lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Mar 2007 16:29:57 -0500
From: "Jason Miller" <jammer128@...il.com>
To: "Stauf von Stauf" <stauf@...shcheese.net>,
	full-disclosure@...ts.grok.org.uk
Subject: Re: Newest hacks

someone has too much free time.

On 3/21/07, Stauf von Stauf <stauf@...shcheese.net> wrote:
> Jason Miller wrote:
> > this is old and i find it personally useless/retarded. complete waste
> > if a wardrivers time. if you can give me 5 cases of something like
> > this actually happening, with PROOF, please do. i will then change my
> > mind.
> >
> > On 3/21/07, Nick Eoannidis <nikon@...lioncomputers.com> wrote:
> >
> >> For those who haven't read about what Ken was saying.
> >>
> >> The technique is called drive by Pharming. It involves crafting a page
> >> hosting malicious JavaScript that takes advantage of default configurations
> >> in home broadband modem/routers. (dlink, Linksys, netcomm etc.)
> >> The basis of this attack is tricking a user into accessing a webpage that
> >> changes the configuration of your modem by using default username and
> >> password credentials.
> >>
> >> The report by the Indiana university is here:
> >> http://www.cs.indiana.edu/pub/techreports/TR641.pdf
> >>
> >> Symantec's noob proof response is here:
> >> http://www.symantec.com/enterprise/security_response/weblog/2007/02/driveby_
> >> pharming_how_clicking_1.html
> >>
> >> nikon.
> >>
> >> _______________________________________________
> >> Full-Disclosure - We believe in it.
> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> >> Hosted and sponsored by Secunia - http://secunia.com/
> >>
> >>
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> It was recently a major problem for tconl  networks, and for a while
> there was an alert located on http://home.tconl.com.  It was a major
> call driver for the support as well.  And it was a bitch to figure out.
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists