geeklog SQL Injection prevention fix
> // by Lorenzo Hernandez Garcia-Hierro
> function DB_query($sql, $ignore_errors=1)
> Thats all but if you want to have a strong sql i
Title: RE: Re: Bad news on RPC DCOM vulnerability
A compiled version is found at http://www.SecurityLab.ru/_exploits/rpc3.zip
But it seems to only crash systems.
Does any one have a clean complile of the "better code" from http://www.cyberphreak.ch/sploitz/MS03-039.txt
On Oct 12, 2003, at 4:48 PM, Paul Tinsley wrote:
I have a Honda Accord and a Mini Cooper, prior to that a Mazda and an
Oldsmobile and I get/got reminders from all of those companies pretty
regularly with coupons, suggested maintenance flyers and the like...
I put car manufacturers right behind
I have a Honda Accord and a Mini Cooper, prior to that a Mazda and an
Oldsmobile and I get/got reminders from all of those companies pretty
regularly with coupons, suggested maintenance flyers and the like...
I put car manufacturers right behind my dentist in reminders, well lawn
care is somewh
- Original Message -
From: "morning_wood" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Sunday, October 12, 2003 9:54 AM
Subject: Re: [Full-Disclosure] babelpr0xy?
now go away, and STFU
Physician, heal thyself...
..Dave
_
On Oct 12, 2003, at 2:36 PM, [EMAIL PROTECTED] wrote:
The average car manufacturer doesn't try as hard as they possibly could
to make sure you never visit the dealership for regularly scheduled
maintenance
I drive a Ford truck. The Ford dealer I bought it from never told me
when to come in t
On Sun, 12 Oct 2003 13:47:08 EDT, Joshua Levitsky <[EMAIL PROTECTED]> said:
> When you drive a car you have maintenance responsibilities. Somehow
> with computers people don't come to the same conclusion.
The average car manufacturer doesn't try as hard as they possibly could
to make sure you n
Well... Tell me where honeypotting goes if that happens?
*cry*
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:full-disclosure-
> [EMAIL PROTECTED] On Behalf Of Steve Wray
> Sent: Sunday, October 12, 2003 02:15
> To: [EMAIL PROTECTED]
> Subject: RE: [Full-Disclosure] Hacker suspect
[... see full disclosure mailing list for
discussion/details]
so i have to share the credit... cauz you use a
modulus of my trick to achive similar result!!!
[ well... take all the credit if you want...]
i just wanna say, see , i wasn't wrong...
ps! trust me i knew that, many of such similar thi
On Oct 12, 2003, at 5:15 AM, Steve Wray wrote:
Will "Knowingly allowing a computer under your control
to remain in an exploitable state" become a crime?
(if it isn't already...)
If you never get your brakes inspected, and one day you crash in to
someone and kill them because your brakes fail. Is
Robert Brockway wrote:
On Sun, 12 Oct 2003, Michael Sierchio wrote:
Failure to adhere to the consensus best practice may mean you
are implicitly stating that you've agreed to accept the liability
for the result.
If that is taken to its logical conclusion, everyone online better be
arranging lia
FileDonkey.com Cross Site Scripting
--
WEBSITE: File Donkey
DOMAIN: www.filedonkey.com
RISK: 7
OWNERS STATUS: [EMAIL PROTECTED] [ warned same time as security
lists ]
-
--- DESCRIPTION ---
FileDonkey.com is the only one web search supported engine by P2P clients
like eMule
On Sun, 12 Oct 2003, Michael Sierchio wrote:
> Failure to adhere to the consensus best practice may mean you
> are implicitly stating that you've agreed to accept the liability
> for the result.
If that is taken to its logical conclusion, everyone online better be
arranging liability insurance, w
see guy's i wasn't wrong! NA, NONE OF THEM ARE USING
THE HACKED VERSION OF SHELL32.DLL ANYWAY!
i've tried it in fresh installed windows xp.
well, as npguy says...
the bug worked in his 128 ram PC!
but surprisingly i have 256mb p3, and it worked there
too...
[ i can't still understand... what t
On Sun, 12 Oct 2003 19:24:15 +0530, morning_wood <[EMAIL PROTECTED]> said:
> you certainly clicked JOHN SAGE
>
> now go away, and STFU
OK, so you've proven that he apparently visited the page, and he feels the
page is content-free. And so far in this whole thread, I've yet to see anything
rese
Steve Wray wrote:
Will "Knowingly allowing a computer under your control
to remain in an exploitable state" become a crime?
(if it isn't already...)
It may already be. Certainly it exposes one to civil liability --
if an incident or event was foreseeable, there's certainly
negligence, or the com
A buffer overflow bug allowing to crash the server has been
discovered. It is exploitable only by local users and affects
all versions of IRCnet IRCD from 2.10 series, up to 2.10.3p3.
New release has been made, irc2.10.3p4, and is available from
ftp://ftp.irc.org/irc/server/irc2.10.3p4.tgz
Alte
41.seattle-23-24rs.wa.dial-access.att.net
12.82.137.41 - - [12/Oct/2003:12:18:35 +0500] "GET /babelpr0x.html HTTP/1.1"
200 1455
12.82.137.41 - - [12/Oct/2003:12:18:35 +0500] "GET /favicon.ico HTTP/1.1"
200 4710
12.82.137.41 - - [12/Oct/2003:12:19:01 +0500] "GET / HTTP/1.1" 200 2430
you certainl
In reference to the alleged DoS in Windows...
FIRST AND FOREMOST
IF YOU DOWNLOAD AND INSTALL SOMEONE ELSE'S CORE WINDOWS FILES ONTO YOUR
SYSTEM, YOU CANNOT EXPECT YOUR SYSTEM TO OPERATE IN THE FASHION THAT IT WAS
ORIGINALLY PRODUCED. (see the definition of Stupidity, below)
And as far as "bi
This page has some info about the issue -
http://www.searchlores.org/anonyweb.htm.
Also check out this page -
http://www.searchlores.org/proxy.htm. Some of the
links lead to pages that discuss the use of Language
Translation services as proxies.
--
Cheers,
iNt27~
--- morning_wood <[EMAIL PROTE
Will "Knowingly allowing a computer under your control
to remain in an exploitable state" become a crime?
(if it isn't already...)
I am in two minds on whether it should or should not
:(
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Paul Tinsley
>
> http://www.cnn.com/2003/TECH/internet/10/10/hi
http://www.cnn.com/2003/TECH/internet/10/10/hijacked.hacker.reut/index.html
"Caffrey is accused of triggering the paralyzing data blast on a vital
computer server used to coordinate ship movements in the Houston port --
the sixth biggest shipping port in the world"
Ok, so somebody explain to me
On Sat, Oct 11, 2003 at 03:15:33PM -0700, S G Masood wrote:
> Donnie,
>
> I am unable to view this page from here. What's this
> link about?
Nothing.
- John
--
"You are in a twisty maze of weblogs, all alike."
-
John Sage: InfoSec Groupie
-
ABCD, EFGH, IJKL, EmEnOh, Pplus+, Mminus-
-
ATTENTIO
37 matches
Mail list logo
