lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 14 Sep 2004 07:28:48 -0700 (PDT)
From: nirvana <karmic_nirvana@...oo.com>
To: VX Dude <vxdude2003@...oo.com>, Stefan.Laudat@...ianztiriac.ro,
        Alpt <alpt@...aknet.org>
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
        hackers@...e.org, hackmeeting@...zz.org, ml@...urezza.org,
        primavera@...aknet.org, security-alerts@...uxsecurity.com
Subject: Re: Re: The ArpSucker is b0rn! Be yourself, be the net.


nice.....real nice!

--- VX Dude <vxdude2003@...oo.com> wrote:

> Hello to all the xposted lists out there =D
> 
> If it's not a threat to you're wonderfully managed
> system, then you have nothing to worry about.  SO
> the
> guy wrote a tool, thats what hackers do.  If it's
> successful, if it's not, (s)he will figure that out
> themselves when it is, and why.  Learning is the Way
> of the Hacker.
> 
> Speaking of moderating, what value did your post
> add? 
> And you had to reply to all?  Seems like you just
> wanted to advertise bugtraq to all the other lists. 
> 
> 
> <ad>This just shows that the Full-Disclosure
> audience
> is far more sophisticated then the censorship loving
> children of Bugtraq.</ad>
> 
> To Alpt, nice tool, I have no use for it, but still
> its nice to see someone exploring and coding.  Let
> assholes like stefen here teach you a lesson and
> remember to not disclose anything.  Put on the
> blackhat and keep your knowledge to yourself, no one
> else deserves it.
> 
> You do you're own work, and create your own ideas,
> and
> this is the type of thanks you get?  No, this is a
> whitehat trick.  See they want you to work gain
> their
> approval.  By not giving you the credit you deserve,
> they'll get you to think that their approval is
> something worth getting.  This is just the first
> step
> to being a sellout, a whitehat.
> 
> Don't fall for their jedi mind tricks, become
> independant and create for no one but yourself. 
> Remember stefen's insults, for this is the thanks of
> a
> whitehat.
> 
> Stinny
> Internet Sniper
> 
> --- Stefan.Laudat@...ianztiriac.ro wrote:
> 
> > Usually lame kiddie posts like this shouldn't
> reach
> > the list. Old school 
> > ARP attacks are no longer a threat in a decently
> > managed layer 2
> > network. I thought bugtraq is still moderated. Oh,
> > Aleph1, where art thee 
> > ?
> > 
> > ---
> > Stefan Laudat
> > Networking & IT Security Manager
> > Allianz Tiriac SA Insurance
> > --
> > This message is protected by the secrecy of
> > correspondence rules ; 
> > furthermore it may contain privileged or
> > confidential information that is
> > protected by law, notably by the secrecy of
> business
> > relations rule ; it 
> > is
> > intended solely for the attention of the addressee
> .
> > Any disclosure, use,
> > dissemination or reproduction (either whole or
> > partial) of this message or
> > the information contained herein is strictly
> > prohibited without prior
> > consent.
> > Any electronic message is susceptible to
> alteration
> > and its integrity can
> > not be assured. Allianz Tiriac declines any
> > responsibility for this 
> > message in the
> > event of alteration or falsification.
> > If you are not the intended recipient, please
> > destroy it immediately and
> > notify the sender of the wrong delivery and the
> mail
> > deletion.
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> > Alpt <alpt@...aknet.org>
> > 13.09.2004 23:05
> >  
> >         To:     primavera@...aknet.org
> >         cc:     hackmeeting@...zz.org,
> > hackers@...e.org, ml@...urezza.org, 
> > bugtraq@...urityfocus.com,
> > full-disclosure@...ts.netsys.com, 
> > security-alerts@...uxsecurity.com
> >         Subject:        The ArpSucker is b0rn! Be
> > yourself, be the net.
> > 
> > 
> > 
> >                         Freaknet Death C is pride
> to
> > present ya:
> >                  }----------------- (The
> ArpSucker)
> > ----------------{
> > 
> > Hi folks, 
> > Did you ever dreamed to become the net, to be a
> big,
> > bad, black, black,
> > black hole?
> > Yep! I did.
> > 
> > This code was made the "12 Sept 2004".
> > It started to dawn and I, Tomak and Nirvana, after
> > eating some food,
> > started to rave. 
> > Tomak downloaded fakeap.pl; But I also wanted to
> > give my good amount of 
> > death. 
> > So I told: <<Why not fakeip?>>. Tomak: <<Yea, good
> > idea, but why don't
> > you wake up all those sleeper with a sane System
> of
> > a Down's song?>>
> > After a while,
> > I started to code TheArpSucker...
> > Then Elibus, Pallotron were my favourite guinea
> pigs
> > for direct attacks.
> > 
> > The idea is simple: we add all the ip we want to
> > become in the arp cache 
> > of
> > all the machines. Yes, it's the normal arp
> > poisoning, but we want to 
> > become
> > the ENTIRE NETWORK!
> > The tests of the global arp cache smashing were
> > successful, I became the 
> > entire 
> > 10.0.0.x and 10.0.1.x network. All the packets
> went
> > to me and, with the 
> > ip_forward 
> > activated, I resent them to the real destination.
> > 
> > Then when I tried to become all the 2^32-1 IPs, I
> > realized that the 
> > attacked machine
> > (elibus and pallotron, eheheh), were under a
> mortal
> > DoS. The Elibus' 
> > machine was
> > constantly at 100% of cpu until Elibus unplugged
> the
> > eth0 cable, while the 
> > Pallotron's
> > machine went in kernel panic!. Elibus uses an x86
> > arch with the linux 
> > kernel, pallotron
> > uses An Apple I-book, with MacOsx.
> > Asbesto was giving his blessing to spread death in
> > our bicazzo network, 
> > and Elibus died
> > because he didn't want to share his gprs
> connection,
> > AHHAHAHAHA.
> >                                                  -
> 
> > E l i B u S -
> >                                                   
>  
> >    RIP.
> >                                      He was a good
> > guinea pig
> > (^_^)
> > That was an happy day!
> > So, here it is the code, Here I spread the src in
> > the wired.
> > 
> > The ArpSucker is a patch to arping of iputils:
> >
>
http://www.freaknet.org/alpt/src/p0f-TheArpSucker-iputils-ss020927.patch
> > You can get the right version of iputils here:
> >
>
http://www.freaknet.org/alpt/src/iputils-ss020927.tar.gz
> 
=== message truncated ===



		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ