lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <3F9E9E22.2080200@onryou.com>
From: lists at onryou.com (Cael Abal)
Subject: when will IE exploits COME TO AN END...

> it's a off-topic! anyway... INDEED A BUG BUT i got lot of flamings
> ... while trying to explain one of my advisory to some 31337's. out
> here!
> 
> http://www.blackcode.com/forums/viewtopic.php?t=10577
> 
> ANYONE WILLING TO EXPLAIN THE STRANGE PHENOMENON! (o; <why does the
> bug works on some PC and doesn't in other... I am just screwed up
> SEEING THIS STUPID BEHAVIOR!>

Thanks for posting the link to that forum, Bipin -- there seeme to be
quite a lot of very useful information there!  I'm especially interested
in following this thread:

http://www.blackcode.com/forums/viewtopic.php?t=1704

> AMuller: need help with FTP passwd
> 
> ok i am pretty sure i got the password file. whta i pulled out is
> this:
> 
> root:*:0:0:::
> bin:*:1:1:::
> operator:*:11:0:::
> ftp:*:14:50:::
> nobody:*:99:99:::
> 
> how do u decode this? and if u tell me a program name also please
> tell  me HOW to use it.
> 
> -Thanks
> 
> P.S. I dont just want this decoded i wanna know how 2 do it

It's definitely a good idea to keep tabs on encryption-defeating
technologies -- if someone is able to recover a root password from an
/etc/passwd file like the above then we're *all* in serious trouble.

Cheers,

Cael

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ