lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <402C1B18.000001.02124@WING-ZERO>
From: schie419 at wxs.nl (Bluehawk)
Subject: RE: W2K source "leaked"?

it has been leaked , also for the winnt 4 and the windows XP sourcecode

files like : windows.2000.source.code-IND are now roaming irc channels and
webpages ... it is an hard day for microsoft i guess 
 
-------Original Message-------
 
From: tlarholm@...x.com
Date: 13-2-2004 0:44:55
To: ge@...tistical.reprehensible.net; bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.netsys.com
Subject: RE: W2K source "leaked"?
 
This is not the first time that people have reported leaked copies of
Windows source code. In 2000, Wired News reported that the source code
for Whistler (now Windows XP) had been leaked, though they never
confirmed it.
 
http://www.wired.com/news/business/0,1367,35135,00.html
 
WinBeta is also reporting on the new leak
 
http://www.winbeta.org/winbeta/forums/index.php?showtopic=2663&st=0&#ent
ry9449
 
0-day exploits being used on Microsofts network, foul play by privileged
partners or a hoax? Let's see what Microsoft reports.
 
 
 
Regards
 
Thor Larholm
Senior Security Researcher
PivX Solutions
24 Corporate Plaza #180
Newport Beach, CA 92660
http://www.pivx.com
thor@...x.com
Phone: +1 (949) 231-8496
PGP: 0x5A276569
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569
 
PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
Qwik-Fix
<http://www.qwik-fix.net>
 
 
-----Original Message-----
From: Gadi Evron [mailto:ge@...tistical.reprehensible.net]
Sent: Thursday, February 12, 2004 1:49 PM
To: bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.netsys.com; Thor Larholm
Subject: W2K source "leaked"?
 
 
A couple of days ago a friend of mine drew my attention to the source
making rounds on the encrypted p2p networks, I was hoping it would take
a bit longer for it to be "out", but that was just day-dreaming.
 
Thor Larholm just gave me this URL, as you can notice, the server is
busy: http://www.neowin.net/comments.php?id=17509
 
I never believed in 0-days. "New" or more to the point
un-known-to-the-public exploits and vulnerabilities exist and are being
used.
In my opinion "0-days" virtually don't exist. It's usually either some
vulnerability that is long known and a COP or a worm is created. Or
exploits that will nearly never see the "public" but exist and are used
by few individuals.. but now... I don't know.
 
How often does a brand new exploit come out without prior warning and
"attack" the net?
 
*If* this really is the.. _real_ source code for W2K (and according to
the article NT4 as well).... we'll see what happens next.
 
People didn't need help finding vulnerabilities in Windows before, but
it just became a whole lot easier and a lot less demanding on the "m4d
#4x0r 5k111z".
 
I can't really say that the article is right and the source was "leaked"
 
or "stolen". The source is being sold/given (?) for years now to EDU's
and commercial companies for research purposes (not to mention China..).
 
I suppose foul play is always possible.
 
Can anyone confirm this is the real source code? How about a press
release? :)
 
  Gadi Evron
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040213/88043134/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 494 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040213/88043134/attachment.gif
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 9031 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040213/88043134/attachment.jpe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ