lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: nitroxboost at hotmail.com (Evidence)
Subject: new worm - "warm-pussy.jpg".

Funny thing is is that warm-pussy.jpg is just a directory name.  Does anyone
here know what file your browser would attempt to access if you type a url
of a non existant file?  Yes thats right...

http://gibsonhaxor.tv/warm-pussy.jpg/index.html

Jason

----- Original Message ----- 
From: "Gadi Evron" <ge@...tistical.reprehensible.net>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, November 13, 2003 2:08 AM
Subject: Re: [Full-Disclosure] new worm - "warm-pussy.jpg".


> segfault wrote:
>
> > You idiot.  Just because a file is called warm-pussy.jpg, doesn't mean
that
> > the webserver it resides on isn't going to parse it's actual content
(which
> > is probably plaintext).  Look again, I'm sure you'll be surprised.
> >
>
> HTML _is_ plain-text.
> Just because the server sends it as plain text doesn't mean the browser
> won't execute it.
>
> It does.
>
> This *is* a Trojan horse.
>
> Do you have anything real to contribute or are you just going to call a
> guy that raised the alarm of a _possible_ new dangerous Trojan hourse
names?
> -- 
>        Gadi Evron (i.e. ge),
>        ge@...uxbox.org.
>
> The Trojan Horses Research mailing list - http://ecompute.org/th-list
>
> My resume (Hebrew) - http://vapid.reprehensible.net/~ge/resume.rtf
>
> PGP key for ge@...uxbox.org -
> http://vapid.reprehensible.net/~ge/Gadi_Evron.asc
> Note: this key is used mainly for files and attachments, I sign email
> messages using:
> http://vapid.reprehensible.net/~ge/Gadi_Evron_sign.asc
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ