[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY129-F36604649419CD4EE092B27CBE10@phx.gbl>
Date: Fri, 10 Aug 2007 01:54:51 +0000
From: "cocoruder ." <frankruder@...mail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Security Advisory] Backdoor Discovered
inImmunity Debugger
This is a crisis of Immunity, if you want to let the geezers believe you
should give more evidences not only MD5 hashes.
welcome to my blog:
http://ruder.cdut.net
>From: goudatr0n <goudatr0n@...oo.ca>
>To: full-disclosure@...ts.grok.org.uk
>Subject: [Full-disclosure] [Security Advisory] Backdoor Discovered
inImmunity Debugger
>Date: Thu, 9 Aug 2007 13:58:01 -0400 (EDT)
>
>Infosec researchers with the Greater Alliance of PHP
>Programmers, headed by goudatr0n and in cooperation
>with David Marcus, have discovered a backdoor in the
>new Immunity Debugger.
>
>1. PRODUCTS AFFECTED
>Immunity Debugger (Immunity Security,
>http://www.immunitysec.com/products-immdbg.shtml), All
>Versions
>
>2. OVERVIEW
>The Immunity Debugger contains a backdoor that emails
>session history, running applications and other system
>information (location, IP address, machine Owner Name)
>to
> an email address at immunitysec.com
>
>3. ANALYSYS
>Immunity Security provides a lightweight debugger for
>Windows, presumably to aid in discovering 0-day
>security vulnerabilities. The debugger is distributed
>freely on
>the immunitysec.com website, requiring the user to
>register when they download it.
>
>Presumably, this debugger is intended to be used by
>people searching for weaknesses in various proprietary
>products, due to the unsafe nature of how they are
>develope
>d, where the source is not frequently audited. Since
>David Aitel is an attention whore who only is rivaled
>by Gadi Evron, and his lack of skills as evident,
>Immunity
>Security is only able to reveal 0-days by stealing
>them from other hackers attempting to find them.
>
>The backdoor emails detailed system information, along
>with detailed debugging session information. In one
>such email that was intercepted, it was seen that the
>entir
>e session was attached, as well as the Owner Name,
>external IP address, a list of running services and
>their versions.
>
>4. SOLUTION
>Do not trust Immunity Security's debugger. They will
>steal your 0-day and parade it around like they are
>the ones who discovered it. This will only continue to
>feed i
>nto David Aitel's massive ego, compensating for his
>tiny penis.
>
>BROUGHT TO YOU BY GOUDATR0N AND THE GREATER ALLIANCE
>OF PHP PROGRAMMERS
>DON'T BE DUMB
>BE A SMARTY
>COME AND JOIN
>THE PISS PARTY
>
>goudatr0n can be found online at irc.perl.org #perl
>using the nick TimToady.
>
>
> Ask a question on any topic and get answers from real people. Go to
Yahoo! Answers and share what you know at http://ca.answers.yahoo.com
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
_________________________________________________________________
免费下载 MSN Explorer: http://explorer.msn.com/lccn/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists