| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <009f01c5a5b1$2e3b4d80$6a01a8c0@pauls1337laptop> Date: Sat Aug 20 19:01:33 2005 From: pvnick at gmail.com (Paul) Subject: FrSIRT False Alarm Not to mention this is hardly even assembly. This is like really ghetto assembly. In REAL assembly, there would be no ".if" statements. It's all cmp blah blah, jz, jnz, etc. Lot's more work. Also, there is no such thing as .invoke MessageBox. Give me a break. In real assembly, that code would be about 5 times longer. Regards, Paul Greyhats Security http://greyhatsecurity.org ----- Original Message ----- From: "Thierry Zoller" <Thierry@...ff-em.com> To: <ad@...ss101.org> Cc: <full-disclosure@...ts.grok.org.uk> Sent: Saturday, August 20, 2005 1:57 PM Subject: Re: [Full-disclosure] FrSIRT False Alarm > > aco> btw illwill made something to block it, havent tested it myself but > this > aco> might be useful to post it here: > aco> http://illmob.org/files/0day/msdds.dll_deactivator.rar > > It sets the killbit that's all. A .reg file would have been enough but > then of course doing that in asm makes it all l33t and stuff... > > -- > Thierry Zoller > mailto:Thierry@...ff-em.com > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists