Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Um, NTLM isn't the only 20 or so year old protocol to take the rap recently, I can think of a low numbered rfc, lets say 1034 and 1035. Hindsight is 20/20, and 20 years ago, who would have thought that a 16 bit number was way too small for DNS transaction id, the same who would have though goes for NTLM and the rest. Lets face it, protocol design bugs suck, and to completely replace a widely used protocol ranks pretty high in the PiTA hall of fame... On Tue, 25 Nov 2008 05:25:57 -0500 Eric Rachner [EMAIL PROTECTED] wrote: Hey, kid - If you've got any better ideas about how to fix NTLM, the industry is ready waiting to hear them. The fact is, NTLM is an old busted protocol that happens to be used * everywhere*, and there's no way to fix it without breaking compatibility with, oh, just the entire installed base. I was happy to see MS08- 068 because the technique it implements is better than nothing - it offers a nice, clever way to reduce the exploitability of the issue without breaking anything important. Don't bother telling us all how M$ should just bite the incompatibility bullet and turn NTLM off - that's been an option for users, theoretically speaking, since about the time Windows Kerberos support became mature, and practically speaking, nobody seems to be turning NTLM off here in the real world. - Eric On Tue, Nov 25, 2008 at 7:44 AM, Memisyazici, Aras [EMAIL PROTECTED] wrote: RANT snip:: taken from MSRC Blog: http://blogs.technet.com/msrc/archive/2008/11/11/ms08-068-and- smbrelay.aspx What we released today with MS08-068 is that security update. It addresses the SMBRelay issue (discovered in 2001) does so in a way that doesn't have the negative impact on applications that we originally believed addressing this issue would have. /snip So... Hmm... I wonder what would happen if the rest of the world followed suit with M$' approach, and took 7 years to fix an issue in order to not cause a significant impact... Scenario: Ppl: Hey Ford, if one brute-forces the keyless entry on the door, you're car explodes... Ford: well... I'll offer you three choices, two immediately, and the last one 7 yrs later. You can either not use the keyless entry system (we'll give you some shiny duck-tape to cover it) or you can use the biometric-knub system which requires that you have a knub... So those who have arms legs can't use the system... (btw this will give birth to a whole new industry that will allow ppl to pay money for a product that fakes a knub for people with appendages) But it's biometric cool this way! Or you can wait for 7 years and we'll release a non-exploding version of the keyless- entry system. *** OK... Maybe I'm going a bit extreme, but WTH?! Am I the only one who is interpreting this, this way? Really? When has releasing a solution to a problem 7 years later ever been acceptable? Jus' sayin' ... /RANT Aras 'Russ' Memisyazici Systems Administrator Virginia Tech ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -BEGIN PGP SIGNATURE- Charset: UTF8 Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 3.0 wpwEAQECAAYFAkktAd8ACgkQi04xwClgpZhz/wP/XksVY9PcYZ9Rs5iDMAkw7qa/2FIw UsdD78zHzH5JuFTl0gTozNBRJwWZfxdp3frDjtKAIUl6qVvhd2Kv/lOzVU70mNm/4VlM tC+YqiYMVuMC0flaUwYOxOwfcxaXE+YBWWxMvM7DgNayVqiAwhrsyPNQLv3dAc6jaXtC rvGdXhI= =8pzj -END PGP SIGNATURE- -- Click for amazing quotes from local deck contractors amp; remodelers. http://tagline.hushmail.com/fc/PnY6qxtz6M04r4PUxw0zUeIGPUNC89x4D6yvwbXxUKMzgFsomHdoM/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recoveryvulnerability released
It's safe to assume that it covers the both of you ignorant turds -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of n3td3v Sent: 25. november 2008 19:03 To: Paul Schmehl; full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Updates for SSH Tectia plaintext recoveryvulnerability released On Tue, Nov 25, 2008 at 5:44 PM, Paul Schmehl [EMAIL PROTECTED] wrote: --On Monday, November 24, 2008 23:52:21 -0600 [EMAIL PROTECTED] wrote: Urleet: I do believe that Gadi's work with the Israeli CIRT is both common knowledge and not under NDA. Or at least the fact that he worked there isn't under NDA - I'm sure lots of specific incidents are still covered. Israel is a big enough country network-wise that I spent several years working at the national CIRT buys you a whole lot more credibility than I spent several years blogging from my mom's basement. Or even I spent several years spamming FD with useless crap that nobody cares about. Are you talking about me or Gadi? ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] [CFP] FRHACK 01 Call For Papers (save the dates!)
[CFP] FRHACK 01 Call For Papers
##
### # ###
# ###
## #
### ###
### ### #
###
### ### ###
###
### ###
###
######## ###
##
## #
### ### # ###
### #
### ### # ###
###
### #### ##
## ####
### ### ###
## ###
FRHACK: By Hackers, For Hackers! http://www.frhack.org
##
++
+ FRHACK 01
+ Call For Papers
+ September 7-8, 2009, at the Great Kursaal Hall of Besançon, France.
++
Do you like good wine, french bread food, strikes and the french kiss?
If so, you will love FRHACK!
[ - Introduction - ]
FRHACK is the First International IT Security Conference, by hackers -
for hackers, in France!
FRHACK is not commercial - but - highly technical.
Target Audience: Security Officers, Security Professionals and Product
Vendors, IT Decision Makers, Policy Makers, Security-, Network-, and
Firewall Administrators, Teachers, Academic Researchers and Software
Developers.
The FRHACK Team (TFT) encourages speakers to present new and interesting
projects for FRHACK 01 and will give preferential treatment to
submissions that have not been presented at other conferences.
Further, TFT invites any individual who has not spoken at a conference
before to submit a talk and attempt to make FRHACK their inaugural event!
TFT encourages girls passionated by IT Security to submit papers, as TFT
will offer a prize to the Best IT Security girl of the year to reward
innovation.
Papers can be submitted in English and/or French.
The conference language is either English or French.
Conference will be held in Besançon - EU, East of France, closer to
Switzerland, and aims to get together industry, government, academia and
underground hackers to share knowledge and leading-edge ideas about
information security and everything related to it.
FRHACK will feature national and international speakers and attendees
with a wide range of skills.
The atmosphere is favorable to present all facets of computer security
subject and will be a great opportunity to network with like-minded
people and enthusiasts.
[ - The venue - ]
FRHACK 01 (1st edition) will take place at the Great Kursaal Hall of
Besançon with capacity for up to 1400 people.
[*] About Besançon (stolen from http://en.wikipedia.org/wiki/Besan%C3%A7on)
Besançon is the capital and principal city of the Franche-Comté region
in eastern France. Located close to the border with Switzerland, it is
the capital of the Doubs department.
As well as being famed as one of France's finest villes d'art (art
cities), Besançon is the seat of one of France's older universities, of
France's National School of Mechanics and Micromechanics, and one of the
best known French language schools in France, the CLA. It is also
reputed to be France's most environmentally-friendly city, with a public
transport network that has often been cited as a model. On account of
the topography, the historic city centre lies at the edge of the modern
city, and hiking tracks lead straight from the centre and up into the
surrounding hills.
The Citadel of Besançon dates back to the Celtic era. In his De Bello
Gallicum, Julius Caesar already said about the fortress of Vesontio
(celtic name of Besançon) that it was one of the best defensive sites he
had ever seen.
Besançon is situated at the crossing of two major lines of
communication, the NE-SW route, following the valley of the river Doubs,
and linking Germany and North Europe with Lyon and southwest Europe, and
the N-S route linking northern France and the Netherlands with
Switzerland. A key staging post on the Strasbourg-Lyon (Germany-Spain)
route, it also has direct high-speed train (TGV) links with Paris,
Charles de Gaulle International Airport, and Lille. Unusually for a town
of its size, it does not have a commercial airport,
Re: [Full-disclosure] Updates for SSH Tectia plaintext recoveryvulnerability released
Nice teenspeak, maybe your mother can invite n3td3v over to hot cocoa and cookies? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ureleet Sent: 26. november 2008 04:26 To: n3td3v Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Updates for SSH Tectia plaintext recoveryvulnerability released On Tue, Nov 25, 2008 at 8:57 PM, n3td3v [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 12:21 AM, Ureleet [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 1:56 PM, n3td3v [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 5:52 AM, [EMAIL PROTECTED] wrote: On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said: On Mon, Nov 24, 2008 at 9:41 PM, Ureleet [EMAIL PROTECTED] wrote: On Sun, Nov 23, 2008 at 5:46 PM, n3td3v [EMAIL PROTECTED] wrote: What *does* he do then? Please enlighten the list. Yeah, you haven't got an answer, piss off. because the stuff he *does* work on, is under nda. now, of course u r going 2 come back and say something about sure it is or something unintelligent. Like I said, you haven't got an answer. Urleet: I do believe that Gadi's work with the Israeli CIRT is both common knowledge and not under NDA. Or at least the fact that he worked there isn't under NDA - I'm sure lots of specific incidents are still covered. Israel is a big enough country network-wise that I spent several years working at the national CIRT buys you a whole lot more credibility than I spent several years blogging from my mom's basement. Shit posts are shit posts it doesn't matter if you done something good in Israel back in the day. yeah, but u have _never_ done anything good. so whats ur excuse? I never claimed I was good at anything, thats where you have your wires crossed. o, so u r just some guy who reposts articles without regard 2 license of article and posts them illegally on ur site? O i c. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
--On Tuesday, November 25, 2008 03:11:01 -0600 [EMAIL PROTECTED] wrote: That, plus Russ didn't even bother to read the fine article: And to be clear, the impact would have been to render many (or nearly all) customers' network-based applications then inoperable. For instance, an Outlook 2000 client wouldn't have been able to communicate with an Exchange 2000 server. I know the users Russ supports - we'd have needed a body bag for him if he had chosen that route rather than not cause a significant impact. This wasn't a buffer overflow, the problem was that the NTLM protocol was screwed up by design - and fixing a protocol bug is usually a *lot* more painful. If you read between the lines of the article, it appears that MS added support for a fixed protocol back in XP SP2, and has decided that the number of pre-SP2 systems out there talking to updated systems has grown small enough that it's finally practical to flip the switch. That's pretty much the only way to change a protocol without a flag-day cutover - ship dual-stack during a transition, and then flip the switch when few enough old-style machines are left. Let's face it - the number of systems that have gotten compromised via SMBRelay attacks is *far* smaller than the number of boxes pwned just because they have IE installed and a user at the keyboard. The number of systems pwned via SMBRelay is *also* a lot smaller than the number of boxes that would have broken if Microsoft had fixed things the way Russ apparently wanted them to. Weird. We were the ones that reported this issue to Microsoft back in 1998 or 9 (don't recall exactly when now) or at least a part of the issue. Very strange to see it pop up after all these years. Of course they essentially told us the same thing that you describe - can't break everything to fix that one thing - wait for the next release. And you're right - it wasn't a great risk unless you were already in the network in a serious way. -- Paul Schmehl [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
--On November 25, 2008 4:25:57 AM -0600 Eric Rachner [EMAIL PROTECTED] wrote: Hey, kid - If you've got any better ideas about how to fix NTLM, the industry is ready waiting to hear them. The fact is, NTLM is an old busted protocol that happens to be used everywhere, and there's no way to fix it without breaking compatibility with, oh, just the entire installed base. I was happy to see MS08-068 because the technique it implements is better than nothing - it offers a nice, clever way to reduce the exploitability of the issue without breaking anything important. Don't bother telling us all how M$ should just bite the incompatibility bullet and turn NTLM off - that's been an option for users, theoretically speaking, since about the time Windows Kerberos support became mature, and practically speaking, nobody seems to be turning NTLM off here in the real world. Don't be silly. The answer is staring you in the face, right? Just rip out your entire infrastructure and replace it with Linux and it's all good. A few training courses to get your lusers up to speed and you racing down the information superhighway without all the evil badness clogging up your arteries. Paul Schmehl, If it isn't already obvious, my opinions are my own and not those of my employer. ** WARNING: Check the headers before replying p7s5EseU5jzWR.p7s Description: S/MIME cryptographic signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
stop deflecting, i am talking about u. not funsec you twit. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recoveryvulnerability released
maybe. u wanna cum too? On Wed, Nov 26, 2008 at 5:15 AM, Anders Klixbull [EMAIL PROTECTED] wrote: Nice teenspeak, maybe your mother can invite n3td3v over to hot cocoa and cookies? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ureleet Sent: 26. november 2008 04:26 To: n3td3v Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Updates for SSH Tectia plaintext recoveryvulnerability released On Tue, Nov 25, 2008 at 8:57 PM, n3td3v [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 12:21 AM, Ureleet [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 1:56 PM, n3td3v [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 5:52 AM, [EMAIL PROTECTED] wrote: On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said: On Mon, Nov 24, 2008 at 9:41 PM, Ureleet [EMAIL PROTECTED] wrote: On Sun, Nov 23, 2008 at 5:46 PM, n3td3v [EMAIL PROTECTED] wrote: What *does* he do then? Please enlighten the list. Yeah, you haven't got an answer, piss off. because the stuff he *does* work on, is under nda. now, of course u r going 2 come back and say something about sure it is or something unintelligent. Like I said, you haven't got an answer. Urleet: I do believe that Gadi's work with the Israeli CIRT is both common knowledge and not under NDA. Or at least the fact that he worked there isn't under NDA - I'm sure lots of specific incidents are still covered. Israel is a big enough country network-wise that I spent several years working at the national CIRT buys you a whole lot more credibility than I spent several years blogging from my mom's basement. Shit posts are shit posts it doesn't matter if you done something good in Israel back in the day. yeah, but u have _never_ done anything good. so whats ur excuse? I never claimed I was good at anything, thats where you have your wires crossed. o, so u r just some guy who reposts articles without regard 2 license of article and posts them illegally on ur site? O i c. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
You can't decide one persons actions are illegal because you don't like them and not illegal for others. On Wed, Nov 26, 2008 at 1:53 PM, Ureleet [EMAIL PROTECTED] wrote: stop deflecting, i am talking about u. not funsec you twit. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
so u admit what u do is illegal? o, and yes i can. u do the same thing with all teh ppl that u call out on these lists. like hd, pauldotcom..etc.. On Wed, Nov 26, 2008 at 9:26 AM, n3td3v [EMAIL PROTECTED] wrote: You can't decide one persons actions are illegal because you don't like them and not illegal for others. On Wed, Nov 26, 2008 at 1:53 PM, Ureleet [EMAIL PROTECTED] wrote: stop deflecting, i am talking about u. not funsec you twit. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
Copy paste snippets of news articles to mailing lists? I'm sure Cnet enjoy the extra traffic. On Wed, Nov 26, 2008 at 3:57 PM, Ureleet [EMAIL PROTECTED] wrote: so u admit what u do is illegal? o, and yes i can. u do the same thing with all teh ppl that u call out on these lists. like hd, pauldotcom..etc.. On Wed, Nov 26, 2008 at 9:26 AM, n3td3v [EMAIL PROTECTED] wrote: You can't decide one persons actions are illegal because you don't like them and not illegal for others. On Wed, Nov 26, 2008 at 1:53 PM, Ureleet [EMAIL PROTECTED] wrote: stop deflecting, i am talking about u. not funsec you twit. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v has been tracked to Slough, UK
tool. On Mon, Nov 24, 2008 at 5:17 PM, n3td3v [EMAIL PROTECTED] wrote: I'm unlikely to leave full-disclosure in your life time, so save your energy with complaining about n3td3v, im here to stay. I've got 10 / 15 years of my mailing list career to go, so get your popcorn out. If you like gadi evron thats fair enough but don't expect me to like the people you like. On Mon, Nov 24, 2008 at 9:41 PM, Ureleet [EMAIL PROTECTED] wrote: this just in. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] poc hash list ( Ignore )
RIPEMD-320: 625AEC62EE0C554E1EE2C8FDED5F22E0A0EA3B2FB7BD7023E56CF82CBBE85FA386F91FDFE8189B5E SHA-512: E7E5D1430ACA6E21D408CE81E843AE4760829F5D640AA2FBBD9C16220191665F6E298D3C931C0F3624E7CFE8059A508D027F60AD0084A26DE570C24FD7CE9BF5 Whirlpool: C3ACC19292B171CB515CF355F30A8374DD201CE980CA854F31A38B2E0331648C640CFD5C02D8D85214AC3622F295B4469B2C333CADA1837E01ECCF1EAF8AC9E6 RIPEMD-320: 4ADECF74F4956FF894BF66D27A98FA35C8C8351D3F1395C05016593E50246EB3629494D2D3C2EFE8 SHA-512: 518D83F7399E162B9FBF102F7D8571D8E264BC6A2F8C5A3CC3780762511EBD330C16AC5E80890B90B214D0865B203DD400F727AF2E4019DA6AC1543495D1B584 Whirlpool: 0AA41C492A9B87D0C2A225570BC2E98E0E92631161F2D1C3C71E007DCB781CE832B703A386DF3BBAAF5EA7C6968A36959862104F117425EBBE670CE4E8D74D60 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Comment on: 2 engineers from China sentenced for espionage
On Wed, Nov 26, 2008 at 2:40 AM, n3td3v [EMAIL PROTECTED] wrote: Mike C i'd just like to clarify that as of yet I'm not a part of your group as a matter of principle. there is a far more focussed and serious mailing list where this stuff belongs. On Mon, Nov 24, 2008 at 9:40 PM, Ureleet [EMAIL PROTECTED] wrote: name 1? On Mon, Nov 24, 2008 at 10:01 AM, n3td3v [EMAIL PROTECTED] wrote: On Mon, Nov 24, 2008 at 7:50 AM, Mike C [EMAIL PROTECTED] wrote: For what it's worth, i think the n3td3v groups feed is a bad idea because not many serious researchers have joined that group there are plenty of serious researchers on the group though they appear to be taking advantage of the feed instead of talking. I'm sure theres no reason to doubt that. The fact remains full-disclosure is where it all happens. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Anehta0.6.0 -- a new XSS Attack Platform!
2008/11/25 pst axis [EMAIL PROTECTED] Anehta is an open source XSS Attack Platform which is maintained by [EMAIL PROTECTED] Project Home: http://anehta.googlecode.com Demo Video: http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html Online Demo: http://www.secwiki.com/anehta Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip It contains a javascript framework called anehta.js which is something like attackAPI to help hackers write XSS payloads easier, and more than that ,there is an administrative panel which implemented by PHP to help manage the clients. Many good ideas are included in anehta project, some of the ideas you might never seen before. You can really maximize your profits gained from XSS by lauching anehta. I'm not sure you should word it that way. While full-disclosure is the best way to security utopia, touting a tool for it's malicious use will only serve to provide fodder to those who are opposed to full-disclosure. HD Moore has handled this well with his framework. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
On Wed, Nov 26, 2008 at 9:03 AM, n3td3v [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 3:26 AM, Ureleet [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 8:57 PM, n3td3v [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 12:21 AM, Ureleet [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 1:56 PM, n3td3v [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 5:52 AM, [EMAIL PROTECTED] wrote: On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said: On Mon, Nov 24, 2008 at 9:41 PM, Ureleet [EMAIL PROTECTED] wrote: On Sun, Nov 23, 2008 at 5:46 PM, n3td3v [EMAIL PROTECTED] wrote: What *does* he do then? Please enlighten the list. Yeah, you haven't got an answer, piss off. because the stuff he *does* work on, is under nda. now, of course u r going 2 come back and say something about sure it is or something unintelligent. Like I said, you haven't got an answer. Urleet: I do believe that Gadi's work with the Israeli CIRT is both common knowledge and not under NDA. Or at least the fact that he worked there isn't under NDA - I'm sure lots of specific incidents are still covered. Israel is a big enough country network-wise that I spent several years working at the national CIRT buys you a whole lot more credibility than I spent several years blogging from my mom's basement. Shit posts are shit posts it doesn't matter if you done something good in Israel back in the day. yeah, but u have _never_ done anything good. so whats ur excuse? I never claimed I was good at anything, thats where you have your wires crossed. o, so u r just some guy who reposts articles without regard 2 license of article and posts them illegally on ur site? O i c. The same as Funsec. Please take your misgivings offline. The list is for serious security publishing and not metaphysical banter. I'm starting to question the intentions of some of you guys. Is FD the only place to communicate? -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
On Tue, Nov 25, 2008 at 9:21 PM, Memisyazici, Aras [EMAIL PROTECTED] wrote: snip M$ should just bite the incompatibility bullet and turn NTLM off /snip No! not without losing a big big advantage it enjoys over other platforms. This will render god-knows-how-many binary apps useless and reduce the value of the windows ecosystem. If I were Microsoft, I'd really consider hard before such a decision.. see what packaging hell Linux's binary incompatibility has taken it. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Browser Rider v20081124 is out.
On Tue, Nov 25, 2008 at 4:53 AM, Benjamin Mossé [EMAIL PROTECTED]wrote: Date: 25th of November, 2008 1. What is Browser Rider? Browser Rider is a hacking framework to build payloads that exploit the browser. The project aims to provide a powerful, simple and flexible interface to any client side exploit. Browser Rider is not a new concept. Similar tools such as BeEF or Backframe exploited the same concept. However most of the other existing tools out there are unmainted, not updated and not documented. Browser Rider wants to fill those gaps by providing a better alternative. Very interesting. How often do you plan on releasing/updating this? -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Anehta0.6.0 -- a new XSS Attack Platform!
I applaud the new tool however in reference on to what Mike said take a page out of HD Moore's book and make it something to help the community. On Wed, Nov 26, 2008 at 7:47 PM, Mike C [EMAIL PROTECTED] wrote: 2008/11/25 pst axis [EMAIL PROTECTED] Anehta is an open source XSS Attack Platform which is maintained by [EMAIL PROTECTED] Project Home: http://anehta.googlecode.com Demo Video: http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html Online Demo: http://www.secwiki.com/anehta Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip It contains a javascript framework called anehta.js which is something like attackAPI to help hackers write XSS payloads easier, and more than that ,there is an administrative panel which implemented by PHP to help manage the clients. Many good ideas are included in anehta project, some of the ideas you might never seen before. You can really maximize your profits gained from XSS by lauching anehta. I'm not sure you should word it that way. While full-disclosure is the best way to security utopia, touting a tool for it's malicious use will only serve to provide fodder to those who are opposed to full-disclosure. HD Moore has handled this well with his framework. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ http://www.jewelerslounge.com/liberty-coin-cufflinks http://www.astorandblack.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Anehta0.6.0 -- a new XSS Attack Platform!
An attack platform is an attack platform, there is no take a page out of hd moore's book to make it look legal. His way isn't any more legal than this guys way, thats what you guys seem to be crossing your wires about. On Wed, Nov 26, 2008 at 6:15 PM, James Matthews [EMAIL PROTECTED] wrote: I applaud the new tool however in reference on to what Mike said take a page out of HD Moore's book and make it something to help the community. On Wed, Nov 26, 2008 at 7:47 PM, Mike C [EMAIL PROTECTED] wrote: 2008/11/25 pst axis [EMAIL PROTECTED] Anehta is an open source XSS Attack Platform which is maintained by [EMAIL PROTECTED] Project Home: http://anehta.googlecode.com Demo Video: http://hi.baidu.com/aullik5/blog/item/cb4cd5899283b093a4c272a9.html Online Demo: http://www.secwiki.com/anehta Download: http://anehta.googlecode.com/files/anehta-v0.6.0fixed.zip It contains a javascript framework called anehta.js which is something like attackAPI to help hackers write XSS payloads easier, and more than that ,there is an administrative panel which implemented by PHP to help manage the clients. Many good ideas are included in anehta project, some of the ideas you might never seen before. You can really maximize your profits gained from XSS by lauching anehta. I'm not sure you should word it that way. While full-disclosure is the best way to security utopia, touting a tool for it's malicious use will only serve to provide fodder to those who are opposed to full-disclosure. HD Moore has handled this well with his framework. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- http://www.goldwatches.com/ http://www.jewelerslounge.com/liberty-coin-cufflinks http://www.astorandblack.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] does the aim service save chat session details?
Is AIM IM purely peer to peer or a store and forward type protocol? We need to determine if we can recover a past IM chat conversation that occurred over two weeks ago. Our chat client did not have IM logging enabled so we need to know if the service archives all chat conversations for law enforcement and legal purposes. Any help would be greatly appreciated. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] does the aim service save chat session details?
On 26 Nov 08, at 11:17, AMILABS wrote: Is AIM IM purely peer to peer or a store and forward type protocol? It is neither. In most cases, the server forwards messages from client to client, but does not retain them. The client also supports a peer- to-peer mode, but it's rarely used. We need to determine if we can recover a past IM chat conversation that occurred over two weeks ago. Our chat client did not have IM logging enabled so we need to know if the service archives all chat conversations for law enforcement and legal purposes. You'll have to ask AOL about that. If there are server-side logs, they are not exposed to users. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] does the aim service save chat session details?
just remember that the ppl u r chatting w/ may b logging the conversation. id say that aim is the least of ur logging wurries. On Wed, Nov 26, 2008 at 3:42 PM, Andrew Farmer [EMAIL PROTECTED] wrote: On 26 Nov 08, at 11:17, AMILABS wrote: Is AIM IM purely peer to peer or a store and forward type protocol? It is neither. In most cases, the server forwards messages from client to client, but does not retain them. The client also supports a peer- to-peer mode, but it's rarely used. We need to determine if we can recover a past IM chat conversation that occurred over two weeks ago. Our chat client did not have IM logging enabled so we need to know if the service archives all chat conversations for law enforcement and legal purposes. You'll have to ask AOL about that. If there are server-side logs, they are not exposed to users. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Fwd: Comment on: 2 engineers from China sentenced for espionage
this just in: mike c says n3td3v's group is pointless and redundant On Wed, Nov 26, 2008 at 12:49 PM, Mike C [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 2:40 AM, n3td3v [EMAIL PROTECTED] wrote: Mike C i'd just like to clarify that as of yet I'm not a part of your group as a matter of principle. there is a far more focussed and serious mailing list where this stuff belongs. On Mon, Nov 24, 2008 at 9:40 PM, Ureleet [EMAIL PROTECTED] wrote: name 1? On Mon, Nov 24, 2008 at 10:01 AM, n3td3v [EMAIL PROTECTED] wrote: On Mon, Nov 24, 2008 at 7:50 AM, Mike C [EMAIL PROTECTED] wrote: For what it's worth, i think the n3td3v groups feed is a bad idea because not many serious researchers have joined that group there are plenty of serious researchers on the group though they appear to be taking advantage of the feed instead of talking. I'm sure theres no reason to doubt that. The fact remains full-disclosure is where it all happens. -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
if u can prove that ppl are clicking through. cnet could sue u for lsot ad revenue, the legal basis being that u arent adhereing to their license. On Wed, Nov 26, 2008 at 11:04 AM, n3td3v [EMAIL PROTECTED] wrote: Copy paste snippets of news articles to mailing lists? I'm sure Cnet enjoy the extra traffic. On Wed, Nov 26, 2008 at 3:57 PM, Ureleet [EMAIL PROTECTED] wrote: so u admit what u do is illegal? o, and yes i can. u do the same thing with all teh ppl that u call out on these lists. like hd, pauldotcom..etc.. On Wed, Nov 26, 2008 at 9:26 AM, n3td3v [EMAIL PROTECTED] wrote: You can't decide one persons actions are illegal because you don't like them and not illegal for others. On Wed, Nov 26, 2008 at 1:53 PM, Ureleet [EMAIL PROTECTED] wrote: stop deflecting, i am talking about u. not funsec you twit. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
o mike, stfu. u n3td3v loving wh0re. On Wed, Nov 26, 2008 at 12:53 PM, Mike C [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 9:03 AM, n3td3v [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 3:26 AM, Ureleet [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 8:57 PM, n3td3v [EMAIL PROTECTED] wrote: On Wed, Nov 26, 2008 at 12:21 AM, Ureleet [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 1:56 PM, n3td3v [EMAIL PROTECTED] wrote: On Tue, Nov 25, 2008 at 5:52 AM, [EMAIL PROTECTED] wrote: On Mon, 24 Nov 2008 21:56:42 GMT, n3td3v said: On Mon, Nov 24, 2008 at 9:41 PM, Ureleet [EMAIL PROTECTED] wrote: On Sun, Nov 23, 2008 at 5:46 PM, n3td3v [EMAIL PROTECTED] wrote: What *does* he do then? Please enlighten the list. Yeah, you haven't got an answer, piss off. because the stuff he *does* work on, is under nda. now, of course u r going 2 come back and say something about sure it is or something unintelligent. Like I said, you haven't got an answer. Urleet: I do believe that Gadi's work with the Israeli CIRT is both common knowledge and not under NDA. Or at least the fact that he worked there isn't under NDA - I'm sure lots of specific incidents are still covered. Israel is a big enough country network-wise that I spent several years working at the national CIRT buys you a whole lot more credibility than I spent several years blogging from my mom's basement. Shit posts are shit posts it doesn't matter if you done something good in Israel back in the day. yeah, but u have _never_ done anything good. so whats ur excuse? I never claimed I was good at anything, thats where you have your wires crossed. o, so u r just some guy who reposts articles without regard 2 license of article and posts them illegally on ur site? O i c. The same as Funsec. Please take your misgivings offline. The list is for serious security publishing and not metaphysical banter. I'm starting to question the intentions of some of you guys. Is FD the only place to communicate? -- MC ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Updates for SSH Tectia plaintext recovery vulnerability released
As they could sue everyone on Funsec and the rest of the internet for doing the same. On Wed, Nov 26, 2008 at 9:41 PM, Ureleet [EMAIL PROTECTED] wrote: if u can prove that ppl are clicking through. cnet could sue u for lsot ad revenue, the legal basis being that u arent adhereing to their license. On Wed, Nov 26, 2008 at 11:04 AM, n3td3v [EMAIL PROTECTED] wrote: Copy paste snippets of news articles to mailing lists? I'm sure Cnet enjoy the extra traffic. On Wed, Nov 26, 2008 at 3:57 PM, Ureleet [EMAIL PROTECTED] wrote: so u admit what u do is illegal? o, and yes i can. u do the same thing with all teh ppl that u call out on these lists. like hd, pauldotcom..etc.. On Wed, Nov 26, 2008 at 9:26 AM, n3td3v [EMAIL PROTECTED] wrote: You can't decide one persons actions are illegal because you don't like them and not illegal for others. On Wed, Nov 26, 2008 at 1:53 PM, Ureleet [EMAIL PROTECTED] wrote: stop deflecting, i am talking about u. not funsec you twit. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Its time to break the news to Ureleet
Its time to break the news to Ureleet so he will stop whining, I contacted Cnet 11 months ago on this very issue. Keep up with the smear campaign though Mr.leet. -- Forwarded message -- From: n3td3v [EMAIL PROTECTED] Date: Tue, Apr 22, 2008 at 8:36 PM Subject: i'm worried To: [EMAIL PROTECTED] Ok guys, here is the heads up, i've been copypasting news articles from your site and putting them on my mailing list to inform people about stuff. I worry though because i've just noticed this: http://www.cnetnetworks.com/editorial/terms.html Content on our sites Our sites include a combination of content that we create, that our partners create, and that our users create. All materials published on our sites, including, but not limited to, written content, photographs, graphics, images, illustrations, marks, logos, sound or video clips, and Flash animation, are protected by our copyrights or trademarks or those of our partners. You may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works of, distribute, publicly perform, publicly display, or in any way exploit any of the materials or content on our sites in whole or in part. If you would like to request permission to use any of the content on our sites, please review our copyright notice and visit our Permissions and Reprints page. I am worried that I might be infringing on a copy crime and i don't wish this to happen, i just want to know where i stand in the future. If you have a problem with me copying your news articles to my mailing list, let me know. this is a real worry for n3td3v, as I want to be legal and above board in everything I do. Most of the news I post to my news group is security news by Robert Vamosi. Here is a sample of the news I have been posting. http://groups.google.com/group/n3td3v/browse_thread/thread/8091aaea4594a3d I have clearly marked the article with the link to the cnet news website, so I hope this is acceptable for me to post your news because I city the original source at the bottom of the e-mail. If there is a problem with what I do, then reply making your point of view, otherwise just ignore this e-mail. I will assume silence means a green light and i've not breached the rules. All the best, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Its time to break the news to Ureleet
Are me and Gadi going to get sued? On Wed, Nov 26, 2008 at 10:23 PM, Jim Race [EMAIL PROTECTED] wrote: http://www.cnetnetworks.com/editorial/terms.html Content on our sites Our sites include a combination of content that we create, that our partners create, and that our users create. All materials published on our sites, including, but not limited to, written content, photographs, graphics, images, illustrations, marks, logos, sound or video clips, and Flash animation, are protected by our copyrights or trademarks or those of our partners. You may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works of, distribute, publicly perform, publicly display, or in any way exploit any of the materials or content on our sites in whole or in part. If you would like to request permission to use any of the content on our sites, please review our copyright notice and visit our Permissions and Reprints page. Miss this part? http://www.cnetnetworks.com/editorial/permissions.html How to get permission Please submit a permissions request form below. For information regarding hard-copy reprints, contact: Ray Trynovich the YGS group 717-399-1900, ext. 148 In all cases, if permission is granted, stories must be reproduced in their entirety, unedited, and accompanied by the following copyright statement and credit: Used with permission from CBS Interactive, Inc., Copyright 200_. All rights reserved. Note: text, photos, graphics, audio and/or video material provided via third parties, such as Reuters, shall not be published, broadcast, rewritten for broadcast or publication, or redistributed directly or indirectly in any medium. Neither third-party materials nor any portion thereof may be stored in a computer except for personal and noncommercial use. Third parties will not be held liable for any delays, inaccuracies, errors, or omissions therefrom or in the transmission or delivery of all or any part thereof or any damages arising from any of the foregoing. whoops. -jim On Wed, Nov 26, 2008 at 1:57 PM, n3td3v [EMAIL PROTECTED] wrote: Its time to break the news to Ureleet so he will stop whining, I contacted Cnet 11 months ago on this very issue. Keep up with the smear campaign though Mr.leet. -- Forwarded message -- From: n3td3v [EMAIL PROTECTED] Date: Tue, Apr 22, 2008 at 8:36 PM Subject: i'm worried To: [EMAIL PROTECTED] Ok guys, here is the heads up, i've been copypasting news articles from your site and putting them on my mailing list to inform people about stuff. I worry though because i've just noticed this: http://www.cnetnetworks.com/editorial/terms.html Content on our sites Our sites include a combination of content that we create, that our partners create, and that our users create. All materials published on our sites, including, but not limited to, written content, photographs, graphics, images, illustrations, marks, logos, sound or video clips, and Flash animation, are protected by our copyrights or trademarks or those of our partners. You may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works of, distribute, publicly perform, publicly display, or in any way exploit any of the materials or content on our sites in whole or in part. If you would like to request permission to use any of the content on our sites, please review our copyright notice and visit our Permissions and Reprints page. I am worried that I might be infringing on a copy crime and i don't wish this to happen, i just want to know where i stand in the future. If you have a problem with me copying your news articles to my mailing list, let me know. this is a real worry for n3td3v, as I want to be legal and above board in everything I do. Most of the news I post to my news group is security news by Robert Vamosi. Here is a sample of the news I have been posting. http://groups.google.com/group/n3td3v/browse_thread/thread/8091aaea4594a3d I have clearly marked the article with the link to the cnet news website, so I hope this is acceptable for me to post your news because I city the original source at the bottom of the e-mail. If there is a problem with what I do, then reply making your point of view, otherwise just ignore this e-mail. I will assume silence means a green light and i've not breached the rules. All the best, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] does the aim service save chat session details?
Thanks Andrew, according to AOL policy and terms of use et. al. Your AIM information, including the contents of your online communications, may be accessed and disclosed in response to legal process (for example, a court order, search warrant or subpoena), or in other circumstances in which AOL has a good faith belief that AIM or AOL are being used for unlawful purposes. AOL may also access or disclose your AIM information when necessary to protect the rights or property of AIM or AOL, or in special cases such as a threat to your safety or that of others So I am presuming that they do store all communications only for legal or law enforcement purposes but not for general use from the user community. Regards... -Original Message- From: Andrew Farmer [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 26, 2008 3:42 PM To: AMILABS Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] does the aim service save chat session details? On 26 Nov 08, at 11:17, AMILABS wrote: Is AIM IM purely peer to peer or a store and forward type protocol? It is neither. In most cases, the server forwards messages from client to client, but does not retain them. The client also supports a peer- to-peer mode, but it's rarely used. We need to determine if we can recover a past IM chat conversation that occurred over two weeks ago. Our chat client did not have IM logging enabled so we need to know if the service archives all chat conversations for law enforcement and legal purposes. You'll have to ask AOL about that. If there are server-side logs, they are not exposed to users. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Worried about getting sued by Cnet
Now that Ureleet has told me im breaking the law I don't know what to do, what kind of fines will I get and how long will I be in jail for? :help: Is Funsec group not got copyright material on their servers as well? http://www.linuxbox.org/pipermail/funsec Why is everyone targeting me? :help: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Microsoft takes 7 years to 'solve' a problem?!
--On November 26, 2008 1:59:27 AM -0600 Elazar Broad [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Um, NTLM isn't the only 20 or so year old protocol to take the rap recently, I can think of a low numbered rfc, lets say 1034 and 1035. Hindsight is 20/20, and 20 years ago, who would have thought that a 16 bit number was way too small for DNS transaction id, the same who would have though goes for NTLM and the rest. Lets face it, protocol design bugs suck, and to completely replace a widely used protocol ranks pretty high in the PiTA hall of fame... In that particular case Dan Bernstein not only *did* think about it but actually did something about it. It's just that no one else was listening. Paul Schmehl, If it isn't already obvious, my opinions are my own and not those of my employer. ** WARNING: Check the headers before replying p7sh1u03L3mKH.p7s Description: S/MIME cryptographic signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] URLs with hexcode-obscured IPs still work?
Today I received a phishing mail containing a link which obscures the IP-address as a hexadecimal number. The URL looks like this: http:// 0x ded 6d8a1/www.paypal.com/int ... /index.htm (Spaces added to circumvent phishing filters.) Obviously the IP-address is disguised as an hexcode, to distract unexperienced users from the fact that they are not actually visiting PayPal. This seems to be an old problem, and links like that - IMHO - just shouldn't work. They don't do when using proxy servers, but they do in some Firefox-versions, in Konqueror and in Microsoft's Internet Explorer. While the IE presents the IP-addresses in dotted-decimal format., KDE's Konqueror simply shows the hexcode-URL in the address bar. Some Info here (german): http://blog.datenritter.de/archives/421-Phisher-tarnen-IP-Adressen-als-Hexcode.html Why does this still work? n. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Worried about getting sued by Cnet
Gadi Evron done the same as n3td3v, look here: http://www.linuxbox.org/pipermail/funsec/2008-November/018748.html so why is Ureleet wanting n3td3v in jail? We've both broken the law. Maybe me and Gadi Evron can share the same jail cell? n3td3v doesn't have a criminal record and it may affect my career. :concerned: On Wed, Nov 26, 2008 at 10:44 PM, n3td3v [EMAIL PROTECTED] wrote: Now that Ureleet has told me im breaking the law I don't know what to do, what kind of fines will I get and how long will I be in jail for? :help: Is Funsec group not got copyright material on their servers as well? http://www.linuxbox.org/pipermail/funsec Why is everyone targeting me? :help: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v has been tracked to Slough, UK
no one gives a flying fuck about the pissing contest between you two, 90% of this list is NOISE and you two clowns generate 89% of it. this just in: actually it could be 99% of the 90%, i.e. 0.9*0.99. n. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] n3td3v has been tracked to Slough, UK
On Wed, Nov 26, 2008 at 11:22 PM, niclas [EMAIL PROTECTED] wrote: no one gives a flying fuck about the pissing contest between you two, 90% of this list is NOISE and you two clowns generate 89% of it. this just in: actually it could be 99% of the 90%, i.e. 0.9*0.99. n. I'm being targeted by some Blackhat group called Ureleet, I think he hates white hats. He's trying to ruin my career by talking about copyrights etc. If he makes allegations against me publicly, then i've got to respond publicly to the allegations. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] 0days services
Hello, I am selling 0days for Windows UNIX and or proposing 0days services (audit codes to find any flaw inside). Warmest Regards, NetSec Corp. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Its time to break the news to Ureleet
http://www.cnetnetworks.com/editorial/terms.html Content on our sites Our sites include a combination of content that we create, that our partners create, and that our users create. All materials published on our sites, including, but not limited to, written content, photographs, graphics, images, illustrations, marks, logos, sound or video clips, and Flash animation, are protected by our copyrights or trademarks or those of our partners. You may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works of, distribute, publicly perform, publicly display, or in any way exploit any of the materials or content on our sites in whole or in part. If you would like to request permission to use any of the content on our sites, *please review our copyright notice and visit our Permissions and Reprints page.* Miss this part? http://www.cnetnetworks.com/editorial/permissions.html *How to get permission* - Please submit a permissions request form belowhttp://www.cnetnetworks.com/editorial/permissions.html#requestform . - For information regarding hard-copy reprints, contact: Ray Trynovich [EMAIL PROTECTED] the YGS group 717-399-1900, ext. 148 - *In all cases, if permission is granted, stories must be reproduced in their entirety, unedited, and accompanied by the following copyright statement and credit: Used with permission from CBS Interactive, Inc., Copyright 200_. All rights reserved.* Note: text, photos, graphics, audio and/or video material provided via third parties, such as Reuters, shall not be published, broadcast, rewritten for broadcast or publication, or redistributed directly or indirectly in any medium. Neither third-party materials nor any portion thereof may be stored in a computer except for personal and noncommercial use. Third parties will not be held liable for any delays, inaccuracies, errors, or omissions therefrom or in the transmission or delivery of all or any part thereof or any damages arising from any of the foregoing. whoops. -jim On Wed, Nov 26, 2008 at 1:57 PM, n3td3v [EMAIL PROTECTED] wrote: Its time to break the news to Ureleet so he will stop whining, I contacted Cnet 11 months ago on this very issue. Keep up with the smear campaign though Mr.leet. -- Forwarded message -- From: n3td3v [EMAIL PROTECTED] Date: Tue, Apr 22, 2008 at 8:36 PM Subject: i'm worried To: [EMAIL PROTECTED] Ok guys, here is the heads up, i've been copypasting news articles from your site and putting them on my mailing list to inform people about stuff. I worry though because i've just noticed this: http://www.cnetnetworks.com/editorial/terms.html Content on our sites Our sites include a combination of content that we create, that our partners create, and that our users create. All materials published on our sites, including, but not limited to, written content, photographs, graphics, images, illustrations, marks, logos, sound or video clips, and Flash animation, are protected by our copyrights or trademarks or those of our partners. You may not modify, publish, transmit, participate in the transfer or sale of, reproduce, create derivative works of, distribute, publicly perform, publicly display, or in any way exploit any of the materials or content on our sites in whole or in part. If you would like to request permission to use any of the content on our sites, please review our copyright notice and visit our Permissions and Reprints page. I am worried that I might be infringing on a copy crime and i don't wish this to happen, i just want to know where i stand in the future. If you have a problem with me copying your news articles to my mailing list, let me know. this is a real worry for n3td3v, as I want to be legal and above board in everything I do. Most of the news I post to my news group is security news by Robert Vamosi. Here is a sample of the news I have been posting. http://groups.google.com/group/n3td3v/browse_thread/thread/8091aaea4594a3d I have clearly marked the article with the link to the cnet news website, so I hope this is acceptable for me to post your news because I city the original source at the bottom of the e-mail. If there is a problem with what I do, then reply making your point of view, otherwise just ignore this e-mail. I will assume silence means a green light and i've not breached the rules. All the best, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Fwd: Changes to the n3td3v mailing list group because of copyright concerns
-- Forwarded message -- From: n3td3v [EMAIL PROTECTED] Date: Thu, Nov 27, 2008 at 1:38 AM Subject: Changes to the n3td3v mailing list group because of copyright concerns To: n3td3v [EMAIL PROTECTED] Due to copyright concerns, I ask you only to post the link only to news articles if you are posting. Copy pasting text may be against the law. Please only post the link to news articles not the text. Thank you for your understanding, n3td3v ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Worried about getting sued by Cnet
I have previously had long discussions with a lawyer friend, who has assured me that it is quite alright for copyrighted material to be quoted for critical analysis. This information should prove helpful here. -- MC On Thu, Nov 27, 2008 at 4:47 AM, n3td3v [EMAIL PROTECTED] wrote: Gadi Evron done the same as n3td3v, look here: http://www.linuxbox.org/pipermail/funsec/2008-November/018748.html so why is Ureleet wanting n3td3v in jail? We've both broken the law. Maybe me and Gadi Evron can share the same jail cell? n3td3v doesn't have a criminal record and it may affect my career. :concerned: On Wed, Nov 26, 2008 at 10:44 PM, n3td3v [EMAIL PROTECTED] wrote: Now that Ureleet has told me im breaking the law I don't know what to do, what kind of fines will I get and how long will I be in jail for? :help: Is Funsec group not got copyright material on their servers as well? http://www.linuxbox.org/pipermail/funsec Why is everyone targeting me? :help: ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
