[Full-disclosure] Pytbull v1.0 release now available
Hi guys, A new major Pytbull version (version 1.0) has been released, with following features: - Support of other IDS/IPS than just Snort Suricata, provided you can grab the alerts file via FTP (the parameter -i doesn't exist anymore). - Pattern matching feature, enabling to specify a regex in the tests (optional), that will be compared to the alerts triggered for each payload. A flag will then indicate for each test if succeeded or failed. - A new module has been added: pcapReplay, enabling to replay traffic from a pcap file - Issue #1 (f.close()) has been fixed You can try this new release from this link: http://pytbull.googlecode.com/files/pytbull-1.0.tar.bz2 Full documentation is still available here: http://www.aldeid.com/index.php/Pytbull -- Cordialement/Regards, Sébastien Damaye http://www.aldeid.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Vulnerabilities in Silverstripe CMS
Hello list! I want to warn you about Brute Force, Insufficient Anti-automation and Abuse of Functionality vulnerabilities in Silverstripe CMS. - Affected products: - Vulnerable are Silverstripe CMS 2.4.5 and previous versions. -- Details: -- Brute Force (WASC-11): http://site/Security/login Insufficient Anti-automation (WASC-21): http://site/contact-us/ http://site/Security/lostpassword In these forms there is no protection against automated requests (captcha). Abuse of Functionality (WASC-42): http://site/Security/lostpassword In this functionality it's possible to reveal e-mails of the users which are logins in the system. About Fingerprinting (WASC-45) vulnerability in this CMS I wrote separately (http://websecurity.com.ua/5130/). Timeline: 2011.03.22 - announced at my site. 2011.03.26 - informed developers. 2011.05.06 - disclosed at my site. I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/5026/). Best wishes regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Benji Rules the world
Hi FD! Hope you are doing good. I have hacked FBI and NASA :) and I think I am at the top of the world. I am a fu**ing a$$h0le ... I am Gay and am Fu**ing proud of it coz I can take not 1..not 2... not 3... but 10 at a time in my a$$ In case anyone is !nterested let me know coz I can take it up my ears, nose, my holes :D ... And I am good at Su**ing too. :D Lots of love, Benji xoxox ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Benji Rules the world
So... turns out someone doesnt like me. Delivered-To: full-disclosure@lists.grok.org.uk Received-SPF: pass (lists.grok.org.uk: domain of www-d...@pentester.cz designates 77.78.105.15 as permitted sender) Received: from emkei.cz (unknown [77.78.105.15]) On Sun, May 8, 2011 at 3:16 PM, Benji m...@b3nji.com wrote: Hi FD! Hope you are doing good. I have hacked FBI and NASA :) and I think I am at the top of the world. I am a fu**ing a$$h0le ... I am Gay and am Fu**ing proud of it coz I can take not 1..not 2... not 3... but 10 at a time in my a$$ In case anyone is !nterested let me know coz I can take it up my ears, nose, my holes :D ... And I am good at Su**ing too. :D Lots of love, Benji xoxox ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Benji Rules the world
did I forget to mention that I am suffering from split personality as well and not forgetting, I have a 0.2 inch dIcK !!! ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Important notice to FullDisclosure
Hello FD, I would like to inform you that I am in love with Cal. If only we could meet up some day and have fun. Thank you FD for bringing us together. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Benji Rules the world
Hi FD! Hope you are doing good. I have hacked FBI and NASA :) and I think I am at the top of the world. I am a fu**ing a$$h0le ... I am Gay and am Fu**ing proud of it coz I can take not 1..not 2... not 3... but 10 at a time in my a$$ In case anyone is !nterested let me know coz I can take it up my ears, nose, my holes :D ... And I am good at Su**ing too. :D Lots of love, Benji xoxox How about if you stop this bullshit and maybe get a life too? You sound like a retarded kid. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This Afternoons Emails
X-Original-To: full-disclosure@lists.grok.org.uk Delivered-To: full-disclosure@lists.grok.org.uk Received-SPF: pass (lists.grok.org.uk: domain of www-d...@pentester.cz designates 77.78.105.15 as permitted sender) Received: from emkei.cz (unknown [77.78.105.15]) by lists.grok.org.uk (Postfix) with ESMTP id 1522088 for full-disclosure@lists.grok.org.uk; Sun, 8 May 2011 15:23:31 +0100 (BST) Received: by emkei.cz (Postfix, from userid 33) id 5CEE581AAD8; Sun, 8 May 2011 16:16:44 +0200 (CEST) emkei.cz is the mail spoofer they are using. On Sun, May 8, 2011 at 6:00 PM, Benji m...@b3nji.com wrote: Just to make it clear that none of these emails have been, and will be (as I expect there are more to come) me. Check headers if you dont believe me. Unfortunate F-D mail server doesnt know how to do SPF properly. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This Afternoons Emails
I think most of us had guessed that .. nobody but his mother could love Cal!! ;-) Gary B On 05/08/2011 01:00 PM, Benji wrote: Just to make it clear that none of these emails have been, and will be (as I expect there are more to come) me. Check headers if you dont believe me. Unfortunate F-D mail server doesnt know how to do SPF properly. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This Afternoons Emails
An even that isn't a slam dunk :) From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Gary Baribault Sent: Sunday, May 08, 2011 10:11 AM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] This Afternoons Emails I think most of us had guessed that .. nobody but his mother could love Cal!! ;-) Gary B On 05/08/2011 01:00 PM, Benji wrote: Just to make it clear that none of these emails have been, and will be (as I expect there are more to come) me. Check headers if you dont believe me. Unfortunate F-D mail server doesnt know how to do SPF properly. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This Afternoons Emails
Oh gee, thanks. On 8 May 2011 18:11, Gary Baribault g...@baribault.net wrote: I think most of us had guessed that .. nobody but his mother could love Cal!! ;-) Gary B On 05/08/2011 01:00 PM, Benji wrote: Just to make it clear that none of these emails have been, and will be (as I expect there are more to come) me. Check headers if you dont believe me. Unfortunate F-D mail server doesnt know how to do SPF properly. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] This Afternoons Emails
You can rather start with discussing how to help Mr.David -- I am Mr. David Simon from Benin in West Africa closer friend to Chief James Ibor Due to caliber of person i am confidence in trust this young man kept total of $8million USD under my care droning his regime administrator stand as governor of delta state. Note there is no risk involved because this young man call me with assurance to go ahead and establish the fund under investment project and I am contact to help me look for a good business in your country to invest the money. I want you to take this means as an opportunity of starting up a profitable investment so that we can share the profit on percentage basis. Contact me Email (davidsimon20...@live.co.uk).Sothat both of us can reason together and work toward the project. I am waiting to hear from you so that i can give you all the details of the funds. God Bless you Best Regard Mr.David Simo Regards; w0lf www.maestro-sec.com -- sent from BlackBerry -- -Original Message- From: Christian Sciberras uuf6...@gmail.com Sender: full-disclosure-boun...@lists.grok.org.uk Date: Sun, 8 May 2011 21:07:05 To: Cal Leemingc...@foxwhisper.co.uk Cc: full-disclosure@lists.grok.org.ukfull-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] This Afternoons Emails ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] WTF
Hi, On Sat, May 7, 2011 at 12:19 AM, Gustavo gustavorober...@gmail.com wrote: WTF ? notebook:~$ ping www.compusa.com PING bh.georedirector.akadns.net (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.019 ms notebook:~$ ping www.tigerdirect.com PING bh.georedirector.akadns.net (127.0.0.1) 56(84) bytes of data. 64 bytes from localhost.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.022 ms Hehe...This is funny. Well, to me, *bh.georedirector.akadns.net* seems to be the culprit. Here is what I got on my box... $ host compusa.com compusa.com has address 206.191.131.89 compusa.com mail is handled by 10 mail.highspeedbackbone.net. $ host www.compusa.com www.compusa.com is an alias for compusa.syx.com.akadns.net. compusa.syx.com.akadns.net is an alias for bh.georedirector.akadns.net. bh.georedirector.akadns.net has address 127.0.0.1 $ host tigerdirect.com tigerdirect.com has address 206.191.131.89 tigerdirect.com mail is handled by 10 mail.highspeedbackbone.net. $ host www.tigerdirect.com www.tigerdirect.com is an alias for wwwtigerdirect.syx.com.akadns.net. wwwtigerdirect.syx.com.akadns.net is an alias for bh.georedirector.akadns.net. bh.georedirector.akadns.net has address 127.0.0.1 Even if you ask same questions to OpenDNS(208.67.222.222) or Google DNS servers(8.8.8.8) They say... $ host bh.georedirector.akadns.net 208.67.222.222 Using domain server: Name: 208.67.222.222 Address: 208.67.222.222#53 Aliases: bh.georedirector.akadns.net has address 127.0.0.1 $ host bh.georedirector.akadns.net 8.8.8.8 Using domain server: Name: 8.8.8.8 Address: 8.8.8.8#53 Aliases: bh.georedirector.akadns.net has address 127.0.0.1 OR asking same thing to some of Nameservers of akadns.net, I got... $ host -t ns akadns.net akadns.net name server eur1.akadns.net. akadns.net name server zc.akadns.org. akadns.net name server zd.akadns.org. akadns.net name server use3.akadns.net. akadns.net name server asia9.akadns.net. akadns.net name server zb.akadns.org. akadns.net name server usw2.akadns.net. akadns.net name server za.akadns.org. akadns.net name server use4.akadns.net. $ host bh.georedirector.akadns.net eur1.akadns.net Using domain server: Name: eur1.akadns.net Address: 195.59.44.134#53 Aliases: bh.georedirector.akadns.net has address 127.0.0.1 $ host bh.georedirector.akadns.net asia9.akadns.net Using domain server: Name: asia9.akadns.net Address: 222.122.64.133#53 Aliases: bh.georedirector.akadns.net has address 127.0.0.1 $ host bh.georedirector.akadns.net za.akadns.org Using domain server: Name: za.akadns.org Address: 96.6.112.198#53 Aliases: bh.georedirector.akadns.net has address 127.0.0.1 Just my two cents. BTW, if anyone has any idea, is this intentional or something? Thanks, Sagar Belure Security Analyst Secfence Technologies www.secfence.com ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/