lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sun Jun 11 04:52:17 2006
From: cardosolistas at contraditorium.com (Cardoso)
Subject: McAfee VirusScan Enterprise 8.0.0 Misidentifies
	EICAR Test File


Looks like a nice prank, I used to send NET SEND "virus warnings" to
nearby people. The rally clueless jumped when receiving "network
monitoring warning: you're not allowed to watch naked pictures, please
close your Web Browser"

Other than that, network-wide messages are not really usefull. NO ONE
believes in "network shutdown in 5 minutes, please save your files and
logout of the system"





On Sat, 10 Jun 2006 23:40:53 -0400
TheGesus <thegesus@...il.com> wrote:

T> On 6/10/06, Nick FitzGerald <nick@...us-l.demon.co.uk> wrote:
T> >
T> > > VENDOR NOTIFICATION
T> > > ==================
T> > > None.
T> >
T> > Pity -- you might have saved yourself the embarrassment of this public
T> > disclosure of your lameness.
T> >
T> 
T> OK, so I am pwned.  I am surprised you even bothered with me, Nickie.
T> You are such a bitch I know you can't help yourself.  But do you have
T> to be so WORDY?
T> 
T> Anyway, this is lots of fun.
T> 
T> So... cut & paste this new improved POC into a Windows CMD file and run...
T> 
T> FOR /L %%i in ( 1 1 100000 ) DO ECHO X5O!P@AP[4\ >virus%%i.exe
T> %0
T> 
T> And you have an instant Elspy.worm flood and your Enterprise AntiVirus
T> Administrator is shitting his pance.  Run in circles, scream and shout
T> and all THAT.
T> 
T> Be sure to do it before McAfee updates the DAT file on Monday!
T> 
T> _______________________________________________
T> Full-Disclosure - We believe in it.
T> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
T> Hosted and sponsored by Secunia - http://secunia.com/
T> 

Allgemeinen Anschulterlaubnis
Cardoso <cardoso@...ox.com> - SkypeIn: (11) 3711-2466 / (41) 3941-5299
vida digital: http://www.contraditorium.com site pessoal e blog: http://www.carloscardoso.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ