Re: [Full-disclosure] DefCon 17 CTF packet captures online
What about the promised CTF stats? :) Cheers, 2009/9/7 Holt Sorenson h...@nosneros.net We have just finished the last bits in getting the DefCon 17 CTF packet captures online. Snag them from: http://ddtek.biz/ 3 ur sheep and mom too, ddtek -- Holt Sorenson h...@nosneros.net www.nosneros.net/hso ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- dre...@pandas.es ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft Internet Information Server ftpd zeroday
Hi Kingcope, Thanks to a hint by Petar on the G-SEC blog [1] it appears that the very same bug was present in IIS3 and IIS4 and discovered by eeye in 1999 : http://research.eeye.com/html/advisories/published/AD19990124.html Microsoft IIS (Internet Information Server) FTP service contains a buffer overflow in the NLST command. This could be used to DoS a remote machine and in some cases execute code remotely. Is this the same bug andwas the bug re-introduced ? Has Microsoft fixed LS but not NLST? svn mishap ? Maybe Mudge and/or Dildog can comment - would certainly be interesting to know whether and if HOW this bug was reintroduced. [1] http://blog.g-sec.lu/2009/09/iis-5-iis-6-ftp-vulnerability.html Regards, Thierry ZOLLER -- http://blog.zoller.lu ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [scip_Advisory 4021] IBM Lotus Notes 8.5 RSS Widget Privilege Escalation
IBM Lotus Notes 8.5 RSS Widget Privilege Escalation scip AG Vulnerability ID 4021 (09/08/2009) http://www.scip.ch/?vuldb.4021 I. INTRODUCTION Lotus Notes is a client-server, collaborative application developed and sold by IBM Software Group. More information is available on the official product web site at the following URL: http://www.ibm.com/software/lotus/products/notes/ II. DESCRIPTION Marc Ruef at scip AG found a design vulnerability in the current Release 8.5. The product provides some widgets which can be added and enabled by the user. One of those widgets provide a simple RSS reader. This reader downloads the RSS file, extracts the items and saves them locally as HTML files. The interpretation and display of the RSS items is handled by the Internet Explorer regarding the applied security zone. III. EXPLOITATION No exploitation is required. A malicious RSS feed may contain script data or embedded objects. IV. IMPACT The RSS items are handled like web documents which introduces the possibility of running script code or to embed multimedia objects (e.g. Flash or movies). Because locally saved files run in the Local Zone of the Internet Explorer some privilege escalation is possible. V. DETECTION It may be possible to identify malicious RSS feeds if they contain script code or embedded objects. VI. SOLUTION IBM has been informed immediately. They are able to address this vulnerability with a hotfix. VII. VENDOR RESPONSE The vendor verified the existence of the issue and addressed it as soon as possible with a hotfix. Unfortunately most of the communication bypassed us and were forced to ask for the current status several times. Our last request of the current status at 08/24/2009 were unanswered. VIII. SOURCES scip AG - Security Consulting Information Process (german) http://www.scip.ch/ scip AG - Vulnerability Database (german) http://www.scip.ch/?vuldb.4021 computec.ch Document Database (german) http://www.computec.ch/download.php IX. DISCLOSURE TIMELINE 2009/04/07 Identification of the vulnerability. 2009/04/23 Notification of IBM via the customer. 2009/04/23 Technical knowhow exchange between scip AG/IBM. 2009/06/05 Asking for current status by scip AG. (no answer) 2009/07/09 Asking for current status by scip AG. 2009/07/09 Reply with current status and assigned PMR. 2009/08/24 Asking for current status by scip AG. (no answer) 2009/09/08 Public disclosure of the advisory. X. CREDITS The vulnerabilities were discovered by Marc Ruef. Marc Ruef, scip AG, Zuerich, Switzerland maru-at-scip.ch http://www.scip.ch A1. LEGAL NOTICES Copyright (c) 2002-2009 scip AG, Switzerland. Permission is granted for the re-distribution of this alert. It may not be edited in any way without permission of scip AG. The information in the advisory is believed to be accurate at the time of publishing based on currently available information. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect or consequential loss or damage from use of or reliance on this advisory. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] This is n3td3v and Gary McKinnon's lawyer. My client's have asburger syndrome.
I just go off the phone with intelligence MI7 and the CIB (Upgraded from CIA++, super savage secret) have relayed to me in code that n3td3v security is coming back stronger than ever. Over in Langley we know that n3td3v has the finest security tactics. Super fortified servers. Ultra mega ram. He is truly one of the most experienced blackhats in all the land. He is a master criminal. In other news, Gary McKinnon, elite pentagon hacker is an autistic rockstar: http://www.youtube.com/watch?v=XcOY0kWQaqc He's milking the success of his crime, instead apologizing, he's gloating. I guess that teaches people hacking is OK. My name is shadowdong007. Roger wilco. - Gary McKinnon, CISSP, MD. autistic only when I commit crimes, but really me when I'm on TV this is not n3td3v - laywyer ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] On the subject of security researcher n3td3v, Gary McKinnon Autistic rockstar felon
I just go off the phone with intelligence MI7 and the CIB (Upgraded from CIA++, super sexy savage secret) have relayed to me in code that n3td3v security is coming back stronger than ever. Over in Langley we know that n3td3v has the finest security tactics. Super fortified servers. Ultra mega ram. He is truly one of the most experienced blackhats in all the land. He is a master criminal. In other news, Gary McKinnon, elite pentagon hacker is an autistic rockstar: http://www.youtube.com/watch?v=XcOY0kWQaqc He's milking the success of his crime, instead apologizing, he's gloating. I guess that teaches people hacking is OK. My name is shadowdong007. Roger wilco. - Gary McKinnon, CISSP, MD. autistic only when I commit crimes, but really me when I'm on TV this is not n3td3v - laywyer this was intelligence reprrte ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [ MDVSA-2009:225 ] qt4
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:225 http://www.mandriva.com/security/ ___ Package : qt4 Date: September 8, 2009 Affected: 2009.0, 2009.1, Enterprise Server 5.0 ___ Problem Description: A vulnerability has been found and corrected in qt4: src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2700). This update provides a solution to this vulnerability. ___ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2700 ___ Updated Packages: Mandriva Linux 2009.0: 8f0b2b07978ce4e9eb86291935b2259c 2009.0/i586/libqassistant4-4.5.2-1.6mdv2009.0.i586.rpm e2403dcda9f123b545188aef00cb2114 2009.0/i586/libqt3support4-4.5.2-1.6mdv2009.0.i586.rpm 51288fb907cc947b3cadd9ab2e33b75b 2009.0/i586/libqt4-devel-4.5.2-1.6mdv2009.0.i586.rpm 302a8f93453e5d53d7c8a2df82029ffc 2009.0/i586/libqtclucene4-4.5.2-1.6mdv2009.0.i586.rpm 616c5e49341e9a09d0e8ebe84e02e1cc 2009.0/i586/libqtcore4-4.5.2-1.6mdv2009.0.i586.rpm 3c83783b3bce0ef1d4272fea4b2b8b63 2009.0/i586/libqtdbus4-4.5.2-1.6mdv2009.0.i586.rpm 0a5e1e53937d3e283d7a3d4227850e35 2009.0/i586/libqtdesigner4-4.5.2-1.6mdv2009.0.i586.rpm 33ce1ee1c1cde616895ecef85072 2009.0/i586/libqtgui4-4.5.2-1.6mdv2009.0.i586.rpm 94e8c96fbc41bb125a1e3104f552f267 2009.0/i586/libqthelp4-4.5.2-1.6mdv2009.0.i586.rpm 1370e9cbbdffd1763ac8740fb31505bd 2009.0/i586/libqtnetwork4-4.5.2-1.6mdv2009.0.i586.rpm 1699327bbe2cf4bef5c9dedb155c3c36 2009.0/i586/libqtopengl4-4.5.2-1.6mdv2009.0.i586.rpm ca924316c1e18ad29bdf37f392883f1c 2009.0/i586/libqtscript4-4.5.2-1.6mdv2009.0.i586.rpm 8fd952c8be0760d7918e6e5693ba32a7 2009.0/i586/libqtscripttools4-4.5.2-1.6mdv2009.0.i586.rpm afc2b34155609ac2f390446f7f5bc45b 2009.0/i586/libqtsql4-4.5.2-1.6mdv2009.0.i586.rpm 345e293c4771e249679801aa750397ca 2009.0/i586/libqtsvg4-4.5.2-1.6mdv2009.0.i586.rpm b0e143930f2da815b3fcae1c73a1a70c 2009.0/i586/libqttest4-4.5.2-1.6mdv2009.0.i586.rpm 2c7474fd309e67fe682e44576b527e0c 2009.0/i586/libqtwebkit4-4.5.2-1.6mdv2009.0.i586.rpm b19c8107575a0818ecbe19dae9028ef0 2009.0/i586/libqtxml4-4.5.2-1.6mdv2009.0.i586.rpm 1540b82f62f29d8e9f46df23e5b7f786 2009.0/i586/libqtxmlpatterns4-4.5.2-1.6mdv2009.0.i586.rpm a243614d06b6aa0aec46b6263bdde420 2009.0/i586/qt4-accessibility-plugin-4.5.2-1.6mdv2009.0.i586.rpm 11c894ba3a91e7c2e1ebc0c194c9aaae 2009.0/i586/qt4-assistant-4.5.2-1.6mdv2009.0.i586.rpm 40a9530b2ed55545036ee30ce5109069 2009.0/i586/qt4-common-4.5.2-1.6mdv2009.0.i586.rpm 28fd5f52ebd0f1b47975aaabc6a69ea1 2009.0/i586/qt4-database-plugin-mysql-4.5.2-1.6mdv2009.0.i586.rpm 6e315a67b9e061027b7ec252cfb2085b 2009.0/i586/qt4-database-plugin-odbc-4.5.2-1.6mdv2009.0.i586.rpm 80e679cde6b34b8ba063cf0d36b198eb 2009.0/i586/qt4-database-plugin-pgsql-4.5.2-1.6mdv2009.0.i586.rpm b613b53004865d81b54f7c11a403a529 2009.0/i586/qt4-database-plugin-sqlite-4.5.2-1.6mdv2009.0.i586.rpm f97d447b97bfd68d59d0eb28064f7213 2009.0/i586/qt4-database-plugin-tds-4.5.2-1.6mdv2009.0.i586.rpm c9c9e0a3230ba751c7eebeacc44d906d 2009.0/i586/qt4-designer-4.5.2-1.6mdv2009.0.i586.rpm cf2435679fa0066b6ae95a4dad6c0fda 2009.0/i586/qt4-doc-4.5.2-1.6mdv2009.0.i586.rpm 933137e640637b6fa7ea5b5a6257a9ca 2009.0/i586/qt4-examples-4.5.2-1.6mdv2009.0.i586.rpm 6e080be6a767a58323c845521d8eef9a 2009.0/i586/qt4-graphicssystems-plugin-4.5.2-1.6mdv2009.0.i586.rpm 70f84dbe081843b0fa9c4b07b517b7a8 2009.0/i586/qt4-linguist-4.5.2-1.6mdv2009.0.i586.rpm 8082bc18d3183654f64c0bba0933de93 2009.0/i586/qt4-qdoc3-4.5.2-1.6mdv2009.0.i586.rpm b77fb9a4915ee16eb07a2c7a82069a7a 2009.0/i586/qt4-qtconfig-4.5.2-1.6mdv2009.0.i586.rpm b2b4fb545fcaf96de26ea8618f507eb9 2009.0/i586/qt4-qtdbus-4.5.2-1.6mdv2009.0.i586.rpm ca7d917f2442e9ff1665b224e834d9e2 2009.0/i586/qt4-qvfb-4.5.2-1.6mdv2009.0.i586.rpm 840c3cd230194546f0277fb0314fe31b 2009.0/i586/qt4-xmlpatterns-4.5.2-1.6mdv2009.0.i586.rpm e7d70d53a8a870ba2b938c754dc58379 2009.0/SRPMS/qt4-4.5.2-1.6mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: f9ceffb25a3dd3e2fff7520eb024b413 2009.0/x86_64/lib64qassistant4-4.5.2-1.6mdv2009.0.x86_64.rpm ff62476ae9bc5124c3b77ccd6b8e4dfb 2009.0/x86_64/lib64qt3support4-4.5.2-1.6mdv2009.0.x86_64.rpm e05a185eae6d1155404ebdca47228298
[Full-disclosure] [USN-828-1] PAM vulnerability
=== Ubuntu Security Notice USN-828-1 September 08, 2009 pam vulnerability https://launchpad.net/bugs/410171 === A security issue affects the following Ubuntu releases: Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.10: libpam-runtime 1.0.1-4ubuntu5.6 Ubuntu 9.04: libpam-runtime 1.0.1-9ubuntu1.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Russell Senior discovered that the system authentication module selection mechanism for PAM did not safely handle an empty selection. If an administrator had specifically removed the default list of modules or failed to chose a module when operating debconf in a very unlikely non-default configuration, PAM would allow any authentication attempt, which could lead to remote attackers gaining access to a system with arbitrary privileges. This did not affect default Ubuntu installations. Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/p/pam/pam_1.0.1-4ubuntu5.6.diff.gz Size/MD5: 163787 1fe83c5f51260520402bd43e33267d4f http://security.ubuntu.com/ubuntu/pool/main/p/pam/pam_1.0.1-4ubuntu5.6.dsc Size/MD5: 1632 5962a19a022e6eb7af577b88719a64c4 http://security.ubuntu.com/ubuntu/pool/main/p/pam/pam_1.0.1.orig.tar.gz Size/MD5: 1597124 bcaa5d9bf84137e0d128b2ff9b63b1d7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-doc_1.0.1-4ubuntu5.6_all.deb Size/MD5: 292106 89104df9cea238eb924fa7fbb0f80d35 http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-runtime_1.0.1-4ubuntu5.6_all.deb Size/MD5:89482 94993aae326381ddcd4279ed9c61e357 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-cracklib_1.0.1-4ubuntu5.6_amd64.deb Size/MD5:71576 f46ffb12fc109a58b2ebe9d36fd1173e http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-modules_1.0.1-4ubuntu5.6_amd64.deb Size/MD5: 312240 ccade228ed92c9f524b088617b42ce64 http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g-dev_1.0.1-4ubuntu5.6_amd64.deb Size/MD5: 169324 8fce97f395a60b4ad7f821827458e7ab http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g_1.0.1-4ubuntu5.6_amd64.deb Size/MD5: 113888 5b6fd51cbc3f936e6e11fdb1a9131a52 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-cracklib_1.0.1-4ubuntu5.6_i386.deb Size/MD5:71552 360601c0c24308561fe7d50a9b9bc5e7 http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam-modules_1.0.1-4ubuntu5.6_i386.deb Size/MD5: 299738 020d7196d87df2cdf17c739f9e6bf0f5 http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g-dev_1.0.1-4ubuntu5.6_i386.deb Size/MD5: 167018 69ed60f901436960e21e0b604ae4b19b http://security.ubuntu.com/ubuntu/pool/main/p/pam/libpam0g_1.0.1-4ubuntu5.6_i386.deb Size/MD5: 32 4afeb993ed5910e108c3fc4f9ba645b5 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/p/pam/libpam-cracklib_1.0.1-4ubuntu5.6_lpia.deb Size/MD5:71470 112033e2f1f641fec967e28f3503f88e http://ports.ubuntu.com/pool/main/p/pam/libpam-modules_1.0.1-4ubuntu5.6_lpia.deb Size/MD5: 295984 c8303ffbb776fdce4e20c999150f3549 http://ports.ubuntu.com/pool/main/p/pam/libpam0g-dev_1.0.1-4ubuntu5.6_lpia.deb Size/MD5: 165548 a8502044f6c5fac5900559d0e85fc62f http://ports.ubuntu.com/pool/main/p/pam/libpam0g_1.0.1-4ubuntu5.6_lpia.deb Size/MD5: 110474 86c7473158e190237969445a51c49d30 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/p/pam/libpam-cracklib_1.0.1-4ubuntu5.6_powerpc.deb Size/MD5:72010 da7ce309e25fade724ff291120d1866d http://ports.ubuntu.com/pool/main/p/pam/libpam-modules_1.0.1-4ubuntu5.6_powerpc.deb Size/MD5: 329746 19febf8a9d5e3a62c0957dff09dfc8c8 http://ports.ubuntu.com/pool/main/p/pam/libpam0g-dev_1.0.1-4ubuntu5.6_powerpc.deb Size/MD5: 167526 40420891673085c3889ebba39b1a92b7 http://ports.ubuntu.com/pool/main/p/pam/libpam0g_1.0.1-4ubuntu5.6_powerpc.deb Size/MD5: 114658 06a1523fa01a77ec8eb2f8eec8e7b4bf sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/p/pam/libpam-cracklib_1.0.1-4ubuntu5.6_sparc.deb Size/MD5:71854 3762836827676a721f744c06067a9ed5 http://ports.ubuntu.com/pool/main/p/pam/libpam-modules_1.0.1-4ubuntu5.6_sparc.deb Size/MD5: 307930 5afecfdbe6783dead53c8163987c053e
[Full-disclosure] Web-monitoring software gathers data on kid chats
Parents who install a leading brand of software to monitor their kids' online activities may be unwittingly allowing the company to read their children's chat messages — and sell the marketing data gathered. Software sold under the Sentry and FamilySafe brands can read private chats conducted through Yahoo, MSN, AOL and other services, and send back data on what kids are saying about such things as movies, music or video games. The information is then offered to businesses seeking ways to tailor their marketing messages to kids. http://www.google.com/hostednews/ap/article/ALeqM5i5CjgMEdrwRm3JxeglUykMAHAYmAD9AGNVM00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Web-monitoring software gathers data on kid chats
hahahaha oh man, that's grand. 2009/9/9 Ivan . ivan...@gmail.com Parents who install a leading brand of software to monitor their kids' online activities may be unwittingly allowing the company to read their children's chat messages — and sell the marketing data gathered. Software sold under the Sentry and FamilySafe brands can read private chats conducted through Yahoo, MSN, AOL and other services, and send back data on what kids are saying about such things as movies, music or video games. The information is then offered to businesses seeking ways to tailor their marketing messages to kids. http://www.google.com/hostednews/ap/article/ALeqM5i5CjgMEdrwRm3JxeglUykMAHAYmAD9AGNVM00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Web-monitoring software gathers data on kid chats
Yeah, I saw that on Slashdot the other day, and I thought it was pretty hilarious. Ironic isn't it, that the very company one hires to protect their kids from exploitation is the one that is exploiting the kids? --Rohit Patnaik dramacrat wrote: hahahaha oh man, that's grand. 2009/9/9 Ivan . ivan...@gmail.com mailto:ivan...@gmail.com Parents who install a leading brand of software to monitor their kids' online activities may be unwittingly allowing the company to read their children's chat messages — and sell the marketing data gathered. Software sold under the Sentry and FamilySafe brands can read private chats conducted through Yahoo, MSN, AOL and other services, and send back data on what kids are saying about such things as movies, music or video games. The information is then offered to businesses seeking ways to tailor their marketing messages to kids. http://www.google.com/hostednews/ap/article/ALeqM5i5CjgMEdrwRm3JxeglUykMAHAYmAD9AGNVM00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Web-monitoring software gathers data on kid chats
This is either (a) slipped into the EULA or (b) illegal. If (a) then it's another case of people just not reading the EULA, and while I know these things are complicated when it comes to something as critical as your children... READ THE EULA. If it's (b) then someone's going to jail, because there are enough child-protection statutes and laws on the books to make someone's life miserable in the federal pen. Now I'm going to go read the EULA on them :) __ Rafal M. Los Security IT Risk Strategist - Blog:http://preachsecurity.blogspot.com - LinkedIn:http://www.linkedin.com/in/rmlos - Twitter: http://twitter.com/RafalLos -- From: Ivan . ivan...@gmail.com Sent: Tuesday, September 08, 2009 7:47 PM To: full-disclosure full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] Web-monitoring software gathers data on kid chats Parents who install a leading brand of software to monitor their kids' online activities may be unwittingly allowing the company to read their children's chat messages — and sell the marketing data gathered. Software sold under the Sentry and FamilySafe brands can read private chats conducted through Yahoo, MSN, AOL and other services, and send back data on what kids are saying about such things as movies, music or video games. The information is then offered to businesses seeking ways to tailor their marketing messages to kids. http://www.google.com/hostednews/ap/article/ALeqM5i5CjgMEdrwRm3JxeglUykMAHAYmAD9AGNVM00 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] 4f: The File Format Fuzzing Framework
Krakow Labs Development 4f: The File Format Fuzzing Framework 4f is a file format fuzzing framework. 4f uses modules which are specifications of the targeted binary or text file format that tell it how to fuzz the target application. If 4f detects a crash, it will log crucial information important for allowing the 4f user to reproduce the problem and also debugging information important to deciding the severity of the bug and its exploitability. 4f uses specialized modules for fuzzing code that interprets file formats. Several modules are included and more can be written to follow other file formats. Full source code, binary, package, demonstration photo and video @ http://www.krakowlabs.com You can also check out the video that shows 4f discovering 0day (not worth much but it shows 4f works!) @ SecurityTube too -- http://www.securitytube.net/The-File-Format-Fuzzing-Framework-(4f)-video.aspx ~KL ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
