[Full-disclosure] (no subject)

2011-05-17 Thread Jhfjjf Hfdsjj
http://www.lestes.net/wp-content/themes/default/life.html___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Windows is 100% self-modifying assembly code? (Interesting security theory)

2010-12-10 Thread Jhfjjf Hfdsjj
On 12/9/2010 8:39 PM, John Jester Wilham Patrick III wrote: > >From Andrew Auernheimer's Diary / irc memories: > >Windows is written in pure, self-modifying assembly >code. Notice how you can install 15 gigs of data from >

Re: [Full-disclosure] Evilgrade 2.0 - the update explotation framework is back

2010-11-01 Thread Jhfjjf Hfdsjj
>> I do not believe anyone is 'ptoposing' anything. All he said was that package >> signing should not be taken as a silver bullet, for experience has shown that > >the key's themselves are capable of being compromised if a vendor is >> successfully attacked. >> >> Exactly what I would expect fro

Re: [Full-disclosure] Evilgrade 2.0 - the update explotation framework is back

2010-11-01 Thread Jhfjjf Hfdsjj
>On Sun, Oct 31, 2010 at 10:36 AM, wrote: > >On Sun, 31 Oct 2010 13:09:27 BST, Mario Vilas said: >> >> >Just signing the update packages prevents this attack, so it's not that hard >>> to fix. >> >> Except if a signing key gets compromised, as happened to one Linux vendor >> recently, causing a

Re: [Full-disclosure] New tool for pentesting

2010-09-17 Thread Jhfjjf Hfdsjj
- Forwarded Message From: Jhfjjf Hfdsjj To: runlvl Sent: Fri, September 17, 2010 3:26:44 AM Subject: Re: [Full-disclosure] New tool for pentesting Are you expecting us to believe that a windows only supported penetration tool with absolutely zero information regarding true

Re: [Full-disclosure] Tuscl.net SQL injection with 30k Plain Text Passwords & 80k Email list

2010-09-04 Thread Jhfjjf Hfdsjj
Well, one thing I will point out is that the link you submitted for the actual SQL injection doesnt seem to work. Either they fixed it or you messed up the link. From: Ben To: full-disclosure@lists.grok.org.uk Sent: Fri, September 3, 2010 11:09:04 AM Subject:

Re: [Full-disclosure] Day of bugs in WordPress 2

2010-07-30 Thread Jhfjjf Hfdsjj
Ed is the standard text editor. On Fri, Jul 30, 2010 at 6:13 AM, Elazar Broad wrote: -BEGIN PGP SIGNED MESSAGE- >Hash: SHA1 > >ed or nano? :) > > >On Thu, 29 Jul 2010 20:47:19 -0400 valdis.kletni...@vt.edu wrote: >>On Thu, 29 Jul 2010 17:18:28 PDT, Zach C said: >>> So if Drupal and Wo

Re: [Full-disclosure] ATTENTION FBI - Want the real names folks involved in the iPad hack???

2010-07-09 Thread Jhfjjf Hfdsjj
Wow, way to be a fricken racist snitch. - Forwarded Message From: IRC FRAUD ALERT To: full-disclosure Sent: Thu, July 8, 2010 8:46:40 PM Subject: [Full-disclosure] ATTENTION FBI - Want the real names folks involved in the iPad hack??? Sam Hocevar aka sam, Debian developer who provi

Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly

2010-06-11 Thread Jhfjjf Hfdsjj
Hey just wanted to say that my default installation of Windows 7 doesnt seem vulnerable~no hcp protocol handler. Just thought some people would like to take note :) - Original Message From: Tavis Ormandy To: full-disclosure@lists.grok.org.uk Cc: bugt...@securityfocus.com Sent: Wed, J