| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Aug 2007 01:54:51 +0000 From: "cocoruder ." <frankruder@...mail.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: [Security Advisory] Backdoor Discovered inImmunity Debugger This is a crisis of Immunity, if you want to let the geezers believe you should give more evidences not only MD5 hashes. welcome to my blog: http://ruder.cdut.net >From: goudatr0n <goudatr0n@...oo.ca> >To: full-disclosure@...ts.grok.org.uk >Subject: [Full-disclosure] [Security Advisory] Backdoor Discovered inImmunity Debugger >Date: Thu, 9 Aug 2007 13:58:01 -0400 (EDT) > >Infosec researchers with the Greater Alliance of PHP >Programmers, headed by goudatr0n and in cooperation >with David Marcus, have discovered a backdoor in the >new Immunity Debugger. > >1. PRODUCTS AFFECTED >Immunity Debugger (Immunity Security, >http://www.immunitysec.com/products-immdbg.shtml), All >Versions > >2. OVERVIEW >The Immunity Debugger contains a backdoor that emails >session history, running applications and other system >information (location, IP address, machine Owner Name) >to > an email address at immunitysec.com > >3. ANALYSYS >Immunity Security provides a lightweight debugger for >Windows, presumably to aid in discovering 0-day >security vulnerabilities. The debugger is distributed >freely on >the immunitysec.com website, requiring the user to >register when they download it. > >Presumably, this debugger is intended to be used by >people searching for weaknesses in various proprietary >products, due to the unsafe nature of how they are >develope >d, where the source is not frequently audited. Since >David Aitel is an attention whore who only is rivaled >by Gadi Evron, and his lack of skills as evident, >Immunity >Security is only able to reveal 0-days by stealing >them from other hackers attempting to find them. > >The backdoor emails detailed system information, along >with detailed debugging session information. In one >such email that was intercepted, it was seen that the >entir >e session was attached, as well as the Owner Name, >external IP address, a list of running services and >their versions. > >4. SOLUTION >Do not trust Immunity Security's debugger. They will >steal your 0-day and parade it around like they are >the ones who discovered it. This will only continue to >feed i >nto David Aitel's massive ego, compensating for his >tiny penis. > >BROUGHT TO YOU BY GOUDATR0N AND THE GREATER ALLIANCE >OF PHP PROGRAMMERS >DON'T BE DUMB >BE A SMARTY >COME AND JOIN >THE PISS PARTY > >goudatr0n can be found online at irc.perl.org #perl >using the nick TimToady. > > > Ask a question on any topic and get answers from real people. Go to Yahoo! Answers and share what you know at http://ca.answers.yahoo.com > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ _________________________________________________________________ 免费下载 MSN Explorer: http://explorer.msn.com/lccn/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists