Re: [Full-disclosure] Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D.
More explication on cve-2009-3103 http://g-laurent.blogspot.com/2009/10/more-explication-on-cve-2009-3103.html ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1]
So if I'm to understand you correctly, "gobbles 1337", Weev's mother or a family member was searching the family name randomly on Google, came across these threads, did *not* email the list but instead emailed you with a long list of abuse about Weev, within which she did not disclose any information about her own son that you did not know already; despite the fact that as his mother she would surely be privy to such information. She also, if I am to believe your emails, did not disagree with you on any point. You then kindly stripped the email formatting and rather than forwarding the email to the list, pasted it into your own email so that it would seem almost as though *you* wrote these emails! How strange. 2009/10/5 GOBBLES > Mr. Auernheimer, > > That's true. I'm not a hacker. > > Also, sorry for not clarifying that I use mrxisaplant too. > > Here is more correspondance received from your mom (added paragraph > breaks): > > Actually, Andrew has no relationship to designadventures or sealpac. Years > ago before sealpac came the US market, Andrew grabbed the domain name > (before we knew anything about his mental issues). We want it back. We > didn't even remember until this week that his name was on it as we paid for > several years in advance and the recent renewal was paid by credit card. > Design Adventures is my little interior design business-never had a thing > to > do with Andrew. Design Adventures and Sealpac have nothing to do with > Andrew > and have never done business with Andrew. In fact, even as parents we have > never financially supported him since he left home. Years ago our > communication with him was come home, get help, go to school and we will > then and only then support you. He refused. > > Andrew was never abused or neglected. When he lived with us he was a > totally different person, prior to his substance abuse issues. He became a > different person in Cal. He had to get as far away from us as he could to > participate in this kind of behavior because we would have called the cops > and kicked his ass to the curb. > > From his postings he is deranged and a drug addict. We are not asking for > sympathy for him. Andrew has been detained by the FBI twice this year? They > didn't do anythin...@#!!! I don't know what the strategy should be for you > or I if the FBI won't do anything to stop him and we can't find him. > You don't want to call the FBI and we don't care if you do, if they need to > they will contact you. Andrew's name has been available online for years so > it never even occurred to me to disclose his name but I also spoke to law > enforcement a year ago so even they knew. > > There are so many crazies on the > web just like Andrew and we simply stopped trying with him when he went to > California years ago. He would not give us his address or location. > Truthfully, until about a year ago we didn't even know about this ugly, > racist rhetoric because we weren't wasting our days looking. > > Many years ago > he was online railing against Bill O'Reilly and the far right and saying > anything to inflame. He used to be a radical liberal. I think he is so > crazy > now that he might be convinced that martians are ruining his life, not > Jews. > He's nuts. Sadly he is not alone. I could not believe, when I finally got > wind of his livejournal, how many people were posting horrible things in > agreement. I felt physically sick. All of those people are also a danger > and > who knows who those people are. They were smart enough to not post their > own > photos and link their real names to their ugly words. They may be more of a > danger because we don't know who they are. > > > Original Message > From: Andrew A > To: GOBBLES > Cc: full-disclosure@lists.grok.org.uk > Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo > Doc(TM) revision #1] > Date: Sun, 4 Oct 2009 12:33:13 -0500 > > > Mr. Learner, > > You really are hilarious. I can infer one thing from your posts: you aren't > a hacker, and you find this really awkward and aren't sure how this whole > ruin thing works. > > You have no access to data that I have not made public. Once again, the > only thing you found out was my name, which I put on my livejournal. Big > deal. The rest was google-able. You really don't have anything. You also > don't understand how to make this whole doxdrop deal effective and dramatic. > You save up everything you can until you find a piece of data which is > psychologically damaging to the target. You have to essentially find them > guilty of wrongdoing, like using a nonprofit to defraud people, or sucking > dicks for money. This whole thing where you post somebody's parents address, > big deal. Everybody's got parents unless they're orphaned. Those parents > inevitably live somewhere. If I were a basement dwelling loser, this tactic > might be effective. Unfortunately I live on 60 acres in the sticks and have > hungry dogs and guns. Not much you
Re: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload
> > >Successful exploitation requires the ability to execute the uploaded JavaScript. > > >The Geeklog Forum program can be used as an attack vector since it does not > >> properly validate many $_GET / $_POST variables. > >Could you give us some more details about these XSS vulnerabilities ? :) >> > >Cause all I see here is a RCE in the admin panel. >> You confirm that there are XSS but we don't have any details about them... >The >easy one is when the forum allows anonymous posts and is configured for >text posts. The anonymous user name is never filtered, so you can put >anything there, including a reference to the javascript uploaded as the >user profile image.. > How about the php flaw? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #3]
Eyeballing Weev, An informative dossier. = By Lisa Simpson Version = Revision #3 Purpose = You can edit this document and submit it back as a new revision. An effort by community citizens to expose this person. If you have any helpful knowledge about weev (even general) and have something to add, please reply with any editions. Abstract = Andrew "Weev" is a troll in his early 20's who has hacked into various websites, harasses innocent people and companies, and actually dropped dox on this very list. He's been covered in a NYTimes article on cyberharassment and a WST online blog post about a job he claims to have done on amazon. According to our contact with his mother Andrew used to live a quiet life in Richmond, VA. Described as perfectly kind and supportive of his brother and sister. But he began a life of drugs, starting with ecstacy and moving up to heroin. His former girlfriend was a user. He left to SoCal with no car or phone number given to family. His parents tried to have him involuntary committed. It is said in his NYTimes article that he is a wealthy cyber- criminal. In reality, he's nothing more than a nomadic schizo- phrenic with nothing better to do than reak havoc of the lives of innocents. Some of his victims (Which are on a list too long for even his associates to remember in entirity) consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's identity theft. Also, at the request of Girlvinyl (Sherrod DeGrippo), the owner of encyclopedia dramatica, weev was able to nail Randi Harper (freebsdgirl) to the wall, still hocking up her name on google to this day. Andrew is known for his pathological sense of vanity and narcissism. Every last act he does, he makes special effort to leave his mark economically, reputationally and psychologically in his victims. He wants to be world famous. His remedy for distracting attention from his own flaws and ironies is the age-old "blame it on the jews". For him, he doesn't try to use it in a sarcastic way, merely pointing out absurb anti-semitism exists, he uses in this way to say something so extreme any attempt of criticizing him stops. In general, a puppy that wants love, but apparently can't be fixed. A Michael Crook. Real Identity = - First name: Andrew - Last name: Auernheimer (mispelled as Aurenheimer sometimes) - Middle name: Alan Escher - Full name: Andrew Alan Escher Auernheimer DOB = September 1st, 1985 Past schools = James Madison University Known address = Criminal / 0day / Spam / Scam PO Box 61359 Sunnyvale, CA 94088 60 acres in the sticks with hungry dogs and guns, he claims. San Francisco, Los Angeles areas of California You can google his PO Box address (where he does biz from) and see complaints about fraud. Known Aliases = - Weev - Wbeelsoi - Uchiha Weevlos - Weevlar - Andrew wbeelsoi - Andrew weevlos - The iProhet - TheiProphet - The-iProphet Car = Drives a silver, 2000 Honda Civic License plate 6EFJ814. Most recently smog checked at Auto Chek in Anaheim, CA 2009/01/21, at 3:30 pm. Traffic Violation = http://visionweb.occourts.org/Vision_Public/SearchCase.do case "LH419349". Date of ticket: April 17th, 2009 Details: 22107 VC I Unsafe turn or lane change Disposition: Bail forfeiture (05/28/2009) Auernheimer tried to disguise his identity as Andrew Averngimer Known Affiliations = - Bantown - Buttes - EFnet #down - SASS (Something Awful Sycophant Squad) - Encyclopedia Dramatica Known Enemies = Organizations: - Something Awful - FBI - JDL - Possibly banks - Any law enforcement agency he knows him - Any jewish civil rights group that knows him Name: - Dennis Fetcho (TheFetch) - Kathy Sierra - Rob Levin (Lilo) - Richard Kyanka (lowtax) - Randi Harper (FreeBSDGirl) (Know more? http://tips.fbi.gov) Known business affiliations = Sealpac. Richmond, VA (We're sorting through them as we speak) Photo = - http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg - http://imgur.com/V5hkG.jpg Known publicity stunts = - Toorcon2111, Cybercrime Full URL: http://video.google.com/videoplay?docid=- 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi TinyURL: http://tinyurl.com/auernheimercrime - LiveJournal hacking - NYTimes "Mawebulence" Expose Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- t.html?_r=1&hp&oref=slogin Tiny URL: http://tinyurl.com/au
Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1]
Mr. Auernheimer, That's true. I'm not a hacker. Also, sorry for not clarifying that I use mrxisaplant too. Here is more correspondance received from your mom (added paragraph breaks): Actually, Andrew has no relationship to designadventures or sealpac. Years ago before sealpac came the US market, Andrew grabbed the domain name (before we knew anything about his mental issues). We want it back. We didn't even remember until this week that his name was on it as we paid for several years in advance and the recent renewal was paid by credit card. Design Adventures is my little interior design business-never had a thing to do with Andrew. Design Adventures and Sealpac have nothing to do with Andrew and have never done business with Andrew. In fact, even as parents we have never financially supported him since he left home. Years ago our communication with him was come home, get help, go to school and we will then and only then support you. He refused. Andrew was never abused or neglected. When he lived with us he was a totally different person, prior to his substance abuse issues. He became a different person in Cal. He had to get as far away from us as he could to participate in this kind of behavior because we would have called the cops and kicked his ass to the curb. From his postings he is deranged and a drug addict. We are not asking for sympathy for him. Andrew has been detained by the FBI twice this year? They didn't do anythin...@#!!! I don't know what the strategy should be for you or I if the FBI won't do anything to stop him and we can't find him. You don't want to call the FBI and we don't care if you do, if they need to they will contact you. Andrew's name has been available online for years so it never even occurred to me to disclose his name but I also spoke to law enforcement a year ago so even they knew. There are so many crazies on the web just like Andrew and we simply stopped trying with him when he went to California years ago. He would not give us his address or location. Truthfully, until about a year ago we didn't even know about this ugly, racist rhetoric because we weren't wasting our days looking. Many years ago he was online railing against Bill O'Reilly and the far right and saying anything to inflame. He used to be a radical liberal. I think he is so crazy now that he might be convinced that martians are ruining his life, not Jews. He's nuts. Sadly he is not alone. I could not believe, when I finally got wind of his livejournal, how many people were posting horrible things in agreement. I felt physically sick. All of those people are also a danger and who knows who those people are. They were smart enough to not post their own photos and link their real names to their ugly words. They may be more of a danger because we don't know who they are. Original Message From: Andrew A To: GOBBLES Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1] Date: Sun, 4 Oct 2009 12:33:13 -0500 > Mr. Learner, > > You really are hilarious. I can infer one thing from your posts: you aren't a > hacker, and you find this really awkward and aren't sure how this whole ruin > thing works. > > You have no access to data that I have not made public. Once again, the only > thing you found out was my name, which I put on my livejournal. Big deal. The > rest was google-able. You really don't have anything. You also don't > understand how to make this whole doxdrop deal effective and dramatic. You > save up everything you can until you find a piece of data which is > psychologically damaging to the target. You have to essentially find them > guilty of wrongdoing, like using a nonprofit to defraud people, or sucking > dicks for money. This whole thing where you post somebody's parents address, > big deal. Everybody's got parents unless they're orphaned. Those parents > inevitably live somewhere. If I were a basement dwelling loser, this tactic > might be effective. Unfortunately I live on 60 acres in the sticks and have > hungry dogs and guns. Not much you can do to me. > > Since you are so fucking inept that you can't even find my birthday: > September 1st, 1985 > My former school: James Madison University > > Protip: Nobody in the FBI takes internet submitted tips seriously. If you > want to go submit leads to the FBI, you can do it directly to the FBI agent > out to get me. > > Craig G. Mueller > Special Agent > Ph: (503) 552 5473 > Fa: (503) 552 5327 > craig.muel...@ic.fbi.gov > > I have attached a photo of his business card as well, for your personal > verification and convenience. > > Earlier you called for my "methods of alluding law enforcement." (sic; You > make so many errors in your English that it becomes hilariously obvious that > all your sockpuppets are the same person.) I've got some funny logs to give > you when you've exhausted your effort. You're going to LOL. > > On S
Re: [Full-disclosure] Take it from weev's mom.
So weev, the psychopath who takes pleasure in ruining the lives of innocents came from a diverse, caring, liberal family. Apparently it was an error to bring the family into this, but if we didn't post their info we'd never know the truth about weev's upbringing. I personally still believe weev needs to be behind bars for a few decades. Let's face it, the internet will be a safer place with this kid off the streets. http://tips.fbi.gov make it happen. On Sun, 04 Oct 2009 20:28:45 + GOBBLES wrote: >Remember, n3td3v always has the absolute finest in intelligence. > > Original Message >From: Alyse Auernheimer >To: fyo...@insecure.org, gobbles1...@safe-mail.net >Subject: RE: So Weev... >Date: Sat, 3 Oct 2009 02:28:54 -0400 > >Mr. Lyon, Paul > >There is a thread on your website referencing my son Andrew >Auernheimer. I am totally sympathetic with those posting as my son >is guilty of horrible behavior. We are ashamed of him and wish we >could find him ourselves. Sadly, your contributors felt the need >to "Out" our family, Andrew's parents and siblings. There are >links to our younger children, one of whom is only 14, our address > and phone numbers are available, photos of the children and one >reference by one poster as to a desire to rape me. The truth is >everyone we know already knows we have a mentally ill child. We >have made no secret of Andrew. > >We too are victims of Andrew. The hardest part for all of us is >that he used to be normal. He loved us and was sweet and kind to >his siblings. Several years ago he developed a relationship with a >girl with a serious drug problem. He began by using xtc regularly >and eventually graduated to LSD and heroin. About three years ago >he had a mental breakdown and began hearing voices and talking to >himself. He vanished from our lives. My children would log into >AIM to see if he was still alive; if he was logged on too long or >not recently they would worry something had happened to him. There >are references to his lavish lifestyle on this thread but the sad >truth is he is paranoid schizophrenic and has been homeless a >number of times. I am not excusing his pathetic behavior. My >husband and I contacted law enforcement in Southern California >almost a year ago as we wanted to try to "catch him" and have him >forcibly committed; he needs help. Unfortunately we were told that >the likely outcome would be 72 hours in a mental facility and they >would let him go and since we are in no financial position to pay >for mental health care for him we should just pray and forget it. >I cried every night for a year but I am done crying. I can only >worry about things that I can change and I really have NO >information about Andrew. He never once gave us a phone number or >address where we could reach him. When he left here he did not >have a car or a license. I don't even know what state he might be >in and frankly, I don't know if I want to anymore. > >I don't know if any of you have ever had a mentally ill family >member. It is torture. For it to be your child is indescribably >painful. I sometimes wonder if because our lives as a family >have been dedicated to diversity and inclusion, that he may have >chosen his weapons to purposely hurt us. We are tough though and >committed to each other and making the most positive contributions >to our world as we are able. > >I hope you all can find it in your hearts to please take down our >personal information. If your goal is to hurt US then you have >succeeded. Other than that I am not sure what the purpose of all >this was. I don't cry over Andrew anymore but I found this thread >when I googled my daughter looking for a school picture for her >dorm room and I sobbed. She has never said an unkind word to >anyone and I knew she would be devastated. We are not responsible >for Andrew's totally screwed up life, he is. I was contacted >erroneously on my Facebook page by someone named Anton Garcia >posing as a Dreamworks Animation Employee trying to find Andrew >because he was hacking Dreamworks. I suspected it was fake but I >answered anyway, truthfully. I too want him to own up to his >stupid behavior and take the consequences like a man. I'm sure I >will be disappointed. The worst part about this is you ONLY hurt >us. Andrew probably thought it was hilarious. He doesn't care what >you say or do to us, he only cares about himself. He, in the past, >has even made up a variety of ugly lies about us, but he is always >found out. > >Many of the postings referred to our family as nice. This is >accurate. Our other children are everything Andrew rejected, kind, >smart, hard-working, dedicated to making a difference through >public service, and we have left Andrew behind. There is so much >need in this world and so little time that spending it on tears >and regret is a colossal waste. Don't get me wrong we will always >love Andrew and our
[Full-disclosure] Take it from weev's mom.
Remember, n3td3v always has the absolute finest in intelligence. Original Message From: Alyse Auernheimer To: fyo...@insecure.org, gobbles1...@safe-mail.net Subject: RE: So Weev... Date: Sat, 3 Oct 2009 02:28:54 -0400 Mr. Lyon, Paul There is a thread on your website referencing my son Andrew Auernheimer. I am totally sympathetic with those posting as my son is guilty of horrible behavior. We are ashamed of him and wish we could find him ourselves. Sadly, your contributors felt the need to "Out" our family, Andrew's parents and siblings. There are links to our younger children, one of whom is only 14, our address and phone numbers are available, photos of the children and one reference by one poster as to a desire to rape me. The truth is everyone we know already knows we have a mentally ill child. We have made no secret of Andrew. We too are victims of Andrew. The hardest part for all of us is that he used to be normal. He loved us and was sweet and kind to his siblings. Several years ago he developed a relationship with a girl with a serious drug problem. He began by using xtc regularly and eventually graduated to LSD and heroin. About three years ago he had a mental breakdown and began hearing voices and talking to himself. He vanished from our lives. My children would log into AIM to see if he was still alive; if he was logged on too long or not recently they would worry something had happened to him. There are references to his lavish lifestyle on this thread but the sad truth is he is paranoid schizophrenic and has been homeless a number of times. I am not excusing his pathetic behavior. My husband and I contacted law enforcement in Southern California almost a year ago as we wanted to try to "catch him" and have him forcibly committed; he needs help. Unfortunately we were told that the likely outcome would be 72 hours in a mental facility and they would let him go and since we are in no financial position to pay for mental health care for him we should just pray and forget it. I cried every night for a year but I am done crying. I can only worry about things that I can change and I really have NO information about Andrew. He never once gave us a phone number or address where we could reach him. When he left here he did not have a car or a license. I don't even know what state he might be in and frankly, I don't know if I want to anymore. I don't know if any of you have ever had a mentally ill family member. It is torture. For it to be your child is indescribably painful. I sometimes wonder if because our lives as a family have been dedicated to diversity and inclusion, that he may have chosen his weapons to purposely hurt us. We are tough though and committed to each other and making the most positive contributions to our world as we are able. I hope you all can find it in your hearts to please take down our personal information. If your goal is to hurt US then you have succeeded. Other than that I am not sure what the purpose of all this was. I don't cry over Andrew anymore but I found this thread when I googled my daughter looking for a school picture for her dorm room and I sobbed. She has never said an unkind word to anyone and I knew she would be devastated. We are not responsible for Andrew's totally screwed up life, he is. I was contacted erroneously on my Facebook page by someone named Anton Garcia posing as a Dreamworks Animation Employee trying to find Andrew because he was hacking Dreamworks. I suspected it was fake but I answered anyway, truthfully. I too want him to own up to his stupid behavior and take the consequences like a man. I'm sure I will be disappointed. The worst part about this is you ONLY hurt us. Andrew probably thought it was hilarious. He doesn't care what you say or do to us, he only cares about himself. He, in the past, has even made up a variety of ugly lies about us, but he is always found out. Many of the postings referred to our family as nice. This is accurate. Our other children are everything Andrew rejected, kind, smart, hard-working, dedicated to making a difference through public service, and we have left Andrew behind. There is so much need in this world and so little time that spending it on tears and regret is a colossal waste. Don't get me wrong we will always love Andrew and our hearts will forever be broken where he is concerned but what else can we do but move on. It's like the Andrew we knew died long ago. Hope does spring eternal and sometimes I dream the real Andrew is home and we are all together, but my hopes are waning. Who knows, the future is never certain. I have been referred to an FBI agent who is involved with the cyber crimes division. I will forward this email to her tomorrow. Again, please don't make my younger children suffer any more. Do what you will with Andrew, he's earned it, but please let our family try to move on. We have been dealing wit
Re: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload
On 4 Oct 2009, at 08:47, Jaloh Smith wrote: > The > easy one is when the forum allows anonymous posts and is configured > for > text posts. The anonymous user name is never filtered, so you can put > anything there, including a reference to the javascript uploaded as > the > user profile image.. > > That's actually a much worse exploit than the file upload. There's no reason the script you load has to be stored locally -- it works just as well if you pull it from another domain. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #1]
Mr. Learner, You really are hilarious. I can infer one thing from your posts: you aren't a hacker, and you find this really awkward and aren't sure how this whole ruin thing works. You have no access to data that I have not made public. Once again, the only thing you found out was my name, which I put on my livejournal. Big deal. The rest was google-able. You really don't have anything. You also don't understand how to make this whole doxdrop deal effective and dramatic. You save up everything you can until you find a piece of data which is psychologically damaging to the target. You have to essentially find them guilty of wrongdoing, like using a nonprofit to defraud people, or sucking dicks for money. This whole thing where you post somebody's parents address, big deal. Everybody's got parents unless they're orphaned. Those parents inevitably live somewhere. If I were a basement dwelling loser, this tactic might be effective. Unfortunately I live on 60 acres in the sticks and have hungry dogs and guns. Not much you can do to me. Since you are so fucking inept that you can't even find my birthday: September 1st, 1985 My former school: James Madison University Protip: Nobody in the FBI takes internet submitted tips seriously. If you want to go submit leads to the FBI, you can do it directly to the FBI agent out to get me. Craig G. Mueller Special Agent Ph: (503) 552 5473 Fa: (503) 552 5327 craig.muel...@ic.fbi.gov A photo of his business card as well, for your personal verification and convenience: http://tinypic.com/r/1j84ly/4 Earlier you called for my "methods of alluding law enforcement." (sic; You make so many errors in your English that it becomes hilariously obvious that all your sockpuppets are the same person.) I've got some funny logs to give you when you've exhausted your effort. You're going to LOL. On Sat, Oct 3, 2009 at 8:37 PM, TheLearner wrote: > Eyeballing Weev, An informative dossier. > = > By FeelTheBurn Udmncrmnl > > Version > = > Revision #1 > > Purpose > = > You can edit this document and submit it back as a new revision. > > An effort by community citizens to expose this person. If you > have any helpful knowledge about weev (even general) and have > something to add, please reply with any editions. > > Abstract > = > I noticed seclists.org was taking down information relating to the > "doxing" of Andrew Auernheimer. > - Original post > http://seclists.org/fulldisclosure/2009/Oct/0013.html > - Mirror (http://www.webcitation.org/5kD6O0OEd) > > Andrew is a troll in his early 20's who has hacked into various > websites, harasses innocent people and companies, and actually > dropped dox on this very list. Some of his victims (Which are on a > list too long for even his associates to remember in entirity) > consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's > identity theft. Also, at the request of Girlvinyl (Sherrod > DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the > wall, still hocking up her name on google to this day. > > Andrew wants glory. He wants to be in the news. His remedy for > distracting attention from his own flaws and ironies is the age-old > "blame it on the jews". > > For him, he doesn't try to use it in a sarcastic way, merely > pointing out absurb anti-semitism exists, he uses in this way to > say something so extreme any attempt of criticizing him stops. > > In general, a puppy that wants love, but apparently can't be > fixed. A Michael Crook. > > Real Identity > = > - First name: Andrew > - Last name: Auernheimer (mispelled as Aurenheimer sometimes) > - Middle name: Alan Escher > - Full name: Andrew Alan Escher Auernheimer > > DOB > = > We need this! > > Past schools > = > We need this! > > Known address > = > Family > 2038 W Grace St > Richmond, VA 23220 > > Criminal / 0day / Spam / Scam > PO Box 61359 > Sunnyvale, CA 94088 > > San Francisco, Los Angeles areas of California > > You can google his PO Box address (where he does biz from) and > see complaints about fraud. > > Known Aliases > = > - Weev > - Wbeelsoi > - Uchiha Weevlos > - Weevlar > - Andrew wbeelsoi > - Andrew weevlos > - The iProhet > - TheiProphet > - The-iProphet > > Known Affiliations > = > - Bantown > - Buttes > - EFnet #down > - SASS (Something Awful Sycophant Squad) > - Encyclopedia Dramatica > - SealPac > > Known Enemies > = > Organizations: > - Something Awful > - FBI > - JDL > - Possibly banks > - Any law enforcement agency he knows him > - Any jewish civil rights group that knows him > > (Know more? http://tips.fbi.gov) > > Name: > - Dennis Fetcho > - Kathy Sierra > - Rob Levin > - Richard
[Full-disclosure] gmail pipe character inconsistencies and fun
Gmail will not let you send email to an email address with a | in it. It just goes directly to /dev/null. For good reason - it doesn't belong in an email address. It will not let you create an email address that uses it, and if you use google apps, you can't create a "group" or mailing list with it in it. For some reason google's smtp servers are more than willing to accept an email from (or to) an email address with the pipe character in it. So if you start sending someone annoying emails to someone from an email address like "com|bugging...@example.com", they might try to send your emails straight to the trash. So they click on the downward arrow in the top right, click on "filter messages like this", see "com|bugging...@example.com" in the "From:" field, click on "Next Step >>", delete it, and create filter. Now a huge chunk of their email will go into the trash. If they clicked "Also apply this filter to ...", they even delete a huge chunk of the email they already had. If course there is a search in the last step, but if you have it filled up with your junk email they might never even notice what they are doing. Is this a huge security flaw? Of course not. It still shouldn't exist. The truth is it doesn't concern me at all. What really bothers me is what I said above, that you can also send TO an email address with a pipe character in it. I use a catchall on my google apps domain, and I control spam by taking all of the fake email addresses spammers have generated and create an empty mailing list with those names. Now their spam gets rejected by the smtp servers, and they know they aren't getting anywhere. My spam box tends to stay empty. That is, until a spammer started sending email to an email address with | in it. I can't do anything to stop them. Google is impossible to talk to, so I had to create a fake vulnerability to get people outside google interested in it. The original "vulnerability" I talked about does exist, and I'm sure people could have some fun with it. Which reminds me, here is another "vulnerability". If you want to spam someone with a google apps domain and a catchall, they can't block you if you send email to an email address with a | in it! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Geeklog <= v1.6.0sr2 - Remote File Upload
> > > Successful exploitation requires the ability to execute the uploaded > > JavaScript. > > The Geeklog Forum program can be used as an attack vector since it does not > > properly validate many $_GET / $_POST variables. > Could you give us some more details about these XSS vulnerabilities ? :) > > Cause all I see here is a RCE in the admin panel. > You confirm that there are XSS but we don't have any details about them... The easy one is when the forum allows anonymous posts and is configured for text posts. The anonymous user name is never filtered, so you can put anything there, including a reference to the javascript uploaded as the user profile image.. _ Windows Live: Keep your friends up to date with what you do online. http://www.microsoft.com/middleeast/windows/windowslive/see-it-in-action/social-network-basics.aspx?ocid=PID23461::T:WLMTAGL:ON:WL:en-xm:SI_SB_1:092010___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] [EquipoFraude] Full Path Disclosure in most wordpress' plugins [?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This not only happens in the plugins, all files in wp-admin/import/ have errors like it. I'm fix it using: if ( defined('WP_ADMIN') or defined('WP_USE_THEMES') ){ ;//coninue } else{ die(); } Fernando A. Lagos B. escribió: > Exists an call to add_action() without validate with function_exists(). > When I run the php script directly, I get the full path of wp installation. > > Example: > [+] http://www.marco2010.cl/wp-content/plugins/akismet/akismet.php > [+] http://www.marco2010.cl/wp-content/plugins/hello.php > > > Is a bug? Is a feature? > > More details posted in my blog: > http://blog.zerial.org/seguridad/vulnerabilidad-en-la-mayoria-de-los-plugins-para-wordpress/ > (spanish) > > > cheers. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - -- Victor Antonio Torre vtorre @ hispasec.com PGP Key ID: 74FA965E Hispasec Sistemas S.L +34 902 161 025 29590 Málaga (Spain) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJKxp8qAAoJEO8OrbJ0+pZeCwgH/iISumx4AM7EYvebIT39U3L3 /W383B2oNkqYOpsIdb2nmLWoBXgpSWdnZNhZ6Oqy0OPvqMQQjT/DLW0DoXqMPHlT MrF9ex7eJs6d0u17pMUiIHllqKg/pnWvNvPP2zwQ34L2JxdmesOcbCJ4+faRWfNg PtPkEWhj44D7qXGNFSubWYbzTr/8nxd7sBjfjedhxDBsbmSKFVTuEAgAubCRaSpO NQ3Fqls9bAUTBHGI9Yy5x/GQbqAa99v8Mvvb3BgZqQeV+cqxK4HDMqSwXPi7siFa AODX4dndrEUo5VLoHftEpha2YGQtH7Q1N+C7wxCiupCw5mkT3lhMyx8vvRyHA+0= =ZYwQ -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Weev, AKA Andrew Auernheimer [Fullinfo Doc(TM) revision #2]
Eyeballing Weev, An informative dossier. = By FeelTheBurn Udmncrmnl Version = Revision #2 Purpose = You can edit this document and submit it back as a new revision. An effort by community citizens to expose this person. If you have any helpful knowledge about weev (even general) and have something to add, please reply with any editions. Abstract = I noticed seclists.org was taking down information relating to the "doxing" of Andrew Auernheimer. - Original post http://seclists.org/fulldisclosure/2009/Oct/0013.html - Mirror (http://www.webcitation.org/5kD6O0OEd) Andrew is a troll in his early 20's who has hacked into various websites, harasses innocent people and companies, and actually dropped dox on this very list. Some of his victims (Which are on a list too long for even his associates to remember in entirity) consist of Rob Levin, Rich Kyanka's (lowtax) and Kathy Sierra's identity theft. Also, at the request of Girlvinyl (Sherrod DeGrippo) weev was able to nail Randi Harper (freebsdgirl) to the wall, still hocking up her name on google to this day. Andrew wants glory. He wants to be in the news. His remedy for distracting attention from his own flaws and ironies is the age-old "blame it on the jews". For him, he doesn't try to use it in a sarcastic way, merely pointing out absurb anti-semitism exists, he uses in this way to say something so extreme any attempt of criticizing him stops. In general, a puppy that wants love, but apparently can't be fixed. A Michael Crook. Real Identity = - First name: Andrew - Last name: Auernheimer (mispelled as Aurenheimer sometimes) - Middle name: Alan Escher - Full name: Andrew Alan Escher Auernheimer DOB = September 1st, 1985 Past schools = We need this! Known address = Family 2038 W Grace St Richmond, VA 23220 Criminal / 0day / Spam / Scam PO Box 61359 Sunnyvale, CA 94088 San Francisco, Los Angeles areas of California You can google his PO Box address (where he does biz from) and see complaints about fraud. Known Aliases = - Weev - Wbeelsoi - Uchiha Weevlos - Weevlar - Andrew wbeelsoi - Andrew weevlos - The iProhet - TheiProphet - The-iProphet Car = Drives a silver, 2000 Honda Civic License plate 6EFJ814. Most recently smog checked at Auto Chek in Anaheim, CA, on 2009/01/21, at 3:30 pm. Traffic Violation = http://visionweb.occourts.org/Vision_Public/SearchCase.do case "LH419349". Date of ticket: April 17th, 2009 Details: 22107 VC I Unsafe turn or lane change Disposition: Bail forfeiture (05/28/2009) Auernheimer tried to disguise his identity as Andrew Averngimer Known Affiliations = - Bantown - Buttes - EFnet #down - SASS (Something Awful Sycophant Squad) - Encyclopedia Dramatica - SealPac Known Enemies = Organizations: - Something Awful - FBI - JDL - Possibly banks - Any law enforcement agency he knows him - Any jewish civil rights group that knows him Name: - Dennis Fetcho (TheFetch) - Kathy Sierra - Rob Levin (Lilo) - Richard Kyanka (lowtax) - Randi Harper (FreeBSDGirl) (Know more? http://tips.fbi.gov) Known business affiliations = Sealpac. Richmond, VA (We're sorting through them as we speak) Photo = - http://img.waffleimages.com/239fb622e4e5188627f39af8045575a70182f8c7 /569px-Internet_business.jpg / http://img8.imageshack.us/img8/7586/569pxinternetbusiness.jpg / http://imgur.com/V5hkG.jpg Known publicity stunts = - Toorcon2111, Cybercrime Full URL: http://video.google.com/videoplay?docid=- 5643217366887354926&ei=iOzHSvzBOpbWrQKvlu2KDg&q=andrew+wbeelsoi TinyURL: http://tinyurl.com/auernheimercrime - LiveJournal hacking - NYTimes "Mawebulence" Expose Full URL: http://www.nytimes.com/2008/08/03/magazine/03trolls- t.html?_r=1&hp&oref=slogin Tiny URL: http://tinyurl.com/auernheimernytimes - He is also taking credit for Amazon hack of 2009. However this has not been confirmed - Corrupt: www.corrupt.org/act/interviews/weev - Public naming by JewishReview Full URL: http://www.jewishreview.org/local/Police-question- two-men-about-threats-to-Jewish-community TinyURL: http://tinyurl.com/auernheimer Archival: http://www.webcitation.org/5jnPBPyHG Family === Phone number: (804) 355-2889 Mother - Name: Catherine Auernheimer - Affiilations: Richmond PTA, Democratic Party - Alias: Alyse - Photograph: http://imgur.com/AQpSd.jpg / (http://img19.image
Re: [Full-disclosure] n3td3v mentioned in a book?
For your information, my client n3td3v is a trusted security researcher. He's cited in f0b1dd3n -- A qualified, peer-reviewed source for infosec data. Original Message From: Gichuki John Chuksjonia Apparently from: full-disclosure-boun...@lists.grok.org.uk To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] n3td3v mentioned in a book? Date: Sun, 4 Oct 2009 10:37:54 +0300 > Maybe its not a Ban, maybe its a burn notice! > > > > > > > > On 10/4/09, full-censors...@hushmail.com wrote: > > if this guy is mentioned in a book and we banned him? > > > > http://f0rb1dd3n.com/links.php > > > > i'm calling for a serious review of whats going on with the ban > > list. > > > > > > > > > > > > > > > > > > ___ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -- > -- > Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P > I.T Security Analyst and Penetration Tester > infosig...@inbox.com > > {FORUM}http://lists.my.co.ke/pipermail/security/ > http://nspkenya.blogspot.com/ > http://chuksjonia.blogspot.com/ > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v mentioned in a book?
Maybe its not a Ban, maybe its a burn notice! On 10/4/09, full-censors...@hushmail.com wrote: > if this guy is mentioned in a book and we banned him? > > http://f0rb1dd3n.com/links.php > > i'm calling for a serious review of whats going on with the ban > list. > > > > > > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosig...@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/