[Full-disclosure] (no subject)

http://www.lestes.net/wp-content/themes/default/life.html___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] Windows is 100% self-modifying assembly code? (Interesting security theory)

On 12/9/2010 8:39 PM, John Jester Wilham Patrick III wrote: From Andrew Auernheimer's Diary / irc memories: Windows is written in pure, self-modifying assembly code. Notice how you can install 15 gigs of data from a

Re: [Full-disclosure] Evilgrade 2.0 - the update explotation framework is back

On Sun, Oct 31, 2010 at 10:36 AM, valdis.kletni...@vt.edu wrote: On Sun, 31 Oct 2010 13:09:27 BST, Mario Vilas said: Just signing the update packages prevents this attack, so it's not that hard to fix. Except if a signing key gets compromised, as happened to one Linux vendor recently,

Re: [Full-disclosure] Evilgrade 2.0 - the update explotation framework is back

I do not believe anyone is 'ptoposing' anything. All he said was that package signing should not be taken as a silver bullet, for experience has shown that the key's themselves are capable of being compromised if a vendor is successfully attacked. Exactly what I would expect from *.edu I

Re: [Full-disclosure] New tool for pentesting

- Forwarded Message From: Jhfjjf Hfdsjj taser3...@yahoo.com To: runlvl run...@gmail.com Sent: Fri, September 17, 2010 3:26:44 AM Subject: Re: [Full-disclosure] New tool for pentesting Are you expecting us to believe that a windows only supported penetration tool with absolutely

Re: [Full-disclosure] Tuscl.net SQL injection with 30k Plain Text Passwords 80k Email list

Well, one thing I will point out is that the link you submitted for the actual SQL injection doesnt seem to work. Either they fixed it or you messed up the link. From: Ben iluv2c...@gmail.com To: full-disclosure@lists.grok.org.uk Sent: Fri, September 3, 2010

Re: [Full-disclosure] Day of bugs in WordPress 2

Ed is the standard text editor. On Fri, Jul 30, 2010 at 6:13 AM, Elazar Broad ela...@hushmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ed or nano? :) On Thu, 29 Jul 2010 20:47:19 -0400 valdis.kletni...@vt.edu wrote: On Thu, 29 Jul 2010 17:18:28 PDT, Zach C said: So if

Re: [Full-disclosure] ATTENTION FBI - Want the real names folks involved in the iPad hack???

Wow, way to be a fricken racist snitch. - Forwarded Message From: IRC FRAUD ALERT ircfraudal...@gmail.com To: full-disclosure full-disclosure@lists.grok.org.uk Sent: Thu, July 8, 2010 8:46:40 PM Subject: [Full-disclosure] ATTENTION FBI - Want the real names folks involved in the iPad

Re: [Full-disclosure] Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly

Hey just wanted to say that my default installation of Windows 7 doesnt seem vulnerable~no hcp protocol handler. Just thought some people would like to take note :) - Original Message From: Tavis Ormandy tav...@cmpxchg8b.com To: full-disclosure@lists.grok.org.uk Cc: