lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Tue, 30 Jan 2007 16:33:01 -0800
From: Casey Marshall <rsdio@...astatic.org>
To: bugtraq@...urityfocus.com
Subject: Re: Atsphp 5.0.1 [Top Sites] [index.php] - Remote File Include

On Jan 30, 2007, at 3:30 AM, trzindan@...mail.fr wrote:

<snip non-exploit>

You know, I'm personally starting to wonder if these bogus  
"vulnerabilities" are really just some low-bandwidth communication.  
Given the "greetz" and "shoutout" crap that follows each posting,  
which could be a little encoded message. Then just grep PHP code for  
'include' or 'require_once', and send.

You aren't plotting terrah with fake PHP 'sploits, are ya?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ