| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200411291455.iATEtA102835@netsys.com> From: eflorio at edmaster.it (Elia Florio) Subject: Is www.sco.com hacked? There are these two JPG files on www.sco.com : (the good one) http://www.sco.com/images/landing_pages_new/webinar_land2.jpg (the supposed hacked one) http://www.sco.com/images/landing_pages_new/webinar_land2-1.jpg These are the JFIF headers of the images: (the good one) 0100 FF D8 FF E0 00 10 4A 46-49 46 00 01 02 01 00 48 ......JFIF.....H 0110 00 48 00 00 FF E1 0C 22-45 78 69 66 00 00 4D 4D .H....."Exif..MM 0120 00 2A 00 00 00 08 00 07-01 12 00 03 00 00 00 01 .*.............. 0130 00 01 00 00 01 1A 00 05-00 00 00 01 00 00 00 62 ...............b 0140 01 1B 00 05 00 00 00 01-00 00 00 6A 01 28 00 03 ...........j.(.. 0150 00 00 00 01 00 02 00 00-01 31 00 02 00 00 00 14 .........1...... (the supposed hacked one) 0100 FF D8 FF E0 00 10 4A 46-49 46 00 01 02 00 00 64 ......JFIF.....d 0110 00 64 00 00 FF EC 00 11-44 75 63 6B 79 00 01 00 .d......Ducky... 0120 04 00 00 00 3C 00 00 FF-EE 00 0E 41 64 6F 62 65 ....<......Adobe 0130 00 64 C0 00 00 00 01 FF-DB 00 84 00 06 04 04 04 .d.............. 0140 05 04 06 05 05 06 09 06-05 06 09 0B 08 06 06 08 ................ 0150 0B 0C 0A 0A 0B 0A 0A 0C-10 0C 0C 0C 0C 0C 0C 10 ................ ....mmmm I remember the "Ducky Adobe" strings in the crafted JPEGs of GDI+ bugs.....maybe just a coincidence? EF ________________________________________________ Messaggio inviato da Edizioni Master Webmail http://mbox.edmaster.it
Powered by blists - more mailing lists