Re: [Full-disclosure] (no subject)
In most case there are keyboards attached to computers, they provide an excellent opportunity for providing content to your mails. On 2012-11-15 13:02, mohit tyagi wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Now that was mean :-) Funny .. but mean LOL Gary Baribault Courriel: g...@baribault.net GPG Key: 0x685430d1 Signature: 9E4D 1B7C CB9F 9239 11D9 71C3 6C35 C6B7 6854 30D1 On 11/15/2012 08:42 AM, Peter Osterberg wrote: In most case there are keyboards attached to computers, they provide an excellent opportunity for providing content to your mails. On 2012-11-15 13:02, mohit tyagi wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
I found this to be of high informational value, I do agree completely with the statement thus given. Please, tell us more about how to came to these conclusions, how this impacts this community, and the social dynamics of our society as a whole. Best Regards On Thu, Nov 15, 2012 at 7:02 AM, mohit tyagi mohittyagi.0...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
I would be interested to see a real world application of OP's informative point though I do think vendor response is needed too. Has anybody come across this in the wild? On Thu, Nov 15, 2012 at 2:01 PM, Sanguinarious Rose sanguiner...@occultusterra.com wrote: I found this to be of high informational value, I do agree completely with the statement thus given. Please, tell us more about how to came to these conclusions, how this impacts this community, and the social dynamics of our society as a whole. Best Regards On Thu, Nov 15, 2012 at 7:02 AM, mohit tyagi mohittyagi.0...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Am I the only one who noticed the linux local root exploit written in whitespace? 2012/11/15 mohit tyagi mohittyagi.0...@gmail.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
LOL, it contains [rendered] HTML code but you're telling us that it's plain-text? In case you missed it, here are *your* email headers: Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Sun, Jun 12, 2011 at 12:32 AM, -= Glowing Doom =- sec...@gmail.comwrote: yea... watch and learn fool.. your nothing but a troll..like others have shown, all you know is about the what, hilight+link, after it being raised as an issue... wich, would never show the links i was able to put, in PLAIN text in yo9ur mail.. explain how i did that then smartie ? It was plain text in between two links HINT HINT... your anchor bs , is BUGGY!] Dont try to act all high and mighty now, it took 25 emails for you to even work out thwe word anchor...fool. now enjoy port 25 on your domain it should work great,,... you just got yourself owned idiot. bye bye...adam. Show them the real shit, dont sho them JUST rage, show the BUG go on... have some balls , and then, explain why the link, is there, hidden under PLAIN TEXT! It is no exploit ATM , it is a simple PoC, of a bug. Issue or no issue..you could not work ut what itwas, until i made demos of it, and the last demo, is NOT anchor.. go on and sow the carriage return on it.. idiot. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
It's really kinda sad that you're *still* going. There are thousands of * features* in all kinds of software that *can* be exploited, but that doesn't mean the feature itself was completely unintentional. You were originally describing anchor text and now you're simply describing multi-line anchor text. There is nothing fancy or innovative here, it's a basic feature being used in an *unconventional* way (and I use that term loosely). *How* you're going about it may be interesting to you or a handful of others - but the end result is possible using an *existing feature [that's present in most mail clients]*. I do find it amusing that you keep making threats though. I *hope* that my server does go offline, since you've given me more than enough evidence to have a field day with this. Most people wouldn't bother, but I work from home, so I have all the time in the world to pursue this and have you forcefully drug out of your mother's basement. On Sun, Jun 12, 2011 at 12:25 AM, -= Glowing Doom =- sec...@gmail.comwrote: Yea yea... this is not about anchor text... if you want more demonstations, of a REAL exploit.. bad luck.. ive already shown adam how this 'anchor' text, is buggy... but, he would not show those links i guess... wich come from session ID... anchor anchr...whatever... have fun on fd... you loose, not me.. cc me, ill just keep your lame papsy.net nulled then... simple, and complain to gmail for attaching pam, then filter you :) Your an idiot. You could not work the thing out, then your all about anchor, when ive said the problem is a backspace... there was 2 pcs.. i raised an issuie... one of 2 ... and, you cannot try telling me this is a 'feature' , go ahead and show me where this is used, LEGALLY and, why... i dont see it until i raised this issue today. go fk yourselfs. fd my arse. now is hack fd. bye bye. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
You got me, my session ID *is 1234567. *Please don't steal money out of my bank account. The only part that I'll bother replying to is what a *joke this list is*. It's so much of a joke that you not only subscribed once, but TWICE. That speaks volumes about you :D On Sun, Jun 12, 2011 at 12:52 AM, -= Glowing Doom =- sec...@gmail.comwrote: Oh it only took yu, what, 8hours to explain 'anchor' t someone who already knows what that is.. i showed something much different, explain the links.. dont show ppl bllshit.. what a damn joke, YOU are a joke, i cannot believe your on FD lists, you are what makes it a joke, im laughing AT you because, you still have NOT FOUND crap, yet admits to it being used in unconventional' way... g and write some bs to fd more.. i aint replying.. ppllcan look themselfs if they like, you are only seeing one small piece of a MUCh bigger pic..and, ontop, it tok you only a day,. and defaming someone, who was raising an issue.. your why people hate fd. go fk yourself adam . your a tool , and soon, your nulled.dont blame me when your nulled btw... there are others who CAN see the bug... like say, spammers.. you are doing a great ob of that tho, without undrerstanding the bug atall... you said it, unconbventional..now,. so ahead and explain how i mak it show http://googl_1234567/ , ie: your sessid :) you cant, so you sit here trolling. now, thats enough for me. what a joke this list has become. seriously, your pathetic. your the only one whos talking, so i assume, your the only one who cannot see the further picture...good :) have fun with it. when you show me the x41's , then ill start to take you seriously. enjoy the exploit :) bacvkspace - backspace...and then...swhat... no link entered... gf ahead, explain... you say this is normal...sorry, i havent seen it till today online anywhere... until it showed up on MS about backspace issues... you do not understand carriage line return it seems, so resort to dfaming , and , what a life you have, allday and your STILL going.. i will now stfu... i know when to stop, i have prooven what i had to you hav eprooven, your an idiot. and a troll, and a shame your on fdlists. you m,ust lead a damn sad life... really.. you must. bye bye... and, dont blame me when your papsy goes down for the countm, some ppl understand CLR , others dont, i guess thats just intellect tho. Whos talking adam ??? you. no one else BUT you. and still canntn explain how i put your session id, in the link, or my sessid for that matter..and your claiming thats 'normal'''pathetic man..really . bnow, please stop it, or ill start to fuck with your domainso bad, you will not exist online, on any fd, by morning. ok :) have fun trying to STILL fgure the PRPER bug, NOT anchring. You know your a troll tho.. what a boring fuck life you must lead...man... you wasted a dday fighting about a pissy issue,. wich you have admitted , is not 'conventional' well, sorry but, i had not seen this before, not in LEGITIMATE emails.. not the backspace tricks, wich you still cannot explain, keep harping abiout anchor, your about 1005 off. later, dont bother me, i will just flter you, and all of fd.. simple. you going to tell me i cant ? watch me. On 12 June 2011 15:41, -= Glowing Doom =- sec...@gmail.com wrote: your a deeadset fool... whats worse, you cannot even find the actual bug i am speaking of... and, you have wasted ALL day ojn this.. then ppl wonder why fd lists is nowdays a joke, indeedm, with idiots like you around. go back to your bridge fool. your going down, HARD. On 12 June 2011 15:38, adam a...@papsy.net wrote: LOL, it contains [rendered] HTML code but you're telling us that it's plain-text? In case you missed it, here are *your* email headers: Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Sun, Jun 12, 2011 at 12:32 AM, -= Glowing Doom =- sec...@gmail.comwrote: yea... watch and learn fool.. your nothing but a troll..like others have shown, all you know is about the what, hilight+link, after it being raised as an issue... wich, would never show the links i was able to put, in PLAIN text in yo9ur mail.. explain how i did that then smartie ? It was plain text in between two links HINT HINT... your anchor bs , is BUGGY!] Dont try to act all high and mighty now, it took 25 emails for you to even work out thwe word anchor...fool. now enjoy port 25 on your domain it should work great,,... you just got yourself owned idiot. bye bye...adam. Show them the real shit, dont sho them JUST rage, show the BUG go on... have some balls , and then, explain why the link, is there, hidden under PLAIN TEXT! It is no exploit ATM , it is a simple PoC, of a bug. Issue or no issue..you could not work ut what itwas, until i made demos of it, and the last demo, is NOT anchor.. go on and sow the carriage return on it.. idiot.
Re: [Full-disclosure] (no subject)
Baseless assumption is baseless. While you're breaking stuff in your mother's basement, I'm making a living. I've *opted* to reply to these emails because it's free amusement. Why are you so upset anyway? The world isn't going to end just because you thought a feature was a bug. On Sun, Jun 12, 2011 at 12:41 AM, -= Glowing Doom =- sec...@gmail.comwrote: your a deeadset fool... whats worse, you cannot even find the actual bug i am speaking of... and, you have wasted ALL day ojn this.. then ppl wonder why fd lists is nowdays a joke, indeedm, with idiots like you around. go back to your bridge fool. your going down, HARD. On 12 June 2011 15:38, adam a...@papsy.net wrote: LOL, it contains [rendered] HTML code but you're telling us that it's plain-text? In case you missed it, here are *your* email headers: Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Sun, Jun 12, 2011 at 12:32 AM, -= Glowing Doom =- sec...@gmail.comwrote: yea... watch and learn fool.. your nothing but a troll..like others have shown, all you know is about the what, hilight+link, after it being raised as an issue... wich, would never show the links i was able to put, in PLAIN text in yo9ur mail.. explain how i did that then smartie ? It was plain text in between two links HINT HINT... your anchor bs , is BUGGY!] Dont try to act all high and mighty now, it took 25 emails for you to even work out thwe word anchor...fool. now enjoy port 25 on your domain it should work great,,... you just got yourself owned idiot. bye bye...adam. Show them the real shit, dont sho them JUST rage, show the BUG go on... have some balls , and then, explain why the link, is there, hidden under PLAIN TEXT! It is no exploit ATM , it is a simple PoC, of a bug. Issue or no issue..you could not work ut what itwas, until i made demos of it, and the last demo, is NOT anchor.. go on and sow the carriage return on it.. idiot. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
HELo tor.hu MAIL FROM:fulld...@tor.hu RCPT TO:full-disclosure@lists.grok.org.uk DATA From: TOR fulld...@tor.hu To: Full Disclosure full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] NiX API However though, any merchant that accepts purchases from user's behind proxies or other anonymizer's is taking a siginificant risk. You don't just block anonymizers: you block webhosting providers, server hostings, hosts based on proxy HTTP headers, TOR, etc. According to the stats on your control panel (number of subnets vs number of IP's) you seem to prefer to just put the whole /24 on block when you notice a new 'suspicious' IP. In the end, I think you are blocking a lot more potential customers than fraudsters. By the way, we do something similar here (we have an extensive list of throwaway mail providers, we collect proxies, etc), only we use these lists to block people from getting free VPN access through proxies, not customers who are willing to pay. Doing the latter would reduce our revenue by at least 50%. I investigated all transactions that paypal reversed due to the chargebacks or unauthorized account use. Guess what? A majority of those IP's originated from the blocked hosting provider IP-address ranges or from open proxies that our system could not detect at that time (for example botnet proxies are bitch to detect due to various reasons). Im not saying our system is 100% and unbreachable but I do know it does give you reasonable protection to address this issue. We're verifying very carefully those hosting providers ranges before we add any to the blacklist. I don't go in to details on how we do it but I can assure you we have very effective way to detect who is a hosting provider or not. Needless to say, this is very hard work. Why we're blocking hosting providers? Lets mention two big names, godaddy and softlayer. Have you ever heard about a web-proxy? All these thousands of daily freely accessible web proxies by whole world are hosted of course in hosting providers datacenters for obvious reasons. They attract a lot of legit users and also abusers. We can also add those hundreds or thousands of hacked dedicated servers as well to this list that are being used for scraping, hacking attempts, brute forcing and so on. ** You've the option to choose will you block those hosting providers or not. ** It does not block anything automatilly unless you configure it to block something. We leave this decision to you what to block or allow. Im happy to hear you're using similar technology. You've just said yourself why you do want to block proxy users. Guess what will happend to that merchant? They are frustrated while answering unauthorized paypal claims. If this purchase was done using a stolen credit card, PayPal will charge this merchant for outrageous fees I agree that Paypal's charges are outrageous (for example, 3 EUR purchase - 30 EUR fees for the chargeback, regardless of whether we accepted or disputed it). For us, what helped the situation in the end was focusing on user data consistency, immediately refunding suspicious purchases from China and so on, not the IP's. We've gotten chargebacks from regular ppp pools in China and have many satisfied returning customers who are using proxies or just some network that is natted behind a server in a server hosting. It doesn't mean they are trying to be anonymous, it just means their network works like that. For example, it is typical for a wi-fi provider to NAT users on their server in a server hosting (that you probably block as a /24 subnet), but they're still potential customers of any online shop, not just our VPN. wondered why they could not login using the proxy, I said, remove the proxy and try again and then do purchase. They did. Some people might be more patient and write emails about how they cannot make a purchase, but most will just find another place. This is true indeed. But if you would have 50 fraudulent purchases in a short period. What would you do? You sell TV's. Someone will order a $2500 nice new TV from your online shop. OK, you go and check this client IP, it's a proxy or Tor exit node. Will you deliver this TV instantly to this customer? I don't think so. If you accept PayPal. Paypal will charge you a 4% reversal fee from that 2.5k which is $100 bucks is the payment happened to be fraudulent. So you've just lost 2,6k. At this point you start thinking will you stop using PayPal and if you do so, prepare to lose even more renevue because they are the most popular payment gateway. OK, you've stopped using PayPal and another gateway. You'll still have the same issue and risk. Of course those gateways have some sort of security, but there are hundreds of daily proxies from public lists that can bybass any payment gateway ... How many times I have to say this? You're a legit user -- Why in earth you would like to use a proxy or or anonymizer to do
Re: [Full-disclosure] (no subject)
On Fri, 10 Jun 2011 02:40:16 +0300, n...@myproxylists.com said: Im happy to hear it works out to you. A few days ago, i received an email from https://www.proxpn.com/ admin that he suspended fraudulent user VPN account due to the abuse. A fraudster used a stolen credit card using their VPN to purchase a service from us. Needless to say, their CIDR's has been also added to this list. You're incredibly lucky it was proxpn.com and not comcast.com. ;) pgplP12IVMUEK.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On Fri, 10 Jun 2011 02:40:16 +0300, n...@myproxylists.com said: Im happy to hear it works out to you. A few days ago, i received an email from https://www.proxpn.com/ admin that he suspended fraudulent user VPN account due to the abuse. A fraudster used a stolen credit card using their VPN to purchase a service from us. Needless to say, their CIDR's has been also added to this list. You're incredibly lucky it was proxpn.com and not comcast.com. ;) I sense sarcasm. Im exacly aware of comcast and almost all other U.S cable providers residental address ranges. Did you happend to know that comcast do also provide static IP's for companies, dedicated hosting. Im also fully aware of botnet proxies that are spreaded wide to comcast ranges, not only to comcast, to a majority of U.S cable providers. We have a method to detect some of those botnet proxies but I wont go in to details for obvious reasons. Once again, almost none of you did not bothered to read features. You have the option to CHOOSE will you block hosting providers or not. It does not block anything by default. This is my last reply to this topic. Simply, it does provide protection to those who wants it and everyone can configure their API in the way they want. None is not enforced to block anything. Period. Atleast I managed to open discussion. Something else than daily boring XSS/CRLF bugs. Thanks to everyone for the feedback and interests, whether it was positive or negative. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
To borrow a mechanism from 'chan' boards... not telling how everything works expecting me to trust it blindly false positives extremely possible arrogant affirmation of probably inflated success rate and development periods anonymity-hostile Lol wat On Jun 9, 2011 6:21 PM, n...@myproxylists.com wrote: On Fri, 10 Jun 2011 02:40:16 +0300, n...@myproxylists.com said: Im happy to hear it works out to you. A few days ago, i received an email from https://www.proxpn.com/ admin that he suspended fraudulent user VPN account due to the abuse. A fraudster used a stolen credit card using their VPN to purchase a service from us. Needless to say, their CIDR's has been also added to this list. You're incredibly lucky it was proxpn.com and not comcast.com. ;) I sense sarcasm. Im exacly aware of comcast and almost all other U.S cable providers residental address ranges. Did you happend to know that comcast do also provide static IP's for companies, dedicated hosting. Im also fully aware of botnet proxies that are spreaded wide to comcast ranges, not only to comcast, to a majority of U.S cable providers. We have a method to detect some of those botnet proxies but I wont go in to details for obvious reasons. Once again, almost none of you did not bothered to read features. You have the option to CHOOSE will you block hosting providers or not. It does not block anything by default. This is my last reply to this topic. Simply, it does provide protection to those who wants it and everyone can configure their API in the way they want. None is not enforced to block anything. Period. Atleast I managed to open discussion. Something else than daily boring XSS/CRLF bugs. Thanks to everyone for the feedback and interests, whether it was positive or negative. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
2009/12/16 Dan Kaminsky d...@doxpara.com: Easily the best environment for packet manipulation is scapy. The most guaranteed to work approach involves putting a system with two interfaces in as an attacker, ... i love dual port gumstix and the old yoggie gatekeeper pro form factor for this; both are now EOL and long past last fab run. what is the new best form factor in production? i'd love a hw crypto accelerated T3 more than AES-NI or Padlock style mobile kit. does one yet exist, or perhaps soon to be? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
No it is still 42 and will always be On Mon, Feb 15, 2010 at 3:56 PM, Christian Sciberras uuf6...@gmail.com wrote: That's old news! It's been upgraded to 239! On Mon, Feb 15, 2010 at 11:25 AM, Anders Klixbull a...@experian.dk wrote: you obviously misunderstood since every geek on the planet knows that the answer in numeric form is 42! From: Christian Sciberras [mailto:uuf6...@gmail.com] Sent: 15. februar 2010 11:15 To: Anders Klixbull Cc: edgar deal; 751 ...?; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) Actually, the correct answer is 239. The full question to the answer (and sum) is left up to the read. On Mon, Feb 15, 2010 at 11:07 AM, Anders Klixbull a...@experian.dk wrote: yes the correct answer is 'cheese' From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of edgar deal Sent: 13. februar 2010 16:18 To: 751 ...? Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Sorry for the Inconvenience. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure-boun...@lists.grok.org.uk] On Behalf Of gold flake Sent: Tuesday, February 16, 2010 9:16 PM To: Christian Sciberras Cc: 751 ...?; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) No it is still 42 and will always be On Mon, Feb 15, 2010 at 3:56 PM, Christian Sciberras uuf6...@gmail.com wrote: That's old news! It's been upgraded to 239! On Mon, Feb 15, 2010 at 11:25 AM, Anders Klixbull a...@experian.dk wrote: you obviously misunderstood since every geek on the planet knows that the answer in numeric form is 42! From: Christian Sciberras [mailto:uuf6...@gmail.com] Sent: 15. februar 2010 11:15 To: Anders Klixbull Cc: edgar deal; 751 ...?; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) Actually, the correct answer is 239. The full question to the answer (and sum) is left up to the read. On Mon, Feb 15, 2010 at 11:07 AM, Anders Klixbull a...@experian.dk wrote: yes the correct answer is 'cheese' From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of edgar deal Sent: 13. februar 2010 16:18 To: 751 ...? Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
There was a slight error in accuracy, try your math again and you'll see that 42 doesn't make sense. :) On Wed, Feb 17, 2010 at 6:24 AM, Tomas L. Byrnes t...@byrneit.net wrote: Sorry for the Inconvenience. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure-boun...@lists.grok.org.uk] On Behalf Of gold flake Sent: Tuesday, February 16, 2010 9:16 PM To: Christian Sciberras Cc: 751 ...?; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) No it is still 42 and will always be On Mon, Feb 15, 2010 at 3:56 PM, Christian Sciberras uuf6...@gmail.com wrote: That's old news! It's been upgraded to 239! On Mon, Feb 15, 2010 at 11:25 AM, Anders Klixbull a...@experian.dk wrote: you obviously misunderstood since every geek on the planet knows that the answer in numeric form is 42! From: Christian Sciberras [mailto:uuf6...@gmail.com] Sent: 15. februar 2010 11:15 To: Anders Klixbull Cc: edgar deal; 751 ...?; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) Actually, the correct answer is 239. The full question to the answer (and sum) is left up to the read. On Mon, Feb 15, 2010 at 11:07 AM, Anders Klixbull a...@experian.dk wrote: yes the correct answer is 'cheese' From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of edgar deal Sent: 13. februar 2010 16:18 To: 751 ...? Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
yes the correct answer is 'cheese' From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of edgar deal Sent: 13. februar 2010 16:18 To: 751 ...? Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Actually, the correct answer is 239. The full question to the answer (and sum) is left up to the read. On Mon, Feb 15, 2010 at 11:07 AM, Anders Klixbull a...@experian.dk wrote: yes the correct answer is 'cheese' -- *From:* full-disclosure-boun...@lists.grok.org.uk [mailto: full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *edgar deal *Sent:* 13. februar 2010 16:18 *To:* 751 ...? *Cc:* full-disclosure@lists.grok.org.uk *Subject:* Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
you obviously misunderstood since every geek on the planet knows that the answer in numeric form is 42! From: Christian Sciberras [mailto:uuf6...@gmail.com] Sent: 15. februar 2010 11:15 To: Anders Klixbull Cc: edgar deal; 751 ...?; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) Actually, the correct answer is 239. The full question to the answer (and sum) is left up to the read. On Mon, Feb 15, 2010 at 11:07 AM, Anders Klixbull a...@experian.dk wrote: yes the correct answer is 'cheese' From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of edgar deal Sent: 13. februar 2010 16:18 To: 751 ...? Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
That's old news! It's been upgraded to 239! On Mon, Feb 15, 2010 at 11:25 AM, Anders Klixbull a...@experian.dk wrote: you obviously misunderstood since every geek on the planet knows that the answer in numeric form is 42! -- *From:* Christian Sciberras [mailto:uuf6...@gmail.com] *Sent:* 15. februar 2010 11:15 *To:* Anders Klixbull *Cc:* edgar deal; 751 ...?; full-disclosure@lists.grok.org.uk *Subject:* Re: [Full-disclosure] (no subject) Actually, the correct answer is 239. The full question to the answer (and sum) is left up to the read. On Mon, Feb 15, 2010 at 11:07 AM, Anders Klixbull a...@experian.dk wrote: yes the correct answer is 'cheese' -- *From:* full-disclosure-boun...@lists.grok.org.uk [mailto: full-disclosure-boun...@lists.grok.org.uk] *On Behalf Of *edgar deal *Sent:* 13. februar 2010 16:18 *To:* 751 ...? *Cc:* full-disclosure@lists.grok.org.uk *Subject:* Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Correct! From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of edgar deal Sent: 13 February 2010 15:18 To: 751 ...? Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) incorrect. On Sat, Feb 13, 2010 at 1:09 AM, 751 ...? 751hack...@gmail.commailto:751hack...@gmail.com wrote: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Wow, is you're site still down Dan? /omfg Dan Kaminsky d...@doxpara.com wrote: Easily the best environment for packet manipulation is scapy. The most guaranteed to work approach involves putting a system with two interfaces in as an attacker, and running two scapy processes that copy frames received on one interface onto the other one. Of course, your copier parses the frames, changes what needs to be changed, fixes up checksums, etc. There are other approaches that are preferable for all sorts of reasons, but the above means you don't need to fight with ARP or addresses or firewall rules or the kernel. (Proxy ARP, mangle tables, yadda yadda yadda.) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Easily the best environment for packet manipulation is scapy. The most guaranteed to work approach involves putting a system with two interfaces in as an attacker, and running two scapy processes that copy frames received on one interface onto the other one. Of course, your copier parses the frames, changes what needs to be changed, fixes up checksums, etc. There are other approaches that are preferable for all sorts of reasons, but the above means you don't need to fight with ARP or addresses or firewall rules or the kernel. (Proxy ARP, mangle tables, yadda yadda yadda.) 2009/12/16 김무성 ki...@infosec.co.kr Hello. List. I'm pentesting IPTV. Our IPTV network structure is this. Monitor - IPTV - VDSL modem - ISP So, for packet manipulation I have to ARP spoofing or change network structure Monitor - IPTV - attacker - VDSL modem - ISP But, I don't know IPTV SetupBox(STB)'s netmask and gateway address. So I wanna make this network Monitor - IPTV - attacker - VDSL modem - ISP Attacker is a computer. This computer have two NIC. Two NIC only transmit and receive packet. They have no IP address. I wanna manipulate this packet's field Do you know how make this network? Do you know tools that manipulate every packet (http, rstp, igmp, etc,.)? Thanks KIM ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (No subject) legal threat from Alyse Auernheimer
Sorry about leaving sealpac in there, we're working on correcting that. I'll put a notice in the next one. For the record, the post made in an earlier version of Andrew Auernheimer's infodoc states weev has an affiliation with sealpac. This is incorrect because weev just took the domain name and failed to give it back. Since you find is necessary to forward this correspondence to the FBI, I'll make it public here for you. It's almost like you're fishing to be a victim or something. It's pathetic. If it means anything: No one has made any threats to you. No one is going to harm you. No one has any ill-sentiment towards your family. You've been done a favor by having your relationship with weev clarified on here. You got your correction, you got your post down, quit being melodramatic. On Mon, 05 Oct 2009 07:50:20 + Alyse Auernheimer designadventu...@gmail.com wrote: Return-Path: designadventu...@gmail.com Received: from smtp7.hushmail.com (smtp7.hushmail.com [65.39.178.136]) by imap12.hushmail.com (Cyrus v2.3.7-Invoca-RPM-2.3.7-2.el5) with LMTPA; Mon, 05 Oct 2009 07:50:29 + X-Sieve: CMU Sieve 2.3 Received: from mail-ew0-f224.google.com (mail-ew0-f224.google.com [209.85.219.224]) by smtp7.hushmail.com (Postfix) with ESMTP for mrxisapl...@hush.com; Mon, 5 Oct 2009 07:50:21 + (UTC) Received: by ewy24 with SMTP id 24so11122764ewy.22 for mrxisapl...@hush.com; Mon, 05 Oct 2009 00:50:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message- id:subject :from:to:content-type; bh=O+UD/WD8lCH2KA1S8ZiYbDmjoHo36/uRUHWULElbv7c=; b=N9iZNiKyHiM6Sso//SeBju/siqip/Kl3QGZ1kBFI6HY0Npx0TU4suw4PixASzY5EdO Mfq8Gc6SEQAaPBmtRv+EPoCENWkaKMg21oRkzgaCwZ90QFnfu7K/H4mfuZHkXehS9irP XL273nm8NSog6o7XfyATtsN+2TVdFvwYC6B0w= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=HfCFSLplV0dZpvp5Pmk5aqBRGbsW4KwixRJ0KmZHItZhIJkeVGLWeHMPqyBtE3nkg5 4XlDiotqE/V0398MMiRyzreqiHrufXjkTdzAYnK1KBHA1pBje2dtlM6l/ICwS+fuLiLt 9HubIoKXLS126A9FQOYCxML9lQ1qG/DdROv8I= MIME-Version: 1.0 Received: by 10.216.87.144 with SMTP id y16mr622378wee.95.1254729020908; Mon, 05 Oct 2009 00:50:20 -0700 (PDT) Date: Mon, 5 Oct 2009 03:50:20 -0400 Message-ID: 4f8170520910050050v1d44b4d8p6ad4202ac4dc5...@mail.gmail.com Subject: From: Alyse Auernheimer designadventu...@gmail.com To: TheLearner mrxisapl...@hush.com Content-Type: multipart/alternative; boundary=0016e6d7852e94a5d104752b5dda Lisa, Please do not link Andrew Auernheimer with our business, Sealpac USA, he has nothing to do with it except he is holding our domain name hostage. We are planning on pursuing a court order to have it released. All of our emails concerning this subject will now be forwarded to the FBI as it may potentially impact our business. The individuals who say they are trying to help us are now causing more harm to us than Andrew himself. We are advised to have our home watched by law enforcement and our daughter's dorm. This is just wrong. Thank You for you consideration. Alyse ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
General Disarray begin the flooding of the FD mailing list. anti sec wrote: We, the worldwide anti-sec movement have landed yet another coup that will strike full-disclosurizers into the very hearts and soul of their being. Fellow anti-sec'ers and freedom-lovers: Rejoice, for it is time to take revenge against the full disclosure zionist hegemony in retaliation for the damage white hats have been committing against the security world. Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. The white hat world will soon be asunder and the enemies will flee from our holy power! We have repeatedly warned the security industry and the people in it. DO NOT FUCK WITH ANTI-SEC! Statistically speaking, every white hat is using 4chan or at least has heard of it. Thus we struck into the very core of their existence. We have fulfilled our promise and carried out our blessed hacking attack on 4chanarchive after our warriors exerted strenuous efforts over a long period of time to ensure the success of the attack. We continue to warn the websites of governmentsecurity and hackforums and all full disclosure public as a whole that they will be punished in the same way if they do not withdraw from their erroneous ways of living and see that white hats are the scum of the earth. Those who warn are excused. The list will be released at the usual places. those in the know do realize where that is. ANTI-SEC FOR LIFE! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
I prefer that crap many more: http://www.voltairenet.org/en ¤¤ Sounds much like a marketing operations http://www.pbs.org/wgbh/nova/spyfactory/ -naif http://infosecurity.ch This anonymous email message was sent from: http://CyberAtlantis.com/anonymous_email.php Sorry, as our system is 100% ANONYMOUS we cannot assist you in tracking down the sender as we have NEITHER IP NOR email content of any of the emails sent. If you are being harrassed by someone abusing this service then you may add your email address to our database of blocked email addresses. http://CyberAtlantis.com/add_banned.php ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Hmmh, I personally see a lack of defense and a need for more white hats, who aren't constantly trying to gain media attention by breaking stuff. - Because most stuff is already broken - as we see. Even trolls nowadays can course some damage. If you need a good example to proof that we need new security concepts, look at what even idiots can do. And sell this as a good argument, for sure!! ;) My 5 year old niece could have hacked this 4chan site. I'm still waiting for this so called ssh thingy. Hack something real: release an OpenSSH patch. Have fun, wishi Ed Carp schrieb: Do not fuck with anti-suck. LOL! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On Tue, 21 Jul 2009 20:27:38 CDT, anti sec said: Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. Great. Now you pissed off anon. Why didn't you pick on something *safe*, like the NSA or the Russian crime syndicates? pgpC2P8M8Q0Zo.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
because those poor guys don't know what NSA or crime syndicates are ... because those poor guys don't know what's outside of their room ... my dear 'anti-sec', open the door of your home and take a look outside ... do you really think we need skiddies like you in these (economic) crisis times ? . what about going back to school and learn basics of 'living in society' ? or you can continue on your way, personally you're the sun which makes me laugh during these poor project-end days ... ps : have a sex time, it helps ;) -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu Sent: mercredi 22 juillet 2009 15:46 To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) On Tue, 21 Jul 2009 20:27:38 CDT, anti sec said: Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. Great. Now you pissed off anon. Why didn't you pick on something *safe*, like the NSA or the Russian crime syndicates? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
because those poor guys don't know what NSA or crime syndicates are ... because those poor guys don't know what's outside of their room ... my dear 'anti-sec', open the door of your home and take a look outside ... do you really think we need skiddies like you in these (economic) crisis times ? . what about going back to school and learn basics of 'living in society' ? or you can continue on your way, personally you're the sun which makes me laugh during these poor project-end days ... ps : have a sex time, it helps ;) -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu Sent: mercredi 22 juillet 2009 15:46 To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) On Tue, 21 Jul 2009 20:27:38 CDT, anti sec said: Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. Great. Now you pissed off anon. Why didn't you pick on something *safe*, like the NSA or the Russian crime syndicates? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
4chan, heart of the White Hat. ROFLMAO. OKay this is bloody funny. Dude, get a life. On Wed, Jul 22, 2009 at 6:00 AM, full-disclosure-requ...@lists.grok.org.ukwrote: Send Full-Disclosure mailing list submissions to full-disclosure@lists.grok.org.uk To subscribe or unsubscribe via the World Wide Web, visit https://lists.grok.org.uk/mailman/listinfo/full-disclosure or, via email, send a message with subject or body 'help' to full-disclosure-requ...@lists.grok.org.uk You can reach the person managing the list at full-disclosure-ow...@lists.grok.org.uk When replying, please edit your Subject line so it is more specific than Re: Contents of Full-Disclosure digest... Note to digest recipients - when replying to digest posts, please trim your post appropriately. Thank you. Today's Topics: 1. (no subject) (anti sec) 2. Re: (no subject) (Ed Carp) 3. Re: (no subject) (anti...@hushmail.com) 4. Re: (no subject) (Rob Fuller) 5. Re: Update: [GSEC-TZO-44-2009] One bug to rulethem all - Firefox, IE, Safari, Opera, Chrome, Seamonkey,iPhone, iPod, Wii, PS3 (Andrew Farmer) -- Message: 1 Date: Tue, 21 Jul 2009 20:27:38 -0500 From: anti sec anti-sec4l...@email.com Subject: [Full-disclosure] (no subject) To: full-disclosure@lists.grok.org.uk Message-ID: 20090722012738.4a82fbe4...@ws1-9.us4.outblaze.com Content-Type: text/plain; charset=iso-8859-1 We, the worldwide anti-sec movement have landed yet another coup that will strike full-disclosurizers into the very hearts and soul of their being. Fellow anti-sec'ers and freedom-lovers: Rejoice, for it is time to take revenge against the full disclosure zionist hegemony in retaliation for the damage white hats? have been committing against the security world. Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. The white hat world will soon be asunder and the enemies will flee from our holy power! We have repeatedly warned the security industry and the people in it. DO NOT FUCK WITH ANTI-SEC! Statistically speaking, every white hat is using 4chan or at least has heard of it. Thus we struck into the very core of their existence. We have fulfilled our promise and carried out our blessed hacking attack on 4chanarchive after our warriors exerted strenuous efforts over a long period of time to ensure the success of the attack. We continue to warn the websites of governmentsecurity and hackforums and all full disclosure public as a whole that they will be punished in the same way if they do not withdraw from their erroneous ways of living and see that white hats are the scum of the earth. Those who warn are excused. The list will be released at the usual places. those in the know do realize where that is. ANTI-SEC FOR LIFE! -- How Strong is Your Score? Click here to see yours for $0! By FreeCreditReport.com -- next part -- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20090721/e9123ac2/attachment-0001.html -- Message: 2 Date: Tue, 21 Jul 2009 20:39:48 -0500 From: Ed Carp e...@pobox.com Subject: Re: [Full-disclosure] (no subject) To: full-disclosure full-disclosure@lists.grok.org.uk Message-ID: 1b0d006c0907211839l3e605edekf8e3dd19b6aa4...@mail.gmail.com Content-Type: text/plain; charset=iso-8859-1 Do not fuck with anti-suck. LOL! -- next part -- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20090721/5d4e492b/attachment-0001.html -- Message: 3 Date: Tue, 21 Jul 2009 21:56:07 -0400 From: anti...@hushmail.com Subject: Re: [Full-disclosure] (no subject) To: full-disclosure@lists.grok.org.uk, anti-sec4l...@email.com Message-ID: 20090722015607.95b1d20...@smtp.hushmail.com Content-Type: text/plain; charset=UTF-8 Awww, seriously? Can you leave governmentsecurity alone? I don't want you fucking with my backdoorz. It's not my fault they run litespeed. On Tue, 21 Jul 2009 21:27:38 -0400 anti sec anti- sec4l...@email.com wrote: We, the worldwide anti-sec movement have landed yet another coup that will strike full-disclosurizers into the very hearts and soul of their being. Fellow anti-sec'ers and freedom-lovers: Rejoice, for it is time to take revenge against the full disclosure zionist hegemony in retaliation for the damage white hats? have been committing against the security world. Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. The white hat
Re: [Full-disclosure] (no subject)
I think that some kind of nazi party would be a better deal, maybe someone of these guys understand this revenge against the full disclosure zionist hegemony-shit, because I don't - I'm just to stupid for demogagy. valdis.kletni...@vt.edu schrieb: On Tue, 21 Jul 2009 20:27:38 CDT, anti sec said: Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. Great. Now you pissed off anon. Why didn't you pick on something *safe*, like the NSA or the Russian crime syndicates? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
lol @white hats Cheers Am 22.07.2009 um 14:00 schrieb wishi: Hmmh, I personally see a lack of defense and a need for more white hats, who aren't constantly trying to gain media attention by breaking stuff. - Because most stuff is already broken - as we see. Even trolls nowadays can course some damage. If you need a good example to proof that we need new security concepts, look at what even idiots can do. And sell this as a good argument, for sure!! ;) My 5 year old niece could have hacked this 4chan site. I'm still waiting for this so called ssh thingy. Hack something real: release an OpenSSH patch. Have fun, wishi Ed Carp schrieb: Do not fuck with anti-suck. LOL! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Won't somebody PLEASE think of the CHILDREN!!?! On Wed, Jul 22, 2009 at 10:50 AM, Dean Piercepierce...@gmail.com wrote: Won't somebody PLEASE thing of the CHILDREN!!?! On Wed, Jul 22, 2009 at 9:52 AM, Ferdinand Klinzerklin...@gmx.de wrote: lol @white hats Cheers Am 22.07.2009 um 14:00 schrieb wishi: Hmmh, I personally see a lack of defense and a need for more white hats, who aren't constantly trying to gain media attention by breaking stuff. - Because most stuff is already broken - as we see. Even trolls nowadays can course some damage. If you need a good example to proof that we need new security concepts, look at what even idiots can do. And sell this as a good argument, for sure!! ;) My 5 year old niece could have hacked this 4chan site. I'm still waiting for this so called ssh thingy. Hack something real: release an OpenSSH patch. Have fun, wishi Ed Carp schrieb: Do not fuck with anti-suck. LOL! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Exactly! 2009/7/21 Josh Wheeler jpavlakov...@gmail.com Anti-Sec We will pwn your pr0n. This is beginning to seem more and more like an exercise in circle-jerking... On Tue, Jul 21, 2009 at 5:39 PM, Ed Carp e...@pobox.com wrote: Do not fuck with anti-suck. LOL! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
That's what keeps me subscribed - when I've had a particularly bad day, I always know I can come over here and have a great laugh! 2009/7/21 Rob Fuller jd.mu...@gmail.com I'm sorry, log time reader of FD, it's a great mashup of hilarity and vuln disclosure. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Do not fuck with anti-suck. LOL! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Awww, seriously? Can you leave governmentsecurity alone? I don't want you fucking with my backdoorz. It's not my fault they run litespeed. On Tue, 21 Jul 2009 21:27:38 -0400 anti sec anti- sec4l...@email.com wrote: We, the worldwide anti-sec movement have landed yet another coup that will strike full-disclosurizers into the very hearts and soul of their being. Fellow anti-sec'ers and freedom-lovers: Rejoice, for it is time to take revenge against the full disclosure zionist hegemony in retaliation for the damage white hats have been committing against the security world. Our heroic anti-sec warriors have carried out a blessed raid against 4chanarchive.org. 4chan users are now burning with fear, terror and panic on their /b/, /gif/, /r9k/, and /a/ boards. The white hat world will soon be asunder and the enemies will flee from our holy power! We have repeatedly warned the security industry and the people in it. DO NOT FUCK WITH ANTI-SEC! Statistically speaking, every white hat is using 4chan or at least has heard of it. Thus we struck into the very core of their existence. We have fulfilled our promise and carried out our blessed hacking attack on 4chanarchive after our warriors exerted strenuous efforts over a long period of time to ensure the success of the attack. We continue to warn the websites of governmentsecurity and hackforums and all full disclosure public as a whole that they will be punished in the same way if they do not withdraw from their erroneous ways of living and see that white hats are the scum of the earth. Those who warn are excused. The list will be released at the usual places. those in the know do realize where that is. ANTI-SEC FOR LIFE! -- How Strong is Your Score? Click here to see yours for $0! By FreeCreditReport.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
I'm sorry, log time reader of FD, it's a great mashup of hilarity and vuln disclosure. But this takes the cake. I can't sit silent for this one: Are you OUTSIDE your mind? 4chan? and not even 4chan.org, an archive site. This is the very core of the White Hat being? If this is truly a 'agent of AntiSec' which I highly doubt, you must be selecting low hanging fruit and finding any possible way to associate it with those you hate. I hope those who are in Anti-Sec if there really is such a thing, come and hunt you down... and that's the way it is... for July 21st, 2009 -- Rob Fuller | Mubix Room362.com | Hak5.org | TheAcademyPro.com On Tue, Jul 21, 2009 at 9:39 PM, Ed Carp e...@pobox.com wrote: Do not fuck with anti-suck. LOL! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Why not just ask michelle? Hope you don't mind: I forwarded your mail to michelle.nash2...@yahoo.com 2009/7/1 mitch nash mtchn...@yahoo.com would like passwords for e mail, facebook, and my space for michelle.nash2...@yahoo.com, and my space passwords for marlee_michelle. (x wife and daughter) thank you, mitch nash ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
LAMO! This is amazing! It made my day! You stupid stalker get a life and stay away from women! James On Wed, Jul 1, 2009 at 3:06 PM, Inbox (Main) rokade...@gmail.com wrote: Why not just ask michelle? Hope you don't mind: I forwarded your mail to michelle.nash2...@yahoo.com 2009/7/1 mitch nash mtchn...@yahoo.com would like passwords for e mail, facebook, and my space for michelle.nash2...@yahoo.com, and my space passwords for marlee_michelle. (x wife and daughter) thank you, mitch nash ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
2009/7/1 Inbox (Main) rokade...@gmail.com: Why not just ask michelle? Hope you don't mind: I forwarded your mail to michelle.nash2...@yahoo.com I'm guessing this could have something to do with it: http://www.nrtoday.com/article/20090619/LOGS/906199976/1051/NONEparentprofile=1055 In particular, the section that says, Mitchell Dale Nash, 45, of Myrtle Creek, on suspicion of violation of a restraining order, interfering with making a report, harassment and unlawful entry into a motor vehicle. I only mention that because the original email came in from 74.32.173.24...which gives us u...@host ~ $ nslookup 74.32.173.24 Server: 152.10.248.1 Address:152.10.248.1#53 Non-authoritative answer: 24.173.32.74.in-addr.arpa name = 74-32-173-24.dr01.myck.or.frontiernet.net. My favourite part is the myck.or.frontiernet.net section. Sounds like Myrtle Creek, Oregon, to me. Of course, I could be *completely* wrong... kmw -- To take from one, because it is thought that his own industry and that of his fathers has acquired too much, in order to spare to others, who, or whose fathers have not exercised equal industry and skill, is to violate arbitrarily the first principle of association, ‘the guarantee to every one of a free exercise of his industry, the fruits acquired by it.' ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Reported to the Douglas County Sheriffs on their crime report form. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- boun...@lists.grok.org.uk] On Behalf Of Kevin Wilcox Sent: Wednesday, July 01, 2009 6:32 AM To: Inbox (Main) Cc: full-disclosure@lists.grok.org.uk; michelle.nash2...@yahoo.com; mitch nash Subject: Re: [Full-disclosure] (no subject) 2009/7/1 Inbox (Main) rokade...@gmail.com: Why not just ask michelle? Hope you don't mind: I forwarded your mail to michelle.nash2...@yahoo.com I'm guessing this could have something to do with it: http://www.nrtoday.com/article/20090619/LOGS/906199976/1051/NONEparentp rofile=1055 In particular, the section that says, Mitchell Dale Nash, 45, of Myrtle Creek, on suspicion of violation of a restraining order, interfering with making a report, harassment and unlawful entry into a motor vehicle. I only mention that because the original email came in from 74.32.173.24...which gives us u...@host ~ $ nslookup 74.32.173.24 Server: 152.10.248.1 Address:152.10.248.1#53 Non-authoritative answer: 24.173.32.74.in-addr.arpa name = 74-32-173-24.dr01.myck.or.frontiernet.net. My favourite part is the myck.or.frontiernet.net section. Sounds like Myrtle Creek, Oregon, to me. Of course, I could be *completely* wrong... kmw -- To take from one, because it is thought that his own industry and that of his fathers has acquired too much, in order to spare to others, who, or whose fathers have not exercised equal industry and skill, is to violate arbitrarily the first principle of association, ‘the guarantee to every one of a free exercise of his industry, the fruits acquired by it.' ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
What a goon. That made me laugh till it hurt 2009/7/1 Tomas L. Byrnes t...@byrneit.net Reported to the Douglas County Sheriffs on their crime report form. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- boun...@lists.grok.org.uk] On Behalf Of Kevin Wilcox Sent: Wednesday, July 01, 2009 6:32 AM To: Inbox (Main) Cc: full-disclosure@lists.grok.org.uk; michelle.nash2...@yahoo.com; mitch nash Subject: Re: [Full-disclosure] (no subject) 2009/7/1 Inbox (Main) rokade...@gmail.com: Why not just ask michelle? Hope you don't mind: I forwarded your mail to michelle.nash2...@yahoo.com I'm guessing this could have something to do with it: http://www.nrtoday.com/article/20090619/LOGS/906199976/1051/NONEparentp rofile=1055 In particular, the section that says, Mitchell Dale Nash, 45, of Myrtle Creek, on suspicion of violation of a restraining order, interfering with making a report, harassment and unlawful entry into a motor vehicle. I only mention that because the original email came in from 74.32.173.24...which gives us u...@host ~ $ nslookup 74.32.173.24 Server: 152.10.248.1 Address:152.10.248.1#53 Non-authoritative answer: 24.173.32.74.in-addr.arpa name = 74-32-173-24.dr01.myck.or.frontiernet.net. My favourite part is the myck.or.frontiernet.net section. Sounds like Myrtle Creek, Oregon, to me. Of course, I could be *completely* wrong... kmw -- To take from one, because it is thought that his own industry and that of his fathers has acquired too much, in order to spare to others, who, or whose fathers have not exercised equal industry and skill, is to violate arbitrarily the first principle of association, ‘the guarantee to every one of a free exercise of his industry, the fruits acquired by it.' ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
On Thu, Dec 11, 2008 at 9:28 PM, - o z - . o...@hotmail.com wrote: I don't want to read it with Lynx, either. I've got some damn good SMTP clients, like Pine v.01a, OK? How do you read anything with an SMTP client? -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
On Dec 12, 2008, at 12:13 AM, Knud Erik Højgaard wrote: On Thu, Dec 11, 2008 at 9:28 PM, - o z - . o...@hotmail.com wrote: I don't want to read it with Lynx, either. I've got some damn good SMTP clients, like Pine v.01a, OK? How do you read anything with an SMTP client? -- You're right. It should be pop, imap, or simply client. And while your comment displays a level of technical acumen, I occasionally forget that not everyone speaks/comprehends the subtleties of English, probably about as good as me trying to get satire spoken in Danish. It's a joke. Satire. My mail client rant, whether or not the underlying protocols used smtp, pop, imap, http, https or little blue elves carrying 7 or 8 mime-bits out my bunghole...didn't have an option for crayon fonts big and colorful enough so an international audience would understand laugh...when I used Pine as the kicker, masturbatorily using a pre-Alpha version moniker, even calling Pine a great way to read email...I guess u took that seriously? That's OK, I learned a long time ago not to #%*^ with the Vikings. Your comment did make me think back...way back to 1995...using Trumpet Windsock with a win SMTP client that *did* use SMTP to both send and receivesomehow?...written in Pascal of all things...compiled and supported by a David C(K)ornit was very, very slow. But not funny. At least your average SMTP server was way more friendly back then after HELO, and damn it all, were they more xploitable or what? When I think back to all the crazy...never mind. It was an astounding time be alive is all, and writing about it makes me feel very, very old. Thanx for the clarification, Knud. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
Knud Erik Højgaard wrote: On Thu, Dec 11, 2008 at 9:28 PM, - o z - . o...@hotmail.com wrote: I don't want to read it with Lynx, either. I've got some damn good SMTP clients, like Pine v.01a, OK? How do you read anything with an SMTP client? tcpdump? -Luke smime.p7s Description: S/MIME Cryptographic Signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
On Thursday 11 December 2008 23:33:53 - o z - wrote: even calling Pine a great way to read email...I guess u took that seriously? I know a couple of people that swear by, and not at Pine, for some reason. So if that was supposed to signal a joke, it didn't work. -- Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
Knud Erik Højgaard wrote: How do you read anything with an SMTP client? With your preferred file lister in its queue or spool dir. How do you do it? Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
http://www.security-express.com/archives/postfix/2003-02/att-0043/01-smtp-tee Then grep the target maildir for whatever you want. ;-) Quis Custodiet Ipsos Custodes? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure- boun...@lists.grok.org.uk] On Behalf Of Nick FitzGerald Sent: Friday, December 12, 2008 2:22 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] FD subject line/name of org suggestion... Knud Erik Højgaard wrote: How do you read anything with an SMTP client? With your preferred file lister in its queue or spool dir. How do you do it? Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
If anyone complains about the internal MSDW libs in the use functions, you can accomplish the same effect with Net::SMTP::Server And Net::SMTP::TLS And some simple edits -Original Message- From: Tomas L. Byrnes Sent: Friday, December 12, 2008 3:25 PM To: 'n...@virus-l.demon.co.uk'; full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] FD subject line/name of org suggestion... http://www.security-express.com/archives/postfix/2003-02/att-0043/01- smtp-tee Then grep the target maildir for whatever you want. ;-) Quis Custodiet Ipsos Custodes? -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full- disclosure- boun...@lists.grok.org.uk] On Behalf Of Nick FitzGerald Sent: Friday, December 12, 2008 2:22 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] FD subject line/name of org suggestion... Knud Erik Højgaard wrote: How do you read anything with an SMTP client? With your preferred file lister in its queue or spool dir. How do you do it? Regards, Nick FitzGerald ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
Could try a separate folder and using rules to segregate FD emails. There really arent *that* many emails, I mean, compared to nearly insane volume of ntsysadmin or activedir. On Dec 11, 2008, at 1:54 AM, - o z - wrote: Hi everyone! Is it just me, or is it normal for everyone else *not* to usually see the entire exploit notification, e.g., subject line in client: [Full-disclosure] [ GL** #-0* ] Critical Squirrel Meat Timer v. 371117a Threat to Earth and All Inhabitants '(cut off right about @Meat Timer) [date]' What has happened over time (10+ years) is that while average desktop space has grown, font real-estate has shrunk. Way more stuff is on-screen. We're bombarded with even more info, some of it critical, and yeah, maybe some of us like to keep current 'cause we live breath infosec and have to kill -s netdev 666 just to make sense of it all sometimes. Belay that, nothing, nothing makes sense there...makes my orange run like clockwork. That's it! Using an informal survey method, most of my peers display FD the same waycritical version info is usually obscuficated (or it's something else dearly important...say what you want...the community is creative with names). It would be easier on the eyes and achieve a better productivity metric for my capitalist oppressors if the sub. line read: [Full-disclosure] Warning goes here .xxx [good job, now put your name/date thingy here, right here!] When my FD mailbox has 1000+ messages, many of them pertaining to software I'm responsible for, it would make it easier if the subject line devoted as much space possible for the 'sploit...firstfollowed by the author's naming convention. Credit will be remembered no matter what, since if it affects you, it will be opened. If it's been a long night or day, whoa, it's easy to overlook something I shouldn't. Right now it's like, Wow, that was some exploit I saw by 'insert name here and date' -- sure wish I could have read it at one glance, damn... Somebody might be screaming, Dude, change your settings -- and they're right. I should and do...but still have the same issue, on a variety of clients -- increasing available subject line space helps, regardless. Some org. ID's rent *16!* characters in the subj. line, and the last five can be a real bitch, i.e., v.371117 -- etc. Maybe some of 'ya think this is persnickety, and hell, it might be, it's just the 'best job, least amount of time thing.' It just makes more sense to me is all, quite unlike my apparent deteriorating cognitive grammatical abilities. -oz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- If this email is spam, report it here: http://www.onlymyemail.com/view/?action=reportSpamId=ODEzNjQ6ODEwMzcxNTM5OnBqcEBwc25ldC5jb20%3D THIS ELECTRONIC MESSAGE AND ANY ATTACHMENTS ARE CONFIDENTIAL AND PROPRIETARY PROPERTY OF THE SENDER. THE INFORMATION IS INTENDED FOR USE BY THE ADDRESSEE ONLY. ANY OTHER INTERCEPTION, COPYING, ACCESSING, OR DISCLOSURE OF THIS MESSAGE IS PROHIBITED. IF YOU HAVE RECEIVED THIS MESSAGE IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER AND DELETE THIS MAIL AND ALL ATTACHMENTS. DO NOT FORWARD THIS MESSAGE WITHOUT PERMISSION OF THE SENDER. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
On Thu, 11 Dec 2008 10:39:51 EST, Phillip Partipilo said: Could try a separate folder and using rules to segregate FD emails. There really arent *that* many emails, I mean, compared to nearly insane volume of ntsysadmin or activedir. Are they worse than linux-kernel, which is averaging some 500+ messages a day? Note that nobody reads every post in linux-kernel. In fact, nobody who expects to have time left over to actually do any real kernel work will read even half. Except Alan Cox, but he's actually not human, but about a thousand gnomes working in under-ground caves in Swansea. None of the individual gnomes read all the postings either, they just work together really well. -- Linus Torvalds (2000-05-02) pgp5yxxCeSMZt.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
This is quite simple to do on Gmail. All you need to do is open any full-disclosure email. Then click on show details and select filter messages from this mailing list. On Thu, Dec 11, 2008 at 6:10 PM, [EMAIL PROTECTED] wrote: On Thu, 11 Dec 2008 10:39:51 EST, Phillip Partipilo said: Could try a separate folder and using rules to segregate FD emails. There really arent *that* many emails, I mean, compared to nearly insane volume of ntsysadmin or activedir. Are they worse than linux-kernel, which is averaging some 500+ messages a day? Note that nobody reads every post in linux-kernel. In fact, nobody who expects to have time left over to actually do any real kernel work will read even half. Except Alan Cox, but he's actually not human, but about a thousand gnomes working in under-ground caves in Swansea. None of the individual gnomes read all the postings either, they just work together really well. -- Linus Torvalds (2000-05-02) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.astorandblack.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] FD subject line/name of org suggestion...
From: nytrok...@gmail.com Subject: Re: [Full-disclosure] FD subject line/name of org suggestion... This is quite simple to do on Gmail. All you need to do is open any full-disclosure email. Then click on show details and select filter messages from this mailing list. On Thu, Dec 11, 2008 at 6:10 PM, valdis.kletni...@vt.edu wrote: On Thu, 11 Dec 2008 10:39:51 EST, Phillip Partipilo said: Could try a separate folder and using rules to segregate FD emails. There really arent *that* many emails, I mean, compared to nearly insane volume of ntsysadmin or activedir. Nytrokiss, are you really suggesting, as a general rule, to use a *web-browser* on an unmoderated security forum that occasionally includes live exploit codethat runs in said browser?Call me old fashioned, but man, I don't think that's a good idea. I don't want to read it with Lynx, either. I've got some damn good SMTP clients, like Pine v.01a, OK? (Slapping-Self, 'cause the G5 no workie, again...! Do as I say, not as I do, hah! Slap!) Getting back to the org. premise, some of you here don't think the org. ID's are getting a little out of hand in their length? I meekly submit the notion that this practice may have something to do with Ego/Promo...I dunno, really, what is the requirement for an extra space/length [ blah-blah1371117 ] between the charactersif only to center the eye on the author? Indeed, instead of [Full-disclosure] wouldn't [FD] work just the same for filtering? And give us more space? Yeah, I think it would. ...and it's a ton of emails, especially if you run a few flavors of 'Nix and do your best not to become a bad Netizen. Or if someone posts, ranting they've been Fed-Poizoned...? Think how many wage-drones you've worked with that have no care of exploits on FD, and suffered the consequences because of it? I stand by my suggestions. -oz _ Explore the seven wonders of the world http://search.msn.com/results.aspx?q=7+wonders+worldmkt=en-USform=QBRE___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
dear ff, u suck. die. that is all. On Wed, Aug 13, 2008 at 6:18 AM, [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] has sent you a secure email using Hushmail. To read it, please visit the following web page: https://www.hushmail.com/express/4JS7VCHT Frequently Asked Questions: Why did I receive this email? You have received this email because you have been sent a secure email through Hushmail. To read your secure email, you must follow the link provided and correctly answer a secret question chosen by the sender. What is a secure email? Sending a regular email is like sending a postcard - it may be read by any number of people before reaching its recipient(s). A secure email is like sending a letter in a sealed envelope - it can only be read by the sender and intended recipient(s). Is it safe to follow the link in this email? Yes, it is safe to visit the Hushmail web site by following the link provided in this email. However, you should never open an email attachment unless you know the person who sent it, were expecting to receive the file from them, and have scanned the file for viruses. When you arrive at the Hushmail web site, be sure to check the following: The address bar of your web browser shows: https://www.hushmail.com/express/ A small picture of a padlock appears in the bottom right corner of your web browser If you would prefer to access your message by entering its message code, please visit the following web page: https://www.hushmail.com/express. You will be asked to enter the following message code: 4JS7 VCHT What is Hushmail? Hushmail is a web-based email service that lets you send and receive email in total security using OpenPGP standard algorithms. These algorithms, combined with Hushmail's unique key management system, provide unrivalled levels of security. Hushmail's encryption is automatic, transparent, and seamless - no special computer skills are required. How do I create a free Hushmail account? You can create a free Hushmail account by clicking on the following link: https://www.hushmail.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On Wed, 13 Aug 2008 10:18:13 -, [EMAIL PROTECTED] said: Is it safe to follow the link in this email? Yes, it is safe to visit the Hushmail web site by following the link provided. Which is, of course, what any miscreant who wanted you to visit a site that will drop malware into your browser would say. The risk is mitigated quite a bit for *this* e-mail because the link is in a text/plain, so you're either cut-n-pasting the link and can see where you're going, or your MUA has linkified it but you still can see the actual target. Unfortunately, most users can't tell the difference between a link in a text/plain and a href=http://127.0.0.1;http://www.goodstuff.com/a (and you probably should double-check what your MUA did with the above line :) pgpoTQqU7aK3y.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] No subject
It;s the new facebook friend adder On Wed, Aug 6, 2008 at 3:11 PM, [EMAIL PROTECTED] wrote: Not just Rouge apps, it's much more widespread: other colors such as magenta, mauve, fuschia, and even the extremes of pink and purple can also be impacted. On Wed, Aug 6, 2008 at 2:56 PM, John C. A. Bambenek, GCIH, CISSP [EMAIL PROTECTED] wrote: What's the infection vector? URL Link? Rouge Facebook app? On Wed, Aug 6, 2008 at 4:44 PM, Gadi Evron [EMAIL PROTECTED] wrote: Hi all. There's a facebook (possibly worm) something malicious sending fake messages from real users (friends). The sample also has a remote drop site (verified by someone who shall remain nameless). This is possibly zlob, not verified. Thanks Nick Bilogorskiy for his help. Infection sites seen so far are on .pl domains. The AV industry will soon add detection. Facebook's security folks are very capable, so I am not worried on that front. It's not that we didn't expect this for a long time now, but... Be careful. Some users know to be careful in email.. but not on facebook. Note: unlike 2003 when we called everything a worm and the 90s when everything was a virus--this is a bot which also spreads/infects on facebook. Gadi. -- You don't need your firewalls! Gadi is Israel's firewall. -- Itzik (Isaac) Cohen, Computers czar, Senior Deputy to the Accountant General, Israel's Ministry of Finance, at the government's CIO conference, 2005. (after two very funny self-deprication quotes, time to even things up!) My profile and resume: http://www.linkedin.com/in/gadievron ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- Click here for great computer networking solutions! http://tagline.hushmail.com/fc/Ioyw6h4fM6mUaUAfTcWMkR2Fx209IMXh1QMeRcp6eoXffMEOga9j6I/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
does that research involve you using a subject line in ur emails? On Tue, Aug 5, 2008 at 6:22 PM, Bernhard Mueller [EMAIL PROTECTED] wrote: Hello, We recently decided to release some of our research to the public, so selected presentations from our internal tech meetings will from now on be available for download at SEC Consult website. The presentations (some of which are in german) will include everything from general howtos to highly specialized pentesting-stuff. We will also release a whitepaper on a variant of the new DNS poisoning attack tomorrow. We wrote this whitepaper along with an exploit a while ago, and somehow managed NOT to leak it to the press before the Kaminsky talk :) The presentations and whitepapers, along with our past presentations from Blackhat and Deepsec, can be found at: http://www.sec-consult.com/publikationen_e.html Here are some links to what is already online: * A german guide to WEP/WPA cracking, by Johannes Greil: http://www.sec-consult.com/files/Wireless_LAN_attacks_wo_fancy_style.pdf * A presentation on the method of using DLL injection to interface to an SSL connection used by a running process (I used this for blackbox-testing certain binary SSL client/server applications): http://www.sec-consult.com/files/SSL_Packet_Injection_BMU.pdf * A short presentation on a method of error-based SQL injection in Sybase databases, by Thomas Kerbl: http://www.sec-consult.com/files/Sybase_ModSecurity_Evasion_TKE.pdf I hope that some of you will find this useful. Regards, Bernhard (Certified Internet Security Superstar) -- _ Bernhard Mueller Security Consultant SEC Consult Unternehmensberatung GmbH www.sec-consult.com A-1190 Vienna, Mooslackengasse 17 phone +43 1 8903043 34 fax +43 1 8903043 15 mobile+43 676 840301 718 email [EMAIL PROTECTED] Firmenbuch Wiener Neustadt: 227896t, UID: ATU56165223 Firmensitz: Prof. Dr. Stephan Korenstraße 10, A-2700 Wiener Neustadt Advisor for your information security. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On Wed, 2008-08-06 at 02:26 +0200, Ureleet wrote: does that research involve you using a subject line in ur emails? No, I left it out intentionally to provoke one of your useless posts. When n3td3v does a pushup, he isn't lifting himself up, he's pushing the Earth down! -- _ Bernhard Mueller Security Consultant SEC Consult Unternehmensberatung GmbH www.sec-consult.com A-1190 Vienna, Mooslackengasse 17 phone +43 1 8903043 34 fax +43 1 8903043 15 mobile+43 676 840301 718 email [EMAIL PROTECTED] Firmenbuch Wiener Neustadt: 227896t, UID: ATU56165223 Firmensitz: Prof. Dr. Stephan Korenstraße 10, A-2700 Wiener Neustadt Advisor for your information security. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Can you sue for slander? And probably a simple phishing techique would work against her. Sent from my BlackBerry® smartphone with SprintSpeed -Original Message- From: Cody Roby [EMAIL PROTECTED] Date: Tue, 1 Apr 2008 15:31:38 To:full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] (no subject) Alright i have a crazy ex who keeps posting malicous things about me on her myspace and i would like to know how to use html errors to hack her myspace, i saw a previous post, but the code has been removed. please help. Pack up or back up–use SkyDrive to transfer files or keep extra copies. Learn how. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Another approach is that you could stop reading her blog and seek an alternate past-time(s). That would avoid the commission of computer crime and its possible ramifications. - G - Original Message - From: josh [EMAIL PROTECTED] To: Cody Roby [EMAIL PROTECTED]; [EMAIL PROTECTED]; full-disclosure@lists.grok.org.uk Sent: Tuesday, April 01, 2008 3:50 PM Subject: Re: [Full-disclosure] (no subject) Can you sue for slander? And probably a simple phishing techique would work against her. Sent from my BlackBerry® smartphone with SprintSpeed -Original Message- From: Cody Roby [EMAIL PROTECTED] Date: Tue, 1 Apr 2008 15:31:38 To:full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] (no subject) Alright i have a crazy ex who keeps posting malicous things about me on her myspace and i would like to know how to use html errors to hack her myspace, i saw a previous post, but the code has been removed. please help. Pack up or back up–use SkyDrive to transfer files or keep extra copies. Learn how. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
porn stars, people who love to drip semen all over women's faces, etc etc hopefully you catch my drip. LOL U C WUT I DID THAR???/// any new leet TRU64 EXPLOITS COMIN OUT? maybe you can actually get HP to like you this time Simon Smith wrote: lol, what kind of self respecting person uses the name dripping? ;] dripping wrote: What kind of self-respecting, ubar serious firm, group, or..well, anything, for that matter, uses blogspot.com for their utterly useless information. ty bai ;) Simon Smith wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Your kewl dripping wrote: porn stars, people who love to drip semen all over women's faces, etc etc hopefully you catch my drip. LOL U C WUT I DID THAR???/// any new leet TRU64 EXPLOITS COMIN OUT? maybe you can actually get HP to like you this time Simon Smith wrote: lol, what kind of self respecting person uses the name dripping? ;] dripping wrote: What kind of self-respecting, ubar serious firm, group, or..well, anything, for that matter, uses blogspot.com for their utterly useless information. ty bai ;) Simon Smith wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
O I NO!!! btw, stop specifying the WANT RECEIPT ON RED because it's fucking annoying, nobody wants to read your emails. thnx bai Simon Smith wrote: Your kewl dripping wrote: porn stars, people who love to drip semen all over women's faces, etc etc hopefully you catch my drip. LOL U C WUT I DID THAR???/// any new leet TRU64 EXPLOITS COMIN OUT? maybe you can actually get HP to like you this time Simon Smith wrote: lol, what kind of self respecting person uses the name dripping? ;] dripping wrote: What kind of self-respecting, ubar serious firm, group, or..well, anything, for that matter, uses blogspot.com for their utterly useless information. ty bai ;) Simon Smith wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
I like how he still hasn't responded. reepex wrote: im going to wait for simon to respond ;P he is really good at making himself look like an idiot On Dec 9, 2007 1:39 PM, dripping [EMAIL PROTECTED] wrote: not that i care if this is on/off the list, do it * 9000. reepex wrote: turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Forward what ever you want, just make sure to edit it first so that you don't look like a liar ;) dripping wrote: I like how he still hasn't responded. reepex wrote: im going to wait for simon to respond ;P he is really good at making himself look like an idiot On Dec 9, 2007 1:39 PM, dripping [EMAIL PROTECTED] wrote: not that i care if this is on/off the list, do it * 9000. reepex wrote: turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
and yes.. I'll stop playing with the children now. Simon Smith wrote: Forward what ever you want, just make sure to edit it first so that you don't look like a liar ;) dripping wrote: I like how he still hasn't responded. reepex wrote: im going to wait for simon to respond ;P he is really good at making himself look like an idiot On Dec 9, 2007 1:39 PM, dripping [EMAIL PROTECTED] wrote: not that i care if this is on/off the list, do it * 9000. reepex wrote: turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
pedophilia is pretty serious. Simon Smith wrote: and yes.. I'll stop playing with the children now. Simon Smith wrote: Forward what ever you want, just make sure to edit it first so that you don't look like a liar ;) dripping wrote: I like how he still hasn't responded. reepex wrote: im going to wait for simon to respond ;P he is really good at making himself look like an idiot On Dec 9, 2007 1:39 PM, dripping [EMAIL PROTECTED] wrote: not that i care if this is on/off the list, do it * 9000. reepex wrote: turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Hah, ok that was funny, but I'm really going to shut up now cause this thread is pointless. ;. ripping wrote: pedophilia is pretty serious. Simon Smith wrote: and yes.. I'll stop playing with the children now. Simon Smith wrote: Forward what ever you want, just make sure to edit it first so that you don't look like a liar ;) dripping wrote: I like how he still hasn't responded. reepex wrote: im going to wait for simon to respond ;P he is really good at making himself look like an idiot On Dec 9, 2007 1:39 PM, dripping [EMAIL PROTECTED] wrote: not that i care if this is on/off the list, do it * 9000. reepex wrote: turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
the emails are sent your move On Dec 9, 2007 2:02 PM, Simon Smith [EMAIL PROTECTED] wrote: Forward what ever you want, just make sure to edit it first so that you don't look like a liar ;) dripping wrote: I like how he still hasn't responded. reepex wrote: im going to wait for simon to respond ;P he is really good at making himself look like an idiot On Dec 9, 2007 1:39 PM, dripping [EMAIL PROTECTED] wrote: not that i care if this is on/off the list, do it * 9000. reepex wrote: turned down? should i forward the list the emails were you and that random from netragard were begging me to work for you? On Dec 9, 2007 12:17 PM, Simon Smith [EMAIL PROTECTED] wrote: Awww, reepex feels bad because he got turned down... ;] reepex wrote: only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] mailto: [EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- - simon -- http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
only simon from snosoft and people from netragard try to hire people from FD ;) apparently they are not too satisfied with their current employees' skills On Dec 9, 2007 12:04 AM, dripping [EMAIL PROTECTED] wrote: And would you like to join my new CYBERSECURITY FIRM? We post to mailing lists and advertise like we're not actually advertising for ourselves. reepex wrote: I tried responding to your mail but it seems you did not get it so maybe you will on the list yes I would LOVE to your join your crew - could you please email me your silc server and bbs board details? On Dec 3, 2007 8:00 AM, Gobbles is back [EMAIL PROTECTED] wrote: Would you wish to join our crew ? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Because everyone trusts someone who uses a different from name than their signature name... Btw- buffo? Is that a twist on blotto or buffoon? You should add that interested parties make their checks payable to: c a s h Geoff Sent from my BlackBerry wireless handheld. -Original Message- From: h buffo [EMAIL PROTECTED] Date: Thu, 9 Aug 2007 16:41:13 To:full-disclosure@lists.grok.org.uk Subject: [Full-disclosure] (no subject) Hello, this message only concern professional. I selling codes 0days exploits about vulnerability i found and i coded. If you are interested by windows and linux exploit, please mail me. Regards, Joergen B. = -- Powered by Outblaze ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On 8/9/07, h buffo [EMAIL PROTECTED] wrote: Hello, this message only concern professional. I selling codes 0days exploits about vulnerability i found and i coded. If you are interested by windows and linux exploit, please mail me. Full-Disclosure - We believe in it. But you don't. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
HA As i say that if we got 10 cents for everytime someone put at a posting like this... We would be rich! On 8/9/07, Open Phugu [EMAIL PROTECTED] wrote: On 8/9/07, h buffo [EMAIL PROTECTED] wrote: Hello, this message only concern professional. I selling codes 0days exploits about vulnerability i found and i coded. If you are interested by windows and linux exploit, please mail me. Full-Disclosure - We believe in it. But you don't. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ http://www.jewelerslounge.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject) [was: White Paper - Chrooting sshd]
I don't get your point. As I said in the paper all the informations that -I- found were either outdated or unusable. That may be my disability in finding stuff, but obviously other people had the same difficulties. Since it's release this paper has been downloaded nonstop and spread to quite a few major project's archives as well. That should prove that at least -some- others were looking for this information. So please explain your point to me. This is an LGPL-licensed paper. What is your problem with publishing one of these? Oh, and please enter a subject next time. I almost missed your mail. Many Greetings Paul [EMAIL PROTECTED] schrieb: oh so your paper rox better than all paper about chrooting sshd ? dude, all thing written in your paper is known since a while ! Sometimes it may become profitable or necessary to jail the ssh daemon within a chroot. Unluckily there aren't many papers out there that explain the process of creating an appropriate jail and resolving all the necessary dependencies and errors. This paper will show you how to successfully jail sshd itself. Opposed to many other papers out there it does not try to jail the users after logging in but rather put the entire daemon into the jail. This approach is interesting for anybody paranoid enough to want to protect against remotely exploitable flaws in the used sshd. --- South Africas premier free email service - www.webmail.co.za -- For super low premiums, click here http://www.webmail.co.za/dd.pwm ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Very observant of you Bob, the SNOsoft site is not active right now. We hope to reactivate it later on in 2007. Any more questions? :] On 1/1/07 10:07 PM, Moore, Robert [EMAIL PROTECTED] wrote: Simon Smith of the SNOsoft Research Team provides the url http://www.snosoft.com http://www.snosoft.com but when you go there, you get: The SNOsoft Research Team has been acquired by Netragard, L.L.C. http://www.netragard.com/ http://www.netragard.com http://www.netragard.com/ um, did someone forget to tell Mr. Smith ?? ;-) bob moore -- - Date: Mon, 01 Jan 2007 18:16:59 -0500 From: Simon Smith [EMAIL PROTECTED] Subject: [Full-disclosure] Jeff Bernstein It has come to my attention that Jeff Bernstein has been falsely using the names of SNOsoft Research Team members. Moreover, Jeff Bernstein has been falsely associating himself with the SNOsoft/HP/DMCA vulnerability research and development ordeal that happened earlier in 2001. Jeff Bernstein has never been affiliated with the SNOsoft Research Team nor will he ever be. Jeff Bernstein does not work with nor has he ever directly worked with any of the SNOsoft Team Members. If anyone has talked with, or speaks with Jeff Bernstein in the future and if Mr. Bernstein mentions SNOsoft, please contact me immediately at [EMAIL PROTECTED] Thank you. Regards, Simon Smith SNOsoft Research Team http://www.snosoft.com https://email.brown.edu/exchweb/bin/redir.asp?URL=http://www.snosoft.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] (no subject)
How about a subject line?? -d From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Raphael BarkiSent: Monday, July 24, 2006 11:56 AMTo: full-disclosure@lists.grok.org.ukCc: [EMAIL PROTECTED]Subject: [Full-disclosure] (no subject) Hi, We are pleased to inform you that the security issue Plain text password in Finjan Appliance 5100/8100 NG backup file described here: http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047797.html has been overcome with version 8.3.6 of Finjans Vital Security Appliance (NG 5100/8100), released on 23/7/06. Non-user passwords in Archive or LDAP locations were not encrypted in version 8.3.5. In order to prevent any potential vulnerability, the passwords for LDAP and Archive (i.e., backup) are now encrypted in version 8.3.6. Best regards, Raphael Raphael BarkiDirector of Product Marketing[EMAIL PROTECTED]Finjan Software1, HaMachshev St. - 42504 Netanya, IsraelTel. +972-9-8648.225, Fax +972-9-8659441www.finjan.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] (no subject)
On Mon, 24 Jul 2006, Debasis Mohanty wrote: :How about a subject line?? : :-d People just don't read the old RFC on netiquette: http://www.dtcc.edu/cs/rfc1855.html : : _ : :From: [EMAIL PROTECTED] :[mailto:[EMAIL PROTECTED] On Behalf Of Raphael :Barki :Sent: Monday, July 24, 2006 11:56 AM :To: full-disclosure@lists.grok.org.uk :Cc: [EMAIL PROTECTED] :Subject: [Full-disclosure] (no subject) : : : :Hi, : : : :We are pleased to inform you that the security issue Plain text password in :Finjan Appliance 5100/8100 NG backup file described here: : :http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047797.html : : : :has been overcome with version 8.3.6 of Finjan's Vital Security Appliance :(NG 5100/8100), released on 23/7/06. : : : :Non-user passwords in Archive or LDAP locations were not encrypted in :version 8.3.5. In order to prevent any potential vulnerability, the :passwords for LDAP and Archive (i.e., backup) are now encrypted in version :8.3.6. : : : :Best regards, : :Raphael : : :Raphael Barki :Director of Product Marketing :[EMAIL PROTECTED] : :Finjan Software :1, HaMachshev St. - 42504 Netanya, Israel :Tel. +972-9-8648.225, Fax +972-9-8659441 :www.finjan.com : : : : -- [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On Thu, 04 May 2006 02:00:49 +0800, azrael goblin said: You know your e-mail program has gotten *waay* too complicated if it starts suffering from premature ejaculation pgpgRSabWBTUY.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] (no subject)
n3td3v, its not that we doubt that you're one of the best hackers in the ENTIRE world, nor do we doubt that your list is the finest around. its justthat we dont care. will you please just get off the fucking list. Ed From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of n3td3vSent: 31 March 2006 00:11To: full-disclosure@lists.grok.org.ukSubject: Re: [Full-disclosure] (no subject) Funny you should think FD isn't already moderated, our main [EMAIL PROTECTED] address has been moderated for months, hence the reason we're using [EMAIL PROTECTED] . This might be an interesting read for you "freedom of speech" Americans, who are currently bombing the hell out of the middle east to uphold, yet on FD, there is no democracy and freedom of _expression_... http://groups.google.com/group/n3td3v/browse_thread/thread/34e8f243bbddaf3e/ac7e9f73de66f10f http://groups.google.com/group/n3td3v/browse_thread/thread/64a322968d71fe3b/d3db5e88d9f91d88 http://groups.google.com/group/n3td3v/msg/5b3d7afe80dde4d3 Someone tell George W Bush todrop a bomb on John Cartwright's head, since he doesn't believe in "freedom", he must be aterrorist ;-) We ask John Cartwright to unmoderate [EMAIL PROTECTED] or you must be with the terrorists... and if you don't then someone might need to tell [EMAIL PROTECTED] and then you might get mentioned on his press conferences or radio addresses as being part of the "axis of evil". On 3/30/06, Anders B Jansson [EMAIL PROTECTED] wrote: Stan Bubrouski wrote: Name one powerful hacker kicked out of here?Just one.And you don't count (niether do I but I've never claimed to be an expert or important).Kicked from a public un-moderated mailing list?How?Now, if you don't like the noise, why don't you just shut the fuck up instead of answering the trolls?The noise isn't the idiot mailings, the noise is people who should know better answering the morons. _don't answer morons_ it serves no porpose.If someone posts something that is misguided or bad, then sure correct me (or us).But if someone posts something moronic, then please ignore.You're only helping the moron. I again refrain to the best proverb I've heard (and he's windows guru, shudder)"Don't argue with an idiot, he'll just drag the discussion to his level and beat you with experience."So, if someone post something silly or moronic, giggle, groan and delete. Do _not_ respond to prove that he (or remotely possibly she) is a moron,If we haven't got that already we have ourself to blame.Oh, and of course, this is for 'us', boring grayhats who want to read a clean list of the latest expliots every morning. Non-grayhats who want to annoy us are of course free to do so, after all, it is un-moderated and it's full-disclosure.So configure your frikken filters and stop responsing to idiots.// hdw___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
The most powerful hackers in the world being told to get off fd, well that says a lot for fd then doesn't it. I'll be off and leave you skids to it. I don't want to hold up your list of free vulnerabilities and exploits which you stalk this list for, because none of you can find your own vulnerabilities to hack the planet with, bye. On 3/30/06, s89df987 s9f87s987f [EMAIL PROTECTED] wrote: n3td3v be gone like you said you would.and Kevin Mitnick is just a flashy name used to get ppl to buy On 3/30/06, n3td3v [EMAIL PROTECTED] wrote:Nah dude, he stood in defence of Kevin Mitnick, works with the UN,whitehouse, fbi etc. He's a world leading advisor with much infulence on thesuper powers of the world in relation to information technology security. http://www.nytimes.com/2005/07/31/business/yourmoney/31hack.html?ex=1280462400en=311d897de4ab090aei=5088partner=rssnytemc=rss http://www.msbit.com/mis.html http://www.cutter.com/consultants/seidenm.html He's highly respected inthe government and corporate circuits of the world.Everytime I speak to him he's in another part of the world preparing to go into talks with a government or corporation. By no means a script kid whogot lucky. He and people as high up as him are the real people who run U-Sgovernment and corporate interests. We all know when we think of George W Bush, we all know he's not that powerful and takes advice from the realadvisors in control of the world, that you never see or hear about inpublic, well Seiden is your man. On 3/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Wed, 29 Mar 2006 23:36:28 +0100, n3td3v said: You mean like Seiden who broke into banks and told everyone about it, and is now one of the biggest security experts in the industry. He sentme an e-mail telling me a week or so back telling me to take you seriously,i'm beginning to wonder why. On Wed, 29 Mar 2006 23:56:48 +0100, n3td3v said: thats the currentsituation, upto date. Seiden at yahoo (security consultant/advisor/hacker) whatever you want to call him is now pissed off because he's getting no info feed into his corporate security team anymore... You'd think if Seiden was leet enough to break into banks, he'd beable to apply the same techniques to Yahoo and not need an external feed.Unlessof course he was just a skiddy who whacked the banks with some exploit hestole from somebody else and didn't understand ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_ Express yourself instantly with MSN Messenger! Download today - it's FREE!http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On 3/30/06, n3td3v [EMAIL PROTECTED] wrote: The most powerful hackers in the world being told to get off fd, well that says a lot for fd then doesn't it. I'll be off and leave you skids to it. I don't want to hold up your list of free vulnerabilities and exploits which you stalk this list for, because none of you can find your own vulnerabilities to hack the planet with, bye. If by powerful you mean retarded and by hackers you mean retards... You haven't contributed shit to this list other than noise you moron. Come back when you grow some pubes or after the brain transplant. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Name one powerful hacker kicked out of here? Just one. And you don't count (niether do I but I've never claimed to be an expert or important). -sb On 3/30/06, n3td3v [EMAIL PROTECTED] wrote: The most powerful hackers in the world being told to get off fd, well that says a lot for fd then doesn't it. I'll be off and leave you skids to it. I don't want to hold up your list of free vulnerabilities and exploits which you stalk this list for, because none of you can find your own vulnerabilities to hack the planet with, bye. On 3/30/06, s89df987 s9f87s987f [EMAIL PROTECTED] wrote: n3td3v be gone like you said you would. and Kevin Mitnick is just a flashy name used to get ppl to buy On 3/30/06, n3td3v [EMAIL PROTECTED] wrote: Nah dude, he stood in defence of Kevin Mitnick, works with the UN, whitehouse, fbi etc. He's a world leading advisor with much infulence on the super powers of the world in relation to information technology security. http://www.nytimes.com/2005/07/31/business/yourmoney/31hack.html?ex=1280462400en=311d897de4ab090aei=5088partner=rssnytemc=rss http://www.msbit.com/mis.html http://www.cutter.com/consultants/seidenm.html He's highly respected in the government and corporate circuits of the world. Everytime I speak to him he's in another part of the world preparing to go into talks with a government or corporation. By no means a script kid who got lucky. He and people as high up as him are the real people who run U-S government and corporate interests. We all know when we think of George W Bush, we all know he's not that powerful and takes advice from the real advisors in control of the world, that you never see or hear about in public, well Seiden is your man. On 3/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Wed, 29 Mar 2006 23:36:28 +0100, n3td3v said: You mean like Seiden who broke into banks and told everyone about it, and is now one of the biggest security experts in the industry. He sent me an e-mail telling me a week or so back telling me to take you seriously, i'm beginning to wonder why. On Wed, 29 Mar 2006 23:56:48 +0100, n3td3v said: thats the current situation, upto date. Seiden at yahoo (security consultant/advisor/hacker) whatever you want to call him is now pissed off because he's getting no info feed into his corporate security team anymore... You'd think if Seiden was leet enough to break into banks, he'd be able to apply the same techniques to Yahoo and not need an external feed. Unless of course he was just a skiddy who whacked the banks with some exploit he stole from somebody else and didn't understand ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] (no subject)
Title: Message No, please.. Really, keep your word just this one time. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of n3td3vSent: Thursday, March 30, 2006 10:55 PMTo: s89df987 s9f87s987f; full-disclosure@lists.grok.org.ukSubject: Re: [Full-disclosure] (no subject)The most powerful hackers in the world being told to get off fd, well that says a lot for fd then doesn't it. I'll be off and leave you skids to it. I don't want to hold up your list of "free vulnerabilities and exploits" which you stalk this list for, because none of you can find your own vulnerabilities to hack the planet with, bye. On 3/30/06, s89df987 s9f87s987f [EMAIL PROTECTED] wrote: n3td3v be gone like you said you would.and Kevin Mitnick is just a flashy name used to get ppl to buy On 3/30/06, n3td3v [EMAIL PROTECTED] wrote:Nah dude, he stood in defence of Kevin Mitnick, works with the UN,whitehouse, fbi etc. He's a world leading advisor with much infulence on thesuper powers of the world in relation to information technology security. http://www.nytimes.com/2005/07/31/business/yourmoney/31hack.html?ex=1280462400en=311d897de4ab090aei=5088partner=rssnytemc=rss http://www.msbit.com/mis.html http://www.cutter.com/consultants/seidenm.html He's highly respected inthe government and corporate circuits of the world.Everytime I speak to him he's in another part of the world preparing to go into talks with a government or corporation. By no means a script kid whogot lucky. He and people as high up as him are the real people who run U-Sgovernment and corporate interests. We all know when we think of George W Bush, we all know he's not that powerful and takes advice from the realadvisors in control of the world, that you never see or hear about inpublic, well Seiden is your man. On 3/30/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: On Wed, 29 Mar 2006 23:36:28 +0100, n3td3v said: You mean like Seiden who broke into banks and told everyone about it, and is now one of the biggest security experts in the industry. He sentme an e-mail telling me a week or so back telling me to take you seriously,i'm beginning to wonder why.On Wed, 29 Mar 2006 23:56:48 +0100, n3td3v said: thats the currentsituation, upto date. Seiden at yahoo (security consultant/advisor/hacker) whatever you want to call him is now pissed off because he's getting no info feed into his corporate security team anymore... You'd think if Seiden was leet enough to break into banks, he'd beable to apply the same techniques to Yahoo and not need an external feed.Unlessof course he was just a skiddy who whacked the banks with some exploit hestole from somebody else and didn't understand ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/_ Express yourself instantly with MSN Messenger! Download today - it's FREE!http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Funny you should think FD isn't already moderated, our main [EMAIL PROTECTED] address has been moderated for months, hence the reason we're using [EMAIL PROTECTED] . This might be an interesting read for you freedom of speech Americans, who are currently bombing the hell out of the middle east to uphold, yet on FD, there is no democracy and freedom of _expression_... http://groups.google.com/group/n3td3v/browse_thread/thread/34e8f243bbddaf3e/ac7e9f73de66f10f http://groups.google.com/group/n3td3v/browse_thread/thread/64a322968d71fe3b/d3db5e88d9f91d88 http://groups.google.com/group/n3td3v/msg/5b3d7afe80dde4d3 Someone tell George W Bush todrop a bomb on John Cartwright's head, since he doesn't believe in freedom, he must be aterrorist ;-) We ask John Cartwright to unmoderate [EMAIL PROTECTED] or you must be with the terrorists... and if you don't then someone might need to tell [EMAIL PROTECTED] and then you might get mentioned on his press conferences or radio addresses as being part of the axis of evil. On 3/30/06, Anders B Jansson [EMAIL PROTECTED] wrote: Stan Bubrouski wrote: Name one powerful hacker kicked out of here?Just one.And you don't count (niether do I but I've never claimed to be an expert or important).Kicked from a public un-moderated mailing list?How?Now, if you don't like the noise, why don't you just shut the fuck up instead of answering the trolls?The noise isn't the idiot mailings, the noise is people who should know better answering the morons. _don't answer morons_ it serves no porpose.If someone posts something that is misguided or bad, then sure correct me (or us).But if someone posts something moronic, then please ignore.You're only helping the moron. I again refrain to the best proverb I've heard (and he's windows guru, shudder)Don't argue with an idiot, he'll just drag the discussion to his level and beat you with experience.So, if someone post something silly or moronic, giggle, groan and delete. Do _not_ respond to prove that he (or remotely possibly she) is a moron,If we haven't got that already we have ourself to blame.Oh, and of course, this is for 'us', boring grayhats who want to read a clean list of the latest expliots every morning. Non-grayhats who want to annoy us are of course free to do so, after all, it is un-moderated and it's full-disclosure.So configure your frikken filters and stop responsing to idiots.// hdw ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] (no subject)
Can we get back onto topic. Not everybody is going to like everybody, and this list is really starting to irritate me with this useless complaining about who should be on and who should be off the list. If you don't like it, leave. Webguy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Anders B Jansson Sent: Thursday, March 30, 2006 4:36 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] (no subject) Stan Bubrouski wrote: Name one powerful hacker kicked out of here? Just one. And you don't count (niether do I but I've never claimed to be an expert or important). Kicked from a public un-moderated mailing list? How? Now, if you don't like the noise, why don't you just shut the fuck up instead of answering the trolls? The noise isn't the idiot mailings, the noise is people who should know better answering the morons. _don't answer morons_ it serves no porpose. If someone posts something that is misguided or bad, then sure correct me (or us). But if someone posts something moronic, then please ignore. You're only helping the moron. I again refrain to the best proverb I've heard (and he's windows guru, shudder) Don't argue with an idiot, he'll just drag the discussion to his level and beat you with experience. So, if someone post something silly or moronic, giggle, groan and delete. Do _not_ respond to prove that he (or remotely possibly she) is a moron, If we haven't got that already we have ourself to blame. Oh, and of course, this is for 'us', boring grayhats who want to read a clean list of the latest expliots every morning. Non-grayhats who want to annoy us are of course free to do so, after all, it is un-moderated and it's full-disclosure. So configure your frikken filters and stop responsing to idiots. // hdw ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Webguy, please get off this list. -- Michael On 3/31/06, Dixon, Wayne [EMAIL PROTECTED] wrote: Can we get back onto topic. Not everybody is going to like everybody, and this list is really starting to irritate me with this useless complaining about who should be on and who should be off the list. If you don't like it, leave. Webguy ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
On Tue, 28 March, 2006 10:00 am, Alexander Hristov wrote: IM not saying the entire disk ! Well, logically speaking a partition is essentially an entire disk, even if it is one of 14 hypothetical entire disks. Only the partition u choose the torrent to be saved in has to be full Like when u have 14 partitions and one of them is full i dont think this is a problem ? It is if you're trying to write more data to it! :-) So this is a security bug Not sure if you'd call it a *security* bug. Certainly should be handled better though! On 3/27/06, Stan Bubrouski [EMAIL PROTECTED] wrote: This really doesn't seem like a security bug though... sure some site could target opera users and try to force them to download torrents, but when your disk is already full this sounds like the least of your problems... -sb On 3/27/06, Alexander Hristov [EMAIL PROTECTED] wrote: Opera 8.02 with torrent support cant handle not enough space on drive If your partition is full and u choose to save a torrent on this partition opera will start using 100% of your cpu and momery and eventually crash Tested with opera 9 p 2 -- Best Regards, Aleksander Hristov root at securitydot.net http://securitydot.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- Best Regards, Aleksander Hristov root at securitydot.net http://securitydot.net ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ P.S.: Sorry about my time zone not being set correctly! -- Nick Withers email: [EMAIL PROTECTED] Web: http://www.nickwithers.com Mobile: +61 414 397 446 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Not that it matters but... Received: from www.c0replay.net (unknown [206.251.72.74]) by lists.grok.org.uk (Postfix) with ESMTP id 739EF127 for full-disclosure@lists.grok.org.uk; Sun, 5 Mar 2006 02:02:03 + (GMT) Date: Sat, 4 Mar 2006 18:01:51 -0800 To: full-disclosure@lists.grok.org.uk From: Steven Rakick [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] X-Priority: 3 X-Mailer: PHPMailer [version 1.73] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Dick Breath, You should sign your electronic mail with someunhackable crypto technology. That way youwill neverneed to show off your cut and paste technology to the others. You are irresponsible. Not that it matters but... PERFECT.MATERIAL On 3/4/06, Steven Rakick [EMAIL PROTECTED] wrote: Not that it matters but...Received: from www.c0replay.net (unknown [206.251.72.74]) by lists.grok.org.uk (Postfix) with ESMTP id 739EF127 for full-disclosure@lists.grok.org.uk; Sun,5 Mar 2006 02:02:03 + (GMT)Date: Sat, 4 Mar 2006 18:01:51 -0800To: full-disclosure@lists.grok.org.uk From: Steven Rakick [EMAIL PROTECTED]Message-ID:[EMAIL PROTECTED] X-Priority: 3X-Mailer: PHPMailer [version 1.73]__Do You Yahoo!?Tired of spam?Yahoo! Mail has the best spam protection around http://mail.yahoo.com___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] (no subject)
Hi Aditya
On 9/28/05, Aditya Deshmukh
[EMAIL PROTECTED] wrote:
Recently 2 days ago I saw this in a compromised system.
Both this file and cpshost.dll were deleted from C:\InetPub\scripts
This file was recovered but I was unable to recover cpshost.dll
Anyone know what is this ?
It is a upload script, cpshost.dll is the Posting Acceptor ActiveX control :
http://support.microsoft.com/kb/q230298/
% Response.Buffer = TRUE %
Version=1.5
%
PathToPA = http://; + Request.ServerVariables(SERVER_NAME) +
/scripts/cpshost.dll
PostingURL = PathToPA + ?PUBLISH
TargetURL = http://; + Request.ServerVariables(SERVER_NAME)
%
[{8B14B770-748C-11D0-A309-00C04FD7CFC5}]
PostingURL=%= PostingURL %
TargetURL=%= TargetURL %
ComponentInstall=yes
ciao ciao
ademar
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-Disclosure] (no subject) cpshost.dll
This a DLL used by IIS do handle POST requests, it can be used to upload files. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
