lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200304260105.h3Q15eGq080060@mailserver3.hushmail.com>
From: blightninjas at hushmail.com (blightninjas@...hmail.com)
Subject: PoPToP Exploit.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo, its blightninjas here to reign terror. er, yeah

We are getting sick of clueless people posting to bugtraq, throwing up
none working crap just to get their name out there.

So now we are going to make you look stupid, because you are. (Yes, you
einstein).
A poptop exploit was released that only compiled on win32, and, well,
 not only did it great every programming rule and standard, it didn't
work.

Then someone came along, and ported it to linux (You john.) and did a
great job of doing absolutely nothing.  Not only did it still not compile
on linux, but he kindly introduced new bugs.

We can all learn from these mistakes, so I include commented versions
of the first two exploits, along with a working new copy.

Files:
poptop-sane.c  poptop exploit, supports targets, brute forcing, actually
works
poptop-port-annotated.c  poptop exploit linux port, commented for your
enjoyment
poptop-annotate.c  The original, terrible, code written by dH (now dASS),
 but hey, it doesn't matter if it works, they have their name on bugtraq!

All files available at http://www.freewebs.com/blightninjas/

security industry betta watch you back, blightninjas creepin like a heart
attack.... or something
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wmEEARECACEFAj6p22caHGJsaWdodG5pbmphc0BodXNobWFpbC5jb20ACgkQ1lXHmsSz
kSDwHgCfRyVyds0pu/AnZohQG/3v9S0KRLoAnAwKuyRAEpsxmy1bmrV+gJr2YImo
=mJdq
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: poptop-sane.c
Type: application/octet-stream
Size: 10772 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030425/98afc5fc/poptop-sane.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: poptop-port-annotated.c
Type: application/octet-stream
Size: 11015 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030425/98afc5fc/poptop-port-annotated.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: poptop-annotated.c
Type: application/octet-stream
Size: 12008 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030425/98afc5fc/poptop-annotated.obj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ