lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3F8CEF4E.7030106@jackhammer.org>
From: pdt at jackhammer.org (Paul Tinsley)
Subject: NSRG-Security SaS Encryption cracked

--------------------------------------------------------------------------------
  Product:            SaS (Security Application Server)
  Vendor:             NSRG (No Secure Root Group Security Research)
                      Lorenzo Hernandez Garcia-Hierro
                      <lorenzohgh@...g-security.com>
  Impact:             Intellectual property disclosure
  Bulletin-ID:        PT.2003.0001
--------------------------------------------------------------------------------


  Product Description (From Vendor Website):
    We are happy to announce that sas website is now ( again ) online in this
    server by accessing sas.nsrg-security.com , migrate your links to this
    server.  The portal version is the latest of phpWebSite.  We trust in
    phpWebSite , a very secure solution in this last version ( old versions are
    affected by SQL Injections , XSS attacks and PD attacks , discovered by
    Lorenzo H G-H/trulux ).

  Method of Disclosure:
    If you have the GET script installed:
      GET http://www.nsrg-security.com | lorenzo_decode.pl > outfile.html
    If you have wget:
      wget http://www.nsrg-security.com -O enc.html
      lorenzo_decode.pl < enc.html > outfile.html

  Background:
    After the veritable cornucopia of website exploits posted today on
    full-disclosure it inspired me to audit a few websites myself.  I started
    with the author of all the IMHO frivolous postings and found that he
    "encrypted" his website with something called SaS that his group wrote.
    I figured man this Lorenzo guy has lots of free time to pick apart
    everybody's websites, his must be top notch.  "Exploit" code is attached
    and also available at:
      http://jackhammer.org/exploits/lorenzo_decode.pl


Cheers,
Paul Tinsley

-------------- next part --------------
A non-text attachment was scrubbed...
Name: lorenzo_decode.pl
Type: application/x-perl
Size: 1091 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031015/5edf2a9a/lorenzo_decode.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ