[FD] GOST 28147-89 gets 512 bit and 1 kbit keys

Hello list! The GOST 28147-89 block cipher celebrates its' 25-years jubilee this year. First published in 1989, it's one of the oldest (if not the most) of all symmetric block ciphers which are currently in use. Original publishing describes possible key sizes of 32, 64, 128 and 256 bits. However

Re: [FD] Introducing APSAM - Beyond Military Grade Security

I fear that its too late for AP$AM. I believe it has already been compromised by the true foe. After all, It has been turned from a possible beacon of safety in these troubled times, to yet another harbour for those "Nation-States" to slither into and out of our systems like the foe they are. After

[FD] Chunked requests to bypass ModSecurity and mod_headers

Hi list, While playing with requests that used chunked encoding, I found one way to sneak headers through Apache mod_headers removal mechanism. I also found a way to sneak pretty much anything through ModSecurity. More details here: http://martin.swende.se/blog/HTTPChunked.html ## Timeline

[FD] [TOOL] w3af 1.6 release

List, After all the wait, expectations, and hard work I present you the 1.6 release: * Improved performance: your scans will run faster * Now you'll be able to easily integrate w3af into other projects with a simple "import w3af" * Better documentation * Improve

[FD] immhooktmpl.py - Immunity template plugin for function hooking

Wa Salamu Alaikum, we wanted to warn you and released new code and is wanted to bother you on FD is thanks for your attention. DESCRIPTION Due to the lack of documentation for Immnunity API this is an easy template for function hooking while RE. Howto: 1. set API names or a

[FD] Multiple vulnerabilities in Js-Multi-Hotel for WordPress

Hello list! There are multiple vulnerabilities in Js-Multi-Hotel plugin for WordPress. Earlier I wrote about two other vulnerabilities. These are Abuse of Functionality, Denial of Service, Cross-Site Scripting and Full path disclosure vulnerabilities in Js-Multi-Hotel plugin for WordPress. T

[FD] Introducing APSAM - Beyond Military Grade Security

Security researchers develop AP$AM the most advanced, and persistent, threat information valuation services. In an effort to combat advanced, malicious hackers worldwide, researchers have developed a unique, and proven methodology to locate and attribute, high level, sophisticated attacks. "We se

[FD] EMC CTA v10.0 unauthenticated XXE with root perms

Hi, The linked gist below details an unauthenticated XXE vulnerability that allows an attacker to read /etc/shadow within EMC CTA v10.0. https://gist.github.com/brandonprry/9895721 -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website ___

[FD] Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Document Title: === Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1235 Release Date: = 2014-03-28 Vulnerability Laboratory ID (VL-ID): ===

[FD] PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities

Document Title: === PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities References (Source): http://www.vulnerability-lab.com/get_content.php?id=1239 Release Date: = 2014-03-27 Vulnerability Laboratory ID (VL-ID): ===