-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lulzsec == pwnt
logs taken from their priv8 irc server
http://www.mediafire.com/?fizwcbbyu6pyl8d
Some gems:
May 31 11:58:25 * Topic for #pure-elite is: [pE] security
research and development. | PRIV8!PRIV8!PRIV8! No leaks, no vanity.
Celebrating the announcement of Hacks in Taiwan Conference 2011, we would
like to publish part of our recent researches to share with all document
security researchers.
Flash JIT Spraying couldn't work since Flash 10.1. Now we bring it back.
On Fri, Jun 3, 2011 at 2:57 AM, t0hitsugu tohits...@gmail.com wrote:
You are correct; a *true* professional knows to use Cain and Able (but
thats not something you'll learn at school)
lol please stop, my fucking digestive tract is bleeding now I can't laugh
anymore
On Jun 2, 2011
Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011:
Lulzsec == pwnt
I've seen the log you pasted to pastebin. Is this:
* A timing attack on ssh passwords over the net?
* Fake, to distract us from your real 0day?
Andreas
Log:
root@gibson:~# ./1337hax0r 204.188.219.88 -root
I think its just a bruteforce.
On 6/6/11, Andreas Bogk andr...@andreas.org wrote:
Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011:
Lulzsec == pwnt
I've seen the log you pasted to pastebin. Is this:
* A timing attack on ssh passwords over the net?
* Fake, to distract
LOL @
A timing attack on ssh passwords over the net?
and
I think its just a bruteforce.
-Travis
On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia
chuksjo...@gmail.com wrote:
I think its just a bruteforce.
On 6/6/11, Andreas Bogk andr...@andreas.org wrote:
Excerpts from
http://89.248.164.63/dox/xyz/20.png
look at the picture.
On Mon, Jun 6, 2011 at 2:26 PM, T Biehn tbi...@gmail.com wrote:
LOL @
A timing attack on ssh passwords over the net?
and
I think its just a bruteforce.
-Travis
On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia
Gichuki John Chuksjonia writes:
I think its just a bruteforce.
If so, why would they repeat already tested hashes?
See first and last line of the cited block below
(and another one starting with M6... a bit later)?
M=eCvSLhkTe
M-eCvSLhkTe
MweCvSLhkTe
M=eCvSLhkTe
As Logins usually do
Excerpts from Benji's message of Mo Jun 06 15:32:11 +0200 2011:
http://89.248.164.63/dox/xyz/20.png
Ah, that's a much saner explanation. :)
Andreas
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
(picture found by looking through dir)
On Mon, Jun 6, 2011 at 2:54 PM, Andreas Bogk andr...@andreas.org wrote:
Excerpts from Benji's message of Mo Jun 06 15:32:11 +0200 2011:
http://89.248.164.63/dox/xyz/20.png
Ah, that's a much saner explanation. :)
Andreas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jun 6, 2011, at 1:58 PM, Gichuki John Chuksjonia wrote:
I think its just a bruteforce.
Lesson 1 Kids, no remote root accounts enabled by default.
Lesson 2, No Password Authentication enabled remotely
Lessen 3, man ssh-keygen
cheers,
- --
Will you be presenting at BlackHat?
-Travis
On Mon, Jun 6, 2011 at 9:57 AM, Benji m...@b3nji.com wrote:
(picture found by looking through dir)
On Mon, Jun 6, 2011 at 2:54 PM, Andreas Bogk andr...@andreas.org wrote:
Excerpts from Benji's message of Mo Jun 06 15:32:11 +0200 2011:
Possibly.
On Mon, Jun 6, 2011 at 2:58 PM, T Biehn tbi...@gmail.com wrote:
Will you be presenting at BlackHat?
-Travis
On Mon, Jun 6, 2011 at 9:57 AM, Benji m...@b3nji.com wrote:
(picture found by looking through dir)
On Mon, Jun 6, 2011 at 2:54 PM, Andreas Bogk andr...@andreas.org
hoax
these 'dox' were dropped months/yrs ago:
http://pastebin.com/mmvBT7n5 (May 13th, 2011)
boards.808chan.org/fail/res/263.html (2010)
try again
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hello list!
I want to warn you about new security vulnerabilities in ADSL modem Callisto
821+ (SI2000 Callisto821+ Router).
These are Cross-Site Request Forgery and Cross-Site Scripting
vulnerabilities. In April I've already drew attention of Ukrtelecom's
representative (and this modem was
it's a hoax, these 'dox' were dropped months ago
http://pastebin.com/mmvBT7n5 (may)
http://boards.808chan.org/fail/res/263.html(from 2010)
try again
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2255-1 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
June 6, 2011
ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-172
June 6, 2011
-- CVE ID:
CVE-2011-1699
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
Just checked on two of those themes you wrote (Typebased and NewsPress) and
they don't have any test.php file.
Did you check them all?
On 4 June 2011 17:17, MustLive mustl...@websecurity.com.ua wrote:
Hello list!
I want to warn you about Information Leakage and Cross-Site Scripting
ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-173
June 6, 2011
-- CVE ID:
CVE-2011-1700
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-175
June 6, 2011
-- CVE ID:
CVE-2011-1702
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-176
June 6, 2011
-- CVE ID:
CVE-2011-1703
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-178
June 6, 2011
-- CVE ID:
CVE-2011-1705
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-180
June 6, 2011
-- CVE ID:
CVE-2011-1708
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-181
June 6, 2011
-- CVE ID:
CVE-2011-1707
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-174
June 6, 2011
-- CVE ID:
CVE-2011-1701
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-177
June 6, 2011
-- CVE ID:
CVE-2011-1704
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-179
June 6, 2011
-- CVE ID:
CVE-2011-1706
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell
Am I the only one thinking who gives a fuck to this entire situation? :S
On Mon, Jun 6, 2011 at 2:44 PM, mclul...@safe-mail.net wrote:
it's a hoax, these 'dox' were dropped months ago
http://pastebin.com/mmvBT7n5 (may)
http://boards.808chan.org/fail/res/263.html(from 2010)
try again
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I don't believe is was implied that these dox on xyz/ev0 are
related to anything recent or this lulzsec exposure. They are there
so that we can see who this ev0/xyz is.
On Mon, 06 Jun 2011 14:44:11 +0100 mclul...@safe-mail.net wrote:
it's a hoax,
ooo ooo speculation time!
- Hacker creates website that offers free online password management
- in javascript
- bugdoors it
- collects passwords
- uses passwords
TL;DR: over 9000 lulz were had
-Jen
On Mon, Jun 6, 2011 at 8:26 AM, T Biehn tbi...@gmail.com wrote:
LOL @
A timing attack on ssh
31 matches
Mail list logo