lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200308050244.h752itQE047597@mailserver3.hushmail.com>
From: auto94042 at hushmail.com (brent)
Subject: vulnrability for dummy 101

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

holos gentlemens of the list,

it is once again time to bdazzl the F D SUBS with some new 0day . . this
time i try to make some focus on some verry silly vulnearbilties that
i often see report to the list . . .call these a joke 0day , but i do
not mean to make monkey busines so much as offend and pleez remeber that
there is very serious under curret to the vulnreabitiles for dummy 101
!

pleez know that i say no name or point the figger for any one of these
one becuase i believe in mantainging civil affair with the F D SUBS ,
 even if len ross and john cartwrit do not make an ear to my concern
of the chartr , , HMMHP!

there is a few termenlogy that i use to make the point since i do not
have oxferd dictionry -

STFU - means pucker your lip round the noddle of enema bag full of warm
poopy swill of STFU ! ! !

STT - still the tounge buddy ! not a sever as STFU ! ! ! but it gives
the good indicate of ** STFU ! is coming next

RTFM - self-explain

RTFRFC - self-explain to but if you do not know it, send me the msg and
i give you my thought on this one - - - i send ti strait to the /dev/null

should you need to know, i divise this into real v s fake vulners .

- -- {REAL} -
issue #1 - db hijacker with mysql

type : adminner v s. hackerer race conditon

lack of defalt passwd on mysql db allows root hijackering if you beat
the adminning one to the race when making the db first .

xploit codes > > >

$ mysql -u root

now the root is hijackered if the adminner does not become root first
and set the passwd .

solution -- > STFU &&  RTFM !

iusse # 2   =

i see one like this on the F D lits :

type - fail to amor the OS in lead v s . peering monkey eyes of xray
hackerer

aceess_log info disclose , if local one reads the access_log of apach
then they know the secretes !

solutions -->

- -rw-r-----    1 root     root         8273 Aug  3 01:04 access_log

aslo for good messure you can STFU !.

issue 3 >

case ; simple honnest mistake in file manage

i also see one like this clowning around on the list . . .

desktop destruct ---

systems test: win2k and winxp SP!

fill the desktop with >2GB uyseless grabbage in folder and stuff and
the desktop goes KABLAAMO like ! ! quicktask bar has no icon anymore
and all the desktop shotcut go straight to the /dev/null . . . does it
maybe work for you ? ? it happen two times to me both because of needing
the easy access to monkey affairs pics+vids with certain college ladies
of diff. hetirage playing in the bath , this punish make me learn to
put the monkey affairs file somewhere else .

soluttions - - STT my freind, it happen to anyone and make an honnest
mistake .

{{{ FAKE }}}
isue #1 -

type  : similar to xrays eye but wiuth some ftp monkey biz on the brain

plain tex passwd in ftpconf file. i see many a one like this but thik
about it F D SUBS , does the passwd not go over ther IP in plantext ?
? ? note pad is very usful autorotter but try something else, like tcpdup,
 it rooters just the same .

solutions - - RTFRFC || ponder the NTFS or nuix permiss if you canot
read(this is good for most passwd in the clear vulners! 1)

issue # @ - - -

path disclos or phpinfo(0 or file.inc disclose or most the rest of problematic
sec isue in phpshitboard ..

cause ; fail of F D msger to have a brain in his skull

soluttion >>> RTFM, STFU || do a live action mode of you hischool death
sonnet (i read it in /home/fdmsger: " nobdy cares about me , ,  black
clouds circle 'tween my head like the evil chuerubims , , , if i take
the daggur and painter this world red with my iner sorro . . . does any
buddy miss me the more ? "

trust me, no buddies missing you ! ! ! you find more fulfill at evrkwest
than read /write the F D any how . . .

is it just me that make this observe but are paul shclemel and pat szabo
the same guyy ? ? ?

greetz : : ldreamerz - we patners in crime / ! stephan ketz , , , we
need to hackered some softs togehter sometime dud! , gunisky and his
PF words of guide ,

p S S : remeber to have it in your head for every word you speask that
you must consider wether to STFU , STT , RTFM and last resort is RTFRFC
. . . && more of you that talk about adminnery on F D is less of you
to adminn the boxen !' m$ is not the sole blame of ppl making hot air
baloon on the list and getting hackered in the mentime ,.

- ---

[user]@(hush|hushmail).com iz truely the niggur of the inter net ! !

"if one spendings is greeter on jolt ! then on the person's hygene, like
shampoo and deodor , then one is the hackster . . . whats more, one deserve
to be the hacker @" - anony whitehouse soucre

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj8uxhUACgkQarKSBij8yIJtxwCdFyO+pzicj1fkQL7RYii3WFHiFicA
oI4CY/hGqlDZii7Or2MpDKIvvTk8
=x2MC
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ