Thats why i the people who do understand it, can see that it is there... yes, VERY hard to expalin, id LOVE to see you try.
On 12 June 2011 12:11, adam <[email protected]> wrote: > Furthermore, pretending that we [the readers] are somehow at fault here > (for not understanding) isn't going to get you very far. The only thing > consistent in this entire thread is that people *kind of* want to know > what you're talking about, but aren't able to due to the poor writing style > and spelling/grammar errors. > > It should be noted that no one is being anal about typos, I fully > understand that people make mistakes. The difference is that it appears you > didn't even so much as proof read the original email. > > > On Sat, Jun 11, 2011 at 9:04 PM, phocean <[email protected]> wrote: > >> Hi n3td3v... oops!... secn3t (that is close), >> >> Sorry but I don't understand anything to this thread. >> Each of your emails is such a pain to read, that I stop at the first >> sentence. >> We are all busy and don't want to take 20 min to decipher your writing >> with the risk that it is not deserving it. >> Please clarify and give consistent technical facts. >> >> Thanks. >> >> Le 12/06/2011 03:33, -= Glowing Doom =- a écrit : >> > This is NOT coded.. the PoC i am explaining, is possible with simply >> > copyying text,then using a sequence of keys, to make the actual >> > sentence/s, appear. >> > This code is not what shows up when it is dissected. >> > It shows up with many x41 all over the email when it is done properly . >> > Regards. >> > >> > >> > >> > On 12 June 2011 11:29, Christian Sciberras <[email protected] >> > <mailto:[email protected]>> wrote: >> > >> > For those lazy enough to search: >> > >> > >> https://www.owasp.org/index.php/The_CSRSS_Backspace_Bug_still_works_in_windows_2003_sp1 >> > >> > >> > Excerpt: >> > >> > Basicaly just compile this and you will get a 100% processor usage >> > by the compiled exploit and Csrss.exe >> > >> > #include <stdio.h> >> > int main(void) >> > { >> > while(1) >> > printf("\t\t\b\b\b\b\b\b"); >> > return 0; >> > } >> > >> > >> > How this helps in sending spam is beyond me. >> > >> > >> > >> > On Sun, Jun 12, 2011 at 3:18 AM, Jeffrey Walton <[email protected] >> > <mailto:[email protected]>> wrote: >> > >> > On Sat, Jun 11, 2011 at 9:06 PM, -= Glowing Doom =- >> > <[email protected] <mailto:[email protected]>> wrote: >> > >> > > It is now, over 1yr old atleast and exists in riched20.dll. >> > > This PoC info is over for me also. >> > Microsoft had problems with a backspace in the past. Search for >> > "CSRSS >> > Backspace Bug". >> > >> > > [SNIP >> > >> > Jeff >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> > >> > >> > >> > >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> -- >> phocean >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
