lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 7 Dec 2006 10:25:22 +0800
From: "KaiJern Lau" <xwings.net@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Joke, Full Version, 0 day exploit for “PING”

Hi,

Something to share with everyone :)


Still remember the the last post <http://blog.xwings.net/?p=29> that i have
posted ? Sometimes script kiddies is always a script kiddies. They never
want to read, i guess that is the reason why they can't code.

After the ping exploit post <http://blog.xwings.net/?p=29> this fellow did
some reply and try to prove himself. I guess he just don't know what, for
all the comments he posted need to "approved" by me before it came to the
page.

This morning i got another stuff from him,

*Before we launch we have to own alot of boxes means we have to orginize the
drones army.Like Masters and slaves(zombies).By the way, there is no concept
"bypass" in firewall. YOu cannot bypass the firewall.But you can fool the
firewall by legiminate connection,since firewall only work on ip address and
port:-).Even if you use IDS or IDP you cannot stop it as long as the
attacker is generating legiminate packets.:)Please remember DOS can be
protected by updating but there is no IDS/IDP singature to stop the
DDOSing.If you go out to real life network you will see there are alot of
hidden devices. In real world, there are alot of huge networks are suffering
DDosing everyday. Please remember i also won't attack your low profile
network unless someone pay me.I also don't want to tell you guyz how to fool
back the attacker bocs' i don't want to share anything with you guyz. If you
are a real hacker you won't saying or swearing anymore. you already own
them.the fact that you are boasting on your 0wn blog is you cannot even hack
your own box.Bro please grown up. hacker never say that he is a hacker.OK?*

First of all, we are talking about exploits developments. There is nothing
to do with DDOS

.
Secondly, i guess we all know what is DDOS and how is works. There is alot
of ways we don't need to own alot of box to DDOS a server. Owning one big
site will do. Remember the SWF DDOS ?

Third, * hacker never say that he is a hacker*, did he mentions about he is
a hacker <http://en.wikipedia.org/wiki/Hacker> too ?

Lastly. anybody wants his msn id ?
------------------------------

Source : http://blog.xwings.net/?p=34


**

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists