On Nov 27, 2012, at 5:52 PM, Vulnerability Lab resea...@vulnerability-lab.com
wrote:
Proof of Concept:
=
The software validation vulnerability can be exploited by local attackers
with required user interaction and privileged local system account.
For demonstration or
In fact, Yahoo!'s InfoSec team is called The Paranoids even outside Y! .
t
Sent from whatever device will keep us from debating which one is better.
On Nov 26, 2012, at 2:37 PM, Nick Boyce nick.bo...@gmail.com wrote:
On Sat, Nov 24, 2012 at 3:28 PM, Georgi Guninski gunin...@guninski.com
Really? I get nothing for that one??? That shit was FUNNY!!! :)
On Nov 1, 2012, at 10:41 AM, bk cho...@gmail.com wrote:
On Nov 1, 2012, at 1:43 AM, Dan Ballance wrote:
Hi guys,
I greatly respect the collective knowledge about security matters on this
list. What do you make of this
So, if you are a user on a system you're saying you can run code that attempts
to run other code, and though that code doesn't end up running yet more code
that's OK because you're already running code to begin with?
Dude, you're going to, like, retire off those ZDI checks!
t
Sent from
Actually, the DSA key is used to sign the message in many applications, though
I've often wondered exactly what reduction in security exists if the paired
private key is used to sign material instead. Do you have any info on that?
I've asked industry leaders in crypto, and while they report it
I think you're over reacting just a bit. You can give out your private key to
whomever/whatever you want to be able to decrypt data encrypted with the public
key. It all depends on the use-case, and what you want done. Just because its
a private key doesn't mean it's automatically some
It's InfoSec. Nothing has any meaning anymore. Or, better stated, things means
whatever people want them to mean in order to forward their agenda. When we
talked about full disclosure a while back, somebody said I was jaded as if it
meant I had clouded judgement. They were actually right
FYI, I updated as well, and only received the Flash bits. Actually, there
wasn't even an option for other bits. It asked me at the end if I wanted auto,
notify, or no update options but that was it. This was x86?
T
Sent from whatever device will keep us from debating which one is better.
On
Yep, actually had a reply in my drafts. I think he's serious. We've been
getting those lately.
t
On Aug 27, 2012, at 2:37 PM, Wiliam Steck codeinject...@gmail.com wrote:
this will only work if the desired user is in sudo and has permissions to
execute as root.
Otherwise, this post was a
Indeed. When I first saw it, I thought someone was coming out of the closet!
t
On Aug 19, 2012, at 4:40 AM, Robert Kim App and Facebook Marketing
evdo.hs...@gmail.com wrote:
DakaRand seems to work inside of VM's too
Dan, if you get any new revelations on it, please do make sure you post
Ah, well that's the problem then. At lion they dropped all support for
Rosetta. But there you have it! Mine is *better*. Now we don't have to
debate... Wait. Crap!
Sent from whatever device will keep us from debating which one is better.
On Aug 13, 2012, at 9:55 AM, Stefan Edwards
The first and most obvious point is that they are NOT journalists. They
are monkey read, monkey write content pushers with no regard for truth,
accuracy, or fairness.
Look at what's happened with the Apple thing. One monkey reads what another
monkey wrote, figures it's true, and writes
Actually, you did ask him to read it. You asked everyone to read it by posting
it. That's the way this works. If you can't handle criticism for moronic
advisories, then *you* are the one who needs to keep it to yourself.
T
Sent from whatever device will keep us from debating which one is
Right - if you've compromised the server to the point you can alter
directory structures/names, the you've already bypassed the ACLs required
in order to exploit the vulnerability that allows you to bypass the
ACLs. I don't get it.
t
On 7/16/12 10:47 AM, Григорий Братислава
Sure, no problem. Heaven forbid we talk about something like full disclosure
on the, um, Full Disclosure list. What was I thinking? Thanks for coming
out hiding as per your official letter to FD telling us you were leaving just
to set me straight.
T
From: NETT Dave
had a quick look but it seems that there are not many resources.
So this is going to be an interesting topic.
Just curious: what are the motives for your switch?
Regards,
--- phocean
Le 9 juil. 2012 à 19:45, Thor (Hammer of God) a écrit :
Greets all.
I was hoping to get some opinions on your
, 2012 at 6:00 PM, Thor (Hammer of God)
t...@hammerofgod.com wrote:
Same hereŠ I couldn't find anything that really served my needs. It was
hard enough to find the right resource to enable a single user to have
multiple email addresses for OSX Lion Server Mail but I figured that
out.
Maybe we
. The server stuff looks like
its covered under
https://lists.apple.com/mailman/listinfo/macos-x-server. There's a low
volume security list at
https://lists.apple.com/mailman/listinfo/apple-cdsa.
Jeff
On Wed, Jul 11, 2012 at 8:44 PM, Thor (Hammer of God)
t...@hammerofgod.com wrote:
Yep, saw those. There's
, July 10,
2012 7:00 AM To: full-disclosure@lists.grok.org.uk Subject:
Full-Disclosure Digest, Vol 89, Issue 11
-- Message: 7 Date: Mon, 9 Jul 2012
17:24:51 + From: Thor (Hammer of God) t...@hammerofgod.com
Subject: Re: [Full-disclosure] How much time
...@sydney.edu.au paul.sz...@sydney.edu.au
wrote:
Dear Mikhail,
From: Thor (Hammer of God) t...@hammerofgod.com
To: Georgi Guninski gunin...@guninski.com, Stefan Kanthak
stefan.kant...@nexgo.de
Cc: full-disclosure@lists.grok.org.uk
full-disclosure@lists.grok.org.uk
I'm not contradicting myself
:07 AM, Stefan Kanthak stefan.kant...@nexgo.de wrote:
Thor (Hammer of God) t...@hammerofgod.com wrote:
| Content-Type: multipart/mixed; boundary0734760750==
Please stop posting anything but text/plain.
If you really care about the security of the industry, then submit
is it is sourced within the same myopic scope of your
world views.
t
On 7/9/12 3:20 AM, Georgi Guninski gunin...@guninski.com wrote:
On Sun, Jul 08, 2012 at 02:07:52PM +0200, Stefan Kanthak wrote:
Thor (Hammer of God) t...@hammerofgod.com wrote:
| Content-Type: multipart/mixed; boundary
Greets all.
I was hoping to get some opinions on your favorite OSX security/server admin
sites/lists. I'm converting the HoG internal and production networks over to
OSX and OSX Server and would like some pre-vetting suggestions for a decent
source of information.
Thanks much.
t
there is time for fixing and there is time for breaking
Ecclesiastes in the Hacker's Bible? :0
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Well, I have to say, at least he's being honest. If the guy is chomping at the
bit to release the info so he can get some attention, then let him. That, of
course, is what it is all about. He's not releasing the info so that the
community can be safe by forcing the vendor to fix it. He's
@lists.grok.org.ukmailto:full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] How much time is appropriate for fixing a bug?
Thor (Hammer of God) : If and when they fix it is up to them.
so if vendor don't fix it /ack the bug.. then what ??
Responsibility works both ways.. Advise the vendor
I think he was referring to a DNS blockade ala SOPA. Though the suggestion was
painfully obvious (and that I pointed out the HOSTS file a few days back) it
does show the level of complete ignorance on the part of any legislator who
thinks a DNS blockade will, in any way, affect access to
-disclosure] server security
It depends what the attackers motive is. Is he/she trying to get as many
machines infected as he/she can. Or is he/she trying to get into YOUR network.
My 2c
On 21/06/2012 20:20, Thor (Hammer of God) wrote:
I completely agree with Gage. The way I see it, security through
What, no one uses the HOSTS file anymore?
[Description: Description: Description: Description: Description: Description:
Description: Description: Description: TimSig]
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft Security
For the FB'ers out there, the Hacker News (arguably accurate) has posted an
incendiary photo alleging US soldier posing with the dead and supposedly
engaged in The Ichabod. The funny part of it is to go through and count the
number of posts that threaten the lives of Americans; each one of
of God)
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Sunday Fodder
On Sun, Jun 24, 2012 at 4:06 PM, Thor (Hammer of God) t...@hammerofgod.com
wrote:
For the FB’ers out there, the “Hacker News” (arguably accurate) has
posted an incendiary photo alleging US soldier posing
I completely agree with Gage. The way I see it, security through obscurity is
perfectly valid as long as the control remains obscured. I think the anyone
can just scan your ports is somewhat specious in that most (if not something
like 99% or so (unqualified opinion of course)) traffic is
Hey man, that's some serious shit there - it's not a letter, it's a legal
letter. Those are more letter than the normal letter. Be afraid!
t
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft Security Bible
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
Ah... Very interesting. Another example where default trust can be a bad
thing (as we saw with Flame).
Sent from my iPad
On Jun 15, 2012, at 6:43 AM, Georgi Guninski gunin...@guninski.com wrote:
On Thu, Jun 14, 2012 at 05:52:26PM +, Thor (Hammer of God) wrote:
What are you considering
As if haggis wasn't distressing enough...
Sent from my iPad
On Jun 15, 2012, at 5:00 AM, Georgi Guninski gunin...@guninski.com wrote:
http://www.theregister.co.uk/2012/06/15/nine_year_old_school_dinner_blog_inaccurate/
Scots council: 9-yr-old lunch blogger was causing 'distress and harm'
What are you considering exploitable? The untrusted/unverified Master key?
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft Security Bible
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
And not capitalizing Army when you claim to have spent 10 years of your life
in service does precisely the same thing.
On Jun 10, 2012, at 3:31 AM, Laurelai
laure...@oneechan.orgmailto:laure...@oneechan.org wrote:
I dont listen to either. And sorry to burst your bubble but I did serve 10
...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Laurelai
Sent: Sunday, June 10, 2012 2:00 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against
Iran
On 6/10/12 12:52 PM, Thor (Hammer of God) wrote
-Security-Bible-Collection/dp/1597495727
From: Laurelai [mailto:laure...@oneechan.org]
Sent: Sunday, June 10, 2012 2:26 PM
To: Thor (Hammer of God)
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Obama Order Sped Up Wave of Cyberattacks Against
Iran
On 6/10/12 5:09 PM, Thor
many here have.)
So yes, my apologies, as I obviously don't know you from Adam. Now everything
makes more sense.
T
Sent from my iPad
On Jun 10, 2012, at 4:21 PM, Laurelai
laure...@oneechan.orgmailto:laure...@oneechan.org wrote:
On 6/10/12 6:00 PM, Thor (Hammer of God) wrote:
Awesome. I’ll
for the security industry!
t
On Jun 9, 2012, at 12:46 AM, Georgi Guninski gunin...@guninski.com wrote:
On Fri, Jun 08, 2012 at 05:03:02PM +, Thor (Hammer of God) wrote:
Man does things for two reasons: to get laid, or to get paid.
This completely explains why you are on this list
+1. I (sometimes regrettably) am from the south. It's quite embarrassing to
hear people refer to Sikhs as Muslims in a derogatory fashion (as if there was
something wrong with it in the first place) just because they look that way.
t
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft
finding solutions to countries using cyberwar and using innocent peoples
machines to carry it out,
invading peoples privacy and generally doing terrible stuff in the name of
god and country.
What solution? And who exactly is going to find it? The entire history of
mankind is based on
You can still submit fake data by just adding fake contacts. And of course,
the real privacy issue here is that you are sharing your freaking address book
with the world. Frankly, I’m amazed anyone would even think about doing that.
[Description: Description: Description: Description:
Here's the best info on attack trees:
http://3.bp.blogspot.com/-P_enGjuZU0I/TxFdFfD1A5I/BKs/DTzpNDG4THc/s1600/ent_isengard_small.jpg
[Description: Description: Description: Description: Description: Description:
Description: Description: Description: TimSig]
Timothy Thor Mullen
: Thursday, May 24, 2012 2:38 AM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Certificacion - Profesional Pentester
On 23/05/2012 20:26, Thor (Hammer of God) wrote:
Hell Juan. As per the conditions of the contract I forwarded, I am pleased to
see that you have given me full
Hell Juan. As per the conditions of the contract I forwarded, I am pleased to
see that you have given me full permission to assess any systems of yours I
feel are within scope. I’m copying in FD again so they can all be witness to
the fact you acting in a manner consistent with the terms of
Other way around. I’ll be sending HIM a bill. Which, based on our contract,
I will be able to pay on his behalf ☺
From: Peter Dawson [mailto:slash...@gmail.com]
Sent: Wednesday, May 23, 2012 12:50 PM
To: Thor (Hammer of God)
Cc: Juan Sacco; full-disclosure@lists.grok.org.uk
Subject: Re: [Full
: Ferenc Kovacs [mailto:tyr...@gmail.com]
Sent: Sunday, May 20, 2012 2:23 AM
To: Thor (Hammer of God)
Cc: Dan Kaminsky; Michael Gray; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Google Accounts Security Vulnerability
is it me, or you aren't reading the mails that you
I tried, and it didn't work (couldn't repro).
None of this matters - if you have username and password, you can check mail
via POP3 or IMAP. Last time I checked, that was by design. If anyone is
saying this is some sort of vulnerability because someone happens across your
username and
Hello Juan.
After multiple requests for you to remove me from your unsolicited (and
illegal) emails, I see you have refused to do so. This indicates and
illustrates your acceptance of a default opt-in until explicit opt-out policy
notwithstanding the fact you do not honor the opt-out.
That's what I said. :D
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft Security Bible
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Mike Hearn
Sent: Wednesday, May 16, 2012 1:38 PM
To:
I'm not sure I understand the issue here - the requirement for someone
happening to come across your username and password is a pretext.
Logging on to the web interface where you can change password and other
personal information as well as verify existing site cookies affords the
service
://www.amazon.com/Thors-Microsoft-Security-Bible-Collection/dp/1597495727
From: Mateus Felipe Tymburibá Ferreira [mailto:mateusty...@gmail.com]
Sent: Tuesday, May 15, 2012 12:21 PM
To: Thor (Hammer of God)
Cc: Jason Hellenthal; Michael J. Gray; full-disclosure@lists.grok.org.uk
Subject: Re: [Full
Got any decaf?
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft Security Bible
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Wei Honker
Sent: Thursday, May 03, 2012 12:24 PM
To:
Which always turns out to be the best...
Sent from my Windows Phone
From: valdis.kletni...@vt.edu
Sent: 4/24/2012 9:16 AM
To: Milan Berger
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Vulnerability in Gentoo hardened
On Tue, 24 Apr 2012
You dropped a FD on the BIBLE?? Dude, you're going straight to Hacker Hell! :)
Timothy Thor Mullen
www.hammerofgod.com
Thor's Microsoft Security Bible
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf
, 2012 5:23 PM
To: Thor (Hammer of God)
Cc: Thomas Richards; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] phpMyBible 0.5.1 Mutiple XSS
On Sun, 22 Apr 2012 19:59:46 -, Thor (Hammer of God) said:
You dropped a FD on the BIBLE?? Dude, you're going straight to Hacker Hell
Please ignore (again). I need this key here to parse some FD archives.
?xml version=1.0?
!--TGP - Thor's Godly Privacy: KeyFob XML Document--
KeyFobs
, but I really don't see
what your point is.
t
-Original Message-
From: Jason Hellenthal [mailto:jhellent...@dataix.net]
Sent: Sunday, April 08, 2012 5:41 PM
To: Thor (Hammer of God)
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Thor's Private Key
LoL WuT!
Whats
It's called Karmaware.
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of smith joseph
Sent: Friday, March 30, 2012 6:54 AM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] www.LEORAT.com is scam
You've well-articulated a problem most (if not all) of the implementations I've
seen just dance over. The application accomplishes the encryption
requirements stipulated by policy or regulation, but the key is easily
available to the application and of course to attackers.
I have no idea
I seriously doubt the Mexican drug cartel's would be kidnapping programmers.
They'd be taking out their best clients.
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of
valdis.kletni...@vt.edu
Sent:
Making a conclusion of community behavior, good or bad, based on some
indication of a number of clicks on some link is non sequitur. I actually
don't see any reason why one would be surprised by a security community
following links anyway. I've got a VM specifically used for this type of
He knows there’s nothing to any of these advisories – he just does it to drive
traffic to his site for Google Ads.
t
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Zach C.
Sent: Sunday, March 25, 2012 5:05 PM
To: InterN0T
Actually, those promiscuous sub-VLANs are bad news. I got a virus from one
that turned my hard drive into a floppy.
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of Giles Coochey
Sent: Wednesday,
You establish a connection to TSGateway via RPC over HTTP in an SSL tunnel.
Once you are authenticated and authorized, the TSGateway server will establish
a connection via RDP to the target server, tunneling the RDP connection back to
you within the RPC/HTTP(S) channel.
As such, TSGateway is
happy to help if I
can.
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of Thor (Hammer of God)
Sent: Sunday, March 18, 2012 9:21 AM
To: Nahuel Grisolía; root
Cc: full-disclosure@lists.grok.org.uk
Subject: Re
They did last time... But your advice is actually well noted :)
-Original Message-
From: James Condron [mailto:ja...@zero-internet.org.uk]
Sent: Sunday, March 18, 2012 10:06 AM
To: Thor (Hammer of God); full-disclosure-boun...@lists.grok.org.uk; full-
disclos...@lists.grok.org.uk
Why not just provide them with the contact and they can forward it on directly?
Then you could obviate the entire trust issue...
t
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of upsploit
advisories
Sent: Sunday, March 18, 2012
Exactly.
t
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Peter Maxwell
Sent: Saturday, March 17, 2012 8:28 AM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] is my ISP lying or stupid?
What makes you think
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu
Sent: Friday, January 27, 2012 4:06 PM
To: Michael Schmidt
Cc: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] when
+1
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of BMF
Sent: Thursday, January 12, 2012 5:30 PM
To: noloa...@gmail.com
Cc: full-disclosure@lists.grok.org.uk; valdis.kletni...@vt.edu; Benjamin
Kreuter
i am not member of ariko-security / but it's not possible what you have
wriiten it's primitive slander.
FYI, you can't write slander. One speaks slander, one writes libel.
t
___
Full-Disclosure - We believe in it.
Charter:
No workie.
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of white powder
Sent: Tuesday, December 06, 2011 3:10 AM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] prosec
You are in a tough spot. In general, the level of access you granted yourself
in an unauthorized testing of the site would be considered illegal. You may
recall the whole 'or 1=1 thing. So your approach to the client is all he
would need to contact authorities if he so chose.
Arguably,
You mad bro?
If by mad you mean crazy, well, you're not the only one asking that
question these days :) If by mad you mean angry, then I'd have to say yes.
Well, angry is too strong a term - I would say frustrated. Information
Security is supposed to be about just that - but we've stopped
Yeah, I gotta say, I'm going to use it at some point ;)
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Mario Vilas
Sent: Friday, November 11, 2011 9:02 AM
To: Ryan Dewhurst
Cc: full-disclosure@lists.grok.org.uk
Subject: Re:
So, I've looked about on the web to see what software of any consequence you
have written, but I can't find any. Can you point me to anything that
illustrates that you know how to develop wide scale software applications and
execute an SDL plan, or do you just like to sit back and bitch about
Fake :)
From: Sergito [mailto:sergito.li...@gmail.com]
Sent: Thursday, November 10, 2011 11:50 AM
To: Thor (Hammer of God)
Cc: Georgi Guninski; xD 0x41; full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could
Allow Remote Code Execution
*Any* assumptions that presuppose security based on social affiliation need to
be reconsidered.
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of valdis.kletni...@vt.edu
Sent: Monday, October 24, 2011
For what it's worth, I found this article to be far more matter of fact in
regard to the general concept, the existing (default) conditions in play, and
the conditions which need to be in place (or manipulated) in order for this to
be exploited than some of the other material your company has
I don't think I have any mental deficiency, but I've certainly done things that
almost got me a Darwin Award. I think momentary lack of reason better
describes it.
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk]
He already talks about how he's already thought about that in a prior article:
http://gawker.com/5850025/right+wing-rabble+rouser-leaks-thousands-of-occupy-wall-street-emails
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
Haven't we made it to the point where top posting is OK? I mean, it works from
a Ped Xing standpoint, why not here? It is REALLY that bad?
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
boun...@lists.grok.org.uk] On Behalf Of
Colorado empties popular lake to pay its water bill
http://www.telegraph.co.uk/news/worldnews/northamerica/usa/8816656/
Col
orado-empties-popular-lake-to-pay-its-water-bill.html
and so on. Your tax $$$ go to bailouts
Are these links true?
Things might be worse than i
I saw this on FB and thought I would pass it along:
http://99percentexif.tumblr.com/
It's the exif data from the photos the 99%'ers are posting - showing the $1000
systems, cameras, and software they are using to post.
t
From: full-disclosure-boun...@lists.grok.org.uk
I know that if I was starving to death and couldn't afford medical care for my
children that I wouldn't be sitting around with a $500 camera editing my photos
with $700 software on a $1000 computer. Nor would I be sitting around in my
apartment all day posting my woes on the Internet while the
that not everybody's been following the rules
Quoting Thor (Hammer of God) t...@hammerofgod.com:
I saw this on FB and thought I would pass it along:
http://99percentexif.tumblr.com/
It's the exif data from the photos the 99%'ers are posting - showing
the $1000 systems, cameras
, 2011 12:19 PM
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] [OT] Obama said: American people understand
that not everybody's been following the rules
Quoting Thor (Hammer of God) t...@hammerofgod.com:
No, it goes to show you how much most of the people bitching
Or people who think they are better because of the color of their skin.
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Darren Martyn
Sent: Monday, October 10, 2011 3:29 AM
To: Christian Sciberras
Cc:
Consider the source. It’s “someone close” to the operations, and that only
according to this guy. It could very well be a slot-puller in the casino
across the street… I’m always dubious of the reporting of this type of thing
where the source is some “secret” person, and where there is never
is based on the word of “someone speaking on terms of
anonymity” then there’s really not much value in it.
t
From: Christian Sciberras [mailto:uuf6...@gmail.com]
Sent: Monday, October 10, 2011 11:23 AM
To: Thor (Hammer of God)
Cc: Michael T; full-disclosure@lists.grok.org.uk
Subject: Re: [Full
Per request.
From: andrew.wallace [mailto:andrew.wall...@rocketmail.com]
Sent: Monday, October 10, 2011 11:50 AM
To: Christian Sciberras; full-disclosure; Thor (Hammer of God); Elazar
Broad; Michael Schmidt; Michael T
Subject: Re: [Full-disclosure] “We keep wiping it off, and it keeps coming
No offense intended??? How you expect to refer to the President of the United
States as a nigger and NOT offend people? You crossed WAY over the line on
that one, joro. WAY over.
t
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-
Hey, who all is going to Hashdays at the end of the month? I'm wondering what
kind of attendance we'll see from the FD crowd...
t
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and
Maybe he can trick the user into installing on a FAT32 partition first, and
THEN get the to execute from a remote share!
On Sep 25, 2011, at 5:30 PM, Travis Biehn
tbi...@gmail.commailto:tbi...@gmail.com wrote:
It might be a fun experiment to see what DLLs they're looking for :.)
-Travis
On
://crazycoders.com crazycoders.comhttp://crazycoders.com /
#haxnet@Ef
On 26 September 2011 10:52, Thor (Hammer of God)
mailto:t...@hammerofgod.comt...@hammerofgod.commailto:t...@hammerofgod.com
wrote:
Maybe he can trick the user into installing on a FAT32 partition first, and
THEN get the to execute
FYI
From: Raging Hagis
Sent: Wednesday, September 21, 2011 7:21 AM
To: Thor (Hammer of God)
Subject: Apple Lion OS Suffers From A Major Security Issue
Apple’s Lion OS X stores passwords insecurely, with the updated OS appearing to
be more vulnerable than its previous Snow Leopard and Leopard
The interesting part about this type of attack is that the attacker can run a
webdav server to run the exploit. This is a normal looking url, not some
incredibly obvious UNC path to an SMB share. Yes, like most client-side
attacks, it may require some social engineering, hijacking of a domain, and
1 - 100 of 404 matches
Mail list logo