lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030923160135.67084.qmail@web14603.mail.yahoo.com>
From: b0fnet at yahoo.com (b0f)
Subject: New Hacking Zine: p62

pzc> 16.   REAL  authentic  information  regarding 
iDEFENSE  contractor
pzc> purchases.

Hi would just like to touch on this. 
Most of the info they have on there about me is unture
Yes i did get $300 from idefense and yes that is my
name. My name can be found by searching google (good
google skills boys).

The date they have is completly wrong and i am not a
member of dtors security and have never been. Any
member from dtors would confirm that i didn't 'steal'
nuthin from them to sell to idefense. For guessing my
palpal account wouldn't be to hard since i always use
this email address. I also have a good idea where they
got the $300 price tag from. 

While i write this i must also congrat them in finding
a hole in suexec.

<snip from phrack 62>
whereis suexec
suexec: /usr/sbin/suexec
/usr/share/man/man8/suexec.8.gz
ls -al /usr/sbin/suexec
-r-s--x---    1 root     apache      11732 May 15
06:09 /usr/sbin/suexec
cat << EOF >> suexp.c
/* REMOVED - sorry kids
 * Phrack supports Non-disclosure
 */
EOF
make suexp
cc     suexp.c   -o suexp
./suexp -t6
id
uid=0(root) gid=0(apache)
groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel)
#h3h3h3
</snip from phrack 62>

Ain't it great that there exploit gives gid=0(apache).

I hope this clears this up and guys for phrack 63
anything you want to know about me just ask atleast
you will get it right that way ;)

Regards
b0f

=====
www.b0f.net

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ