If you all think XSS, even reflected or DOM-based sucks..probably you don't
know the BeEF project.
I would suggest you to take a look at http://beefproject.com , try it, and
see yourself what you can do :-)
Cheers
antisnatchor
On 10 Oct 2011 02:56, xD 0x41 sec...@gmail.com wrote:
YEP!
When ya
Hello Michele,
I will take a look, because honestly, I dont see anything good about NON
persistent xss, so i will have a look and see, thanks :)
cheers
xd
On 10 October 2011 17:24, Michele Orru antisnatc...@gmail.com wrote:
If you all think XSS, even reflected or DOM-based sucks..probably you
Sorry about that. List, please, accept my apologies.
From: javierba...@gmail.com
Date: Sun, 9 Oct 2011 18:44:19 -0300
To: full-disclosure@lists.grok.org.uk
Subject: Re: [Full-disclosure] Some hash values
On Sun, Oct 9, 2011 at 2:44 PM, Michal Zalewski lcam...@coredump.cx wrote:
I
gunzip the archive then use tar. I also made a zip file which contains the
extracted .dll and the .sys file and uploaded it
herehttp://www.2shared.com/file/QWyk-yCp/bundestrojaner.html
.
2011/10/10 xD 0x41 sec...@gmail.com
Interesting... although that archive seems corrupt... id like to see
Interesting... although that archive seems corrupt... id like to see abit
more about this but, very interesting indeed.. specially skype id
harvesting, what could this be for.
I hope that was a sarcastic Now what could this *possibly* be for? :)
Are there any statistics for how often this
Hi,
I have documented an obfuscation technique that could be used in
putting up stealth Web Application back-doors . This paper was part of
this years c0c0n presentation. Interested people Please send your
comments and suggestions on the forum .
The day may come when Wall Street is finally silent, the slowly rotting
carcasses of the power hungry elites swinging silently from the trees in
Central park, the lynch mob finally satiated... But will anything change?
Greed will always exist, there will always be those who think they can get
He who believes the 99% are not guilty of greed is a downright fool.
The 1%? I don't care. Honestly, I don't.
Fun quote (from the 99% crowd): Why does the 1% deserve a Ferrari and I
don't?!
On Mon, Oct 10, 2011 at 10:43 AM, Darren Martyn
d.martyn.fulldisclos...@gmail.com wrote:
The day
We all are guilty, that is true. I can admit to that. Though what I
intensely dislike are those who think they are better than us - because they
are more successful at being greedy pigs.
On Mon, Oct 10, 2011 at 9:54 AM, Christian Sciberras uuf6...@gmail.comwrote:
He who believes the 99% are not
What's that got to do with everything?
You can't go force everyone to wear thorn jeans just because you feel
inferior when faced with a formal suit.
That, as well as the fact that the guy that got $1M in his bank account
rightly has what to brag about.
If you just can't get over it, get that
Hello Readers,
Here are with the Issue-21, October 2011 of ClubHack Magazine. This time too
we are with continuing Malware theme.
This issue covers following articles:-
0x00 Tech Gyan - Low Profile Botnets
0x01 Tool Gyan - Demystifying the Android Malware
0x02 Mom's Guide - MALDROID
0x03 Legal
http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/
This is news to me.
Moreover, I'm a bit confused as to how they don't track how it's coming
back.
I mean, how is it possible that no one stepped in and analyzed how the virus
acts and where it came from?
It sounds fish if you ask
Yes, why say anything that way???
-Original Message-
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Thor
(Hammer of God)
Sent: Thursday, October 06, 2011 1:31 PM
To: Georgi Guninski; full-disclosure@lists.grok.org.uk
iPhones... Why sir, surely you know a Nokia 3210 is far superior in
conditions where it may be dropped?
Sure, the guy with $1,000,000 can brag if he wants. Just if he has screwed
over thousands of hardworking people to get that, and sees hisself as
untouchable... Then he should suffer the
Yeah Darren, wish we all could get off like that $1M guy, screwing off
hardworking people while doing nothing.
That'd be the life.
Wonder what's stopping us all from doing it?
On Mon, Oct 10, 2011 at 3:41 PM, Darren Martyn
d.martyn.fulldisclos...@gmail.com wrote:
iPhones... Why sir,
I'm talking more about their engineers than their network.
If I had my network infected with a virus, I'd immediately deploy some form
of logging/monitoring tool (eg, wireshark).
Honestly, it all sounds like they're employing inexperienced engineers.
Which is again strange, considering the field
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:147
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2011:146
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/10/2011 15:01, Christian Sciberras wrote:
Yeah Darren, wish we all could get off like that $1M guy, screwing off
hardworking people while doing nothing.
That'd be the life.
Wonder what's stopping us all from doing it?
A social
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2321-1 secur...@debian.org
http://www.debian.org/security/Moritz Muehlenhoff
October 10, 2011
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2322-1 secur...@debian.org
http://www.debian.org/security/Jonathan Wiltshire
October 10, 2011
It's a network that's 'detached', or 'segregated', or whatevered from the
rest of the world, so it's 'largely immune to viruses'. That likely means
they have:
1. NO logging
2. NO anti-virus
3. NO hardening
The very fact that these systems are on a segregated network means they are
probably more
URL: http://www.acap.pt/iframe.php?MIT=0p=http://www.extremelyawesomesite.com
HACXX
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Or people who think they are better because of the color of their skin.
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Darren Martyn
Sent: Monday, October 10, 2011 3:29 AM
To: Christian Sciberras
Cc:
Consider the source. It’s “someone close” to the operations, and that only
according to this guy. It could very well be a slot-puller in the casino
across the street… I’m always dubious of the reporting of this type of thing
where the source is some “secret” person, and where there is never
Since it very much discredits and puts the AA to shame, isn't it quite
plausible that some department's lawyers fall over this guy's claims?
Maybe the article has been written specifically for people to draw the wrong
conclusion - happens too often - but still...
On Mon, Oct 10, 2011 at
I know in the old days (15 years ago) – there were networks that were
completely separate from the outside world. I remember trying to do telephone
tech support to someone on a secure network…
Tell him to do “this”
He puts down the phone, goes through physical security, tries “this”
He comes
That would make the joke of the year.
No, REALLY.
On Mon, Oct 10, 2011 at 6:08 PM, Dave m...@propergander.org.uk wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/10/2011 15:01, Christian Sciberras wrote:
Yeah Darren, wish we all could get off like that $1M guy, screwing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The report states that they have been using flash drives for map
and video data transfer. The source is probably some flight
operators personal drive which never came under the microscope,
that and well...it's an *isolated* network so proper security
American express also utilizing case-insensitive password storing.
On 10/5/2011 11:55 PM, John Doe wrote:
http://qnrq.se/full-disclosure-american-express/
___
Full-Disclosure - We believe in it.
Charter:
“We think it’s benign. But we just don’t know.”
LOL
dude, that was funnier than any steve jobson's jokes so far...
On Mon, Oct 10, 2011 at 8:51 AM, Christian Sciberras uuf6...@gmail.com wrote:
http://www.wired.com/dangerroom/2011/10/virus-hits-drone-fleet/
This is news to me.
Moreover, I'm
A lot of the banking industry uses lowercase only. Easier to type form a
telephone handset. Legacy system suckage.
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Rack911
Security Lists
Sent: Monday, October 10, 2011 10:58 AM
To:
Just look at the replies on FD as well – people saying “most likely means
A,B,C” and “probably this or that” where they have absolutely no basis for
making such statements. People “want” this to be the case, and are more than
willing to simply accept any such claim as gospel. I would have
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 21f5d5f72
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Per request.
From: andrew.wallace [mailto:andrew.wall...@rocketmail.com]
Sent: Monday, October 10, 2011 11:50 AM
To: Christian Sciberras; full-disclosure; Thor (Hammer of God); Elazar
Broad; Michael Schmidt; Michael T
Subject: Re: [Full-disclosure] “We keep wiping it off, and it keeps coming
I have no idea, I assume – this is usually what they mean when they talk about
an “air barrier”
From: evejou [mailto:g...@techn0ev3.net]
Sent: Monday, October 10, 2011 1:04 PM
To: Michael Schmidt
Cc: Thor (Hammer of God); Christian Sciberras; Michael T;
full-disclosure@lists.grok.org.uk
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Well, I know a local datacenter (can't be more than 10 years old) makes use
of a Faraday cage around it.
And it doesn't really keep any mission-critical equipment, so I guess others
out there do the same.
Depending on the type of cage/shielding (don't know about the local one) it
can completely
By the way, to reply to a certain n3td3v... locating anything does not
imply being clueless on what's going on, which seems to be their on-going
issue.
While at it, a reply to Thor, just to switch subjects for a bit; shield law
doesn't apply when a journalist/reporter falsifies information to get
As someone kind of young (and thus no historical recollection), I'm kind of
surprised that this is talked about in past-tense. Does this not happen
anymore? I could see how this could get super annoying after awhile.
On Mon, Oct 10, 2011 at 2:09 PM, Michael Schmidt mschm...@drugstore.comwrote:
Somebody posted the following;
I'm just curious to these questions. It's strange to hear someone
saying we basically have no idea what's going on.
Doesn't sound funny to me, happens to me all the time. That's how I
learn.
Dan S.
___
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 21f5d5f72
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
Well, it SHOULDN'T happen to people that are supposedly trained to overcome
such issues.
It's like engineers are inexperienced prior to a nuclear reactor meltdown.
While I wouldn't expect the engineers to have first-hand experience in
dealing with such issues, it still doesn't excuse them from
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201110-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - -
My worst nightmare is that it's something like this
We wipe the virus from the network, then when Bob uses his flash drive for a
map update we get it again, weird huh?
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Christian
Depending on the type of cage/shielding (don't know about the local one) it
can completely block communications...
As i know, ISP are now blocking the infected subnets, and thus cuttiong off
even scanning from being possible... but, it only takes a new bug to bypass
this, and in windows and linux
Hi, interesting,
I am just thinking about the ytansfer protocol it may be using to spread
through many of the pcs... thousands there was at one stage, and now to see
that they are using FLASH/USB?SANDISK?Whatever-the-brand Flash disks, wich i
know can be very easily used to carry a nice healthy
I will say, with Botnets, and bots in general, i dont see much talented
people on FD... although, seems many can decrypt them, so, makes me wonder ,
it is a train-of-thought also, i guess this is where hat colors take
control.. black hats would say, go read some bot src and wake up FD, while
white
with WikiLeaks and Stuxnet
Stuxnet is *not* stoppable
If you have seen any of its real code, i guess you would see why ...
wikileaks will stop... goodluck with stuxnet, that stops when the owner says
so,... not before... i dont think anyone or anything could , thats just how
it is coded,
On Mon, Oct 10, 2011 at 4:54 AM, Christian Sciberras uuf6...@gmail.com wrote:
He who believes the 99% are not guilty of greed is a downright fool.
The 1%? I don't care. Honestly, I don't.
Fun quote (from the 99% crowd): Why does the 1% deserve a Ferrari and I
don't?!
Different things motivate
If its bot net code and it is behind an air barrier then it will never phone
home. They can take their time to kill it because it will never get
instructions to do anything. If it's something more destructive then maybe they
need to call in someone more experienced. But it does not sound
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/10/2011 23:52, xD 0x41 wrote:
I will say, with Botnets, and bots in general, i dont see much talented
people on FD...
It might just be a case of those with the least talent making the most noise,
whilst the really talented remain pretty
Is obvious, this is a very well made executable :)
Or, set up well to spread and then hide, and doing so with even its phone
home, wich is normal nowdays, for example consider an ircd, it uses
PING/PONG, what if you change the rfc, and use ascii characters,then do this
to the bot, remove USER mode
Oh, whoever has made this .exe is NO idiot...
I can already see that for this bug to be readding itself, there must be
active servers obviously, wich would have the bots connected for command,
dumping of infos to other channels by using say
!pstore get *rover-*|grep *mars*transmission-request-FIN*
On 10/10/2011 08:41 PM, Dave wrote:
It might just be a case of those with the least talent making the most noise,
whilst the really talented remain pretty quiet.
Please discuss ;-)
Well played, sir.
___
Full-Disclosure - We believe in it.
58 matches
Mail list logo
