Reading the paper now.
The previous one about internals was awesome.
enumerating badness keyword :D ROFL
Cheers
antisnatchor
On Mon, Nov 5, 2012 at 3:14 PM, Tavis Ormandy tav...@cmpxchg8b.com wrote:
List, I've completed the second paper in my series analyzing Sophos
Antivirus internals,
Full Disclosure, like old times.
Unfortunately lawsuits are a scary beast.
Finally, honestly, not interested in buying a new kitchen for my house.
Cheers
antisnatchor
On Mon, Nov 5, 2012 at 3:29 PM, Michele Orru antisnatc...@gmail.com wrote:
Reading the paper now.
The previous one about internals
Sacco jsa...@exploitpack.com wrote:
Michele Orru.. Sorry to write you directly to the list.. But you did it
too.. So.. please allow me to answer..
Exploit Pack != Beef ... Just similar projects.. different approaches
In fact you came to a webcast where I showed the code of Exploit Pack... I
An btw, his WebSecurity tool is a pure clone of BeEF.
If you try it, and analyze the Javascript hook file, is the same thing.
He just change the global variable name from beef to bot, leaving
everything else :D including the BeEF version he used to copy from.
LOL.
On Sun, May 20, 2012 at 8:30
Nice one.
I thought behaviors like these were already fixed, but
I was wrong :D
Certainly something to add to BeEF.
Pity I will not be at HITB.
Cheers
antisnatchor
On Wed, May 16, 2012 at 6:29 PM, Nicolas Grégoire
nicolas.grego...@agarri.fr wrote:
Uploading a SVG chameleon (SVG file triggering
Mario Heiderich did a lot of research on that, he found so many bugs
that allowed
to embed Javascript in SVG images.
Nice stuff Nick btw,
Cheers
antisnatchor
On Wed, May 16, 2012 at 10:13 AM, Dan Kaminsky d...@doxpara.com wrote:
Yeah, there's a bunch of wild stuff in SVG. The browsers ignore
LOL :D
loosers
Cheers
antisnatchor
On Thu, Apr 26, 2012 at 3:07 PM, Mario Vilas mvi...@gmail.com wrote:
The exploitpack.com website and the video have been removed... (maybe
we can call this a legally induced denial of service vulnerability?)
On Tue, Apr 24, 2012 at 12:31 PM, Michele Orru
I'm also wondering if your tool is a clone of our BeEF or not :D
Cheers
antisnatchor
On Tue, Apr 24, 2012 at 11:25 AM, Jerome Athias jer...@netpeas.com wrote:
Hi,
I think that people here would be more interested by the (new?)
techniques you're using in your tool than by your own (not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jann Horn wrote:
2012/2/25 Dimitris Glynos dimit...@census-labs.com:
Pidgin transmits OTR (off-the-record) conversations over DBUS in
plaintext. This makes it possible for attackers that have gained
user-level access on a host, to listen in on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Take a look at http://beefproject.com internals.
We're using that header.
Actually it depends how do you use it.
It's like crossdomain.xml: you can use a wildcard or not,
it's up to you.
Cheers
antisnatchor
David Blanc wrote:
Does
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michal Zalewski wrote:
Does 'Access-Control-Allow-Origin' header provide any benefits in
defending against cross site scripting attacks?
No. It's a mechanism to control cross-origin XMLHttpRequests (and some
other peripheral things), and
On Mon, Feb 6, 2012 at 11:56 AM, Roman Medina-Heigl Hernandez
ro...@rs-labs.com wrote:
Folks at @vupen seems to have it exploited the hard way.
We successfully exploited the recent Sudo local root / format string vuln
including full bypass of FORTIFY_SOURCE #GotRoot
Yep, looks like.
I hope
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm very courious to know why Google is not taking caring about Open
Redirection issues.
I know what Chris think about it:
http://scarybeastsecurity.blogspot.com/2010/06/open-redirectors-some-sanity.html
Anyway, IMHO I guess it's better and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Great PoC Michal,
I tested the orig PoC on Chrome 15, Opera 11.52 and FF 8.1 on Mac OSX
10.6.8 and is reliable.
I'm certainly adding it to the BeEF project.
Cheers
antisnatchor
Michal Zalewski wrote:
Evening,
This party trick is not
Correction or not correction, this VoxSmart tool just sucks.
How come they are vulnerable to auth bypass with or 1=1--???
Hey, we're in 2012 (almost)...wake up
ahaha
Cheers
antisnatchor
On Fri, Dec 2, 2011 at 10:58 AM, Piotr Duszynski pi...@duszynski.eu wrote:
Small correction regarding
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It seems that even XSS, XSRF and SQLi are accepted...
Interesting.
Cheers
antisnatchor
Georgi Guninski wrote:
http://www.theregister.co.uk/2011/11/02/secunia_vulnerability_rewards/
Secunia jumps on vuln reward bandwagon
have in mind the list is
If you all think XSS, even reflected or DOM-based sucks..probably you don't
know the BeEF project.
I would suggest you to take a look at http://beefproject.com , try it, and
see yourself what you can do :-)
Cheers
antisnatchor
On 10 Oct 2011 02:56, xD 0x41 sec...@gmail.com wrote:
YEP!
When ya
of
data: you can always
resell it to some agencies/black-market that are hungry of that, as
you do with CCs.
Ciao
Michele Orru'
/antisnatchor
Fabio Pietrosanti (naif)
June 19
so difficult to use pangolin :-)
wtf
/antisnatchor
iSpy Team wrote:
[ TABLES: 156 ] : pangolin_test_table
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
Already twitted today.
Pretty scary btw. I hope there's not the equivalent for Android.
antisnatchor
Thor (Hammer of God)
April 20, 2011 9:05 PM
/italian/
eh bona con sti advisory di merda.
hai rotto il cazzo mustlive.
ma non ti senti un noob ad usare acunetix e riportare le
vulnerabilita?
e poi sempre sulla stessa roba cristo...
non farmi aggiungere una regola anti-spam per il tuo indirizzo di
OpenCMS = 7.5.3 multiple vulnerabilities
Name: OpenCMS = 7.5.3 multiple vulnerabilities
Systems Affected: OpenCMS = 7.5.3
Severity: High
Vendor: http://www.opencms.org
Advisory: http://antisnatchor.com/opencms_7.5.3_multiple_vulnerabilities
Author: Michele antisnatchor Orru (michele.orru AT
DotCloud Beta Multiple Vulnerabilities
Name: DotCloud Beta Multiple Vulnerabilities
Systems Affected: DotCloud current beta
Severity: Medium
Vendor: http://www.dotcloud.com
Advisory: http://antisnatchor.com/dotcloud_beta_multiple_vulnerabilities
Author: Michele antisnatchor Orru
ahahaahah...what kind of haze did you smoke this time Mr. asmo?
Take it easy with drugs :)
antisnatchor
Christian Sciberras
February 28, 2011 10:04 PM
Chris Evans
February 23, 2011 1:35 AM
On Tue, Feb 22, 2011 at 2:42 PM, Michal Zalewski lcam...@coredump.cx
wrote:
If you thing that some statements from MustLive like the following:
"
Full path disclosure (WASC-13):
At POST request to the page with form with using of Cyrillic char in
parameter op, the error message is showing, which consists the full path on
the system.
wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
[Full-disclosure] [AntiSnatchOr] Drupal = 6.20 insecure Captcha defaults
PoC
Michele Orru antisnatchor at gmail.com
Thu Feb 10 12:15:01 GMT 2011
Drupal = 6.20 insecure Captcha defaults PoC
Name
On Tue, Feb 15, 2011 at 12:25 AM, Eyeballing Weev
eyeballing.w...@gmail.com wrote:
On Mon, Feb 14, 2011 at 4:54 PM, MustLive mustl...@websecurity.com.ua
wrote:
Hello Michele!
Few days ago I saw your advisory about Drupal's captcha. It's interesting
advisory, but I have one note concerning
Drupal = 6.20 insecure Captcha defaults PoC
Name: Drupal = 6.20 insecure Captcha defaults PoC
Systems Affected: Drupal = 6.20 with Captcha = 2.3
Severity: Medium
Vendor: http://drupal.org
Advisory: http://antisnatchor.com/Drupal_insecure_Captcha_defaults_PoC
Author: Michele antisnatchor
ahaah.
Nice reply Sparky.
MustLive, seems you've been defaced :-)
antisnatchor
laurent gaffie
February 5, 2011 3:36 AM
Hey
I agree with Mostafa.
Leaving DB errors on a production web application is not a good thing:
more than that, hundreds of articles
have been written about Information Disclosure/Leakage (as you want to call it).
Some months about I was blogging on reflected XSS in Java Exception
stack trace: nice
Eclipse BIRT = 2.2.1 Reflected XSS
Vendor: Eclipse
Advisory: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/
Author: Michele euronymous Orrù (euronymous AT antisnatchor DOT com)
Quite a common problem in a lot of Java based applications: reflected
XSS in Java stack trace.
A
32 matches
Mail list logo