lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20060627055222.8531.CARDOSOLISTAS@contraditorium.com>
Date: Tue Jun 27 09:54:25 2006
From: cardosolistas at contraditorium.com (Cardoso)
Subject: UnAnonymizer

If the app uses an unknow DNS server, I think it's enough of a risk to
worry about.



On Tue, 27 Jun 2006 08:49:13 +0000 (GMT)
Brate Sanders <brate_sanders@...oo.co.uk> wrote:

BS> 
BS> Is there a security issue hidden somewhere in there or is it just a bug report sent to the wrong mailing list address? :-)
BS> 
BS> 
BS> ----- Original Message ----
BS> From: Peter Besenbruch <prb@...a.net>
BS> Cc: full-disclosure@...ts.grok.org.uk
BS> Sent: Tuesday, 27 June, 2006 1:42:33 PM
BS> Subject: Re: [Full-disclosure] UnAnonymizer
BS> 
BS> H D Moore wrote:
BS> > A fun browser toy that depends on Java for complete results:
BS> > - http://metasploit.com/research/misc/decloak/
BS> 
BS> Fun indeed:
BS> 
BS> Field            Data        Dependency
BS> External Address:    24.199.198.152    None
BS> Internal Host:        unknown        Java
BS> Internal Address:    unknown        Java
BS> DNS Server (API):    unknown        Java
BS> DNS Server (HTTP):    24.199.198.158    None
BS> External NAT:        unknown        Java
BS> 
BS> The "External Address" listed belongs to a TOR server hosted on 
BS> RoadRunner. The DNS server is also part of that system. I'm assuming the 
BS> "Internal Host" should have been mine? The "Internal Address" mine, 
BS> also? The "DNS Server (API)" my ISP's? Something isn't working.
BS> 
BS> Here's another page that tries something similar with Java:
BS> http://gemal.dk/browserspy/ipjava.html
BS> 
BS> I get similar results to the above. Yes, Java is installed (version 1.5).
BS> 
BS> -- 
BS> Hawaiian Astronomical Society: http://www.hawastsoc.org
BS> HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky
BS> 
BS> _______________________________________________
BS> Full-Disclosure - We believe in it.
BS> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
BS> Hosted and sponsored by Secunia - http://secunia.com/
BS> 
BS> 
BS> 
BS> 
BS> 

year(now) + 1 ser? o ano do linux!
Cardoso <cardoso@...ox.com> - SkypeIn: (11) 3711-2466 / (41) 3941-5299
vida digital: http://www.contraditorium.com site pessoal e blog: http://www.carloscardoso.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ