[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20071016171136.CCD56DA827@mailserver7.hushmail.com>
Date: Tue, 16 Oct 2007 13:11:36 -0400
From: <full-disclosure@...hmail.com>
To: <biz4rre@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: 0-day PDF exploit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You're about as funny as the severity of your hacking tools or
something.
On Tue, 16 Oct 2007 13:07:48 -0400 biz4rre@...il.com wrote:
>negative. just a ':' and ')' concatenated characters
>
>with love,
>cyanid-E
>
>2007/10/16, full-disclosure@...hmail.com <full-
>disclosure@...hmail.com>:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Theoretically that is a smiley face right?
>>
>> On Tue, 16 Oct 2007 11:56:47 -0400 biz4rre@...il.com wrote:
>> >:)
>> >
>> >2007/10/16, full-disclosure@...hmail.com <full-
>> >disclosure@...hmail.com>:
>> >>
>> >> -----BEGIN PGP SIGNED MESSAGE-----
>> >> Hash: SHA1
>> >>
>> >> Dear 3APAPA,
>> >>
>> >> Please configure your Internet Exploring mechanisms in a
>fashion
>> >> compliant with my exploitation technologies to demonstrate
>the
>> >> severity of my proof of concept attack tools. Here is a list
>of
>> >> criteria to fulfill to make the hacker attack possible. This
>is
>> >> severe! Millions who follow the instructions in detail might
>be
>> >> vulnerable under the right situations sometimes... yawn.
>> >>
>> >> - -JP<i dont use apostrophes>
>> >>
>> >> On Tue, 16 Oct 2007 11:27:23 -0400 biz4rre@...il.com wrote:
>> >> >...some additional information about 0day PDF exploit PoC:
>> >> >
>> >> >Please download and open PDF PoC _locally_ in Adobe Acrobat
>> >(not
>> >> >in Adobe
>> >> >Acrobat ActiveX control
>> >> >because of some internal restrictions within Adobe ActiveX,
>it
>> >may
>> >> >be
>> >> >bypassed via:
>> >> >http://seclists.org/bugtraq/2007/Oct/0213.html but i didn't
>> >made
>> >> >tests).
>> >> >
>> >> >Also make sure that "mailto" handler is set to Internet
>> >Explorer 7
>> >> >(any 3rd
>> >> >party mail
>> >> >clients is not installed).
>> >> >
>> >> >PoC tested on WinXP SP2 Eng updated + Internet Explorer 7 +
>> >Adobe
>> >> >Acrobat
>> >> >Reader 8.1
>> >> >
>> >> >PoC: http://security.fedora-hosting.com/0day/pdf/pdf_poc.pdf
>> >> >Details: http://security.fedora-
>> >hosting.com/0day/pdf/pdf_poc.txt
>> >> >
>> >> >
>> >> >regards,
>> >> >cyanid-E <biz4rre@...il.com>
>> >> -----BEGIN PGP SIGNATURE-----
>> >> Note: This signature can be verified at
>> >https://www.hushtools.com/verify
>> >> Charset: UTF8
>> >> Version: Hush 2.5
>> >>
>> >>
>>
>>wpwEAQECAAYFAkcU2sAACgkQ+dWaEhErNvTD2AP9GWi6tgjXfSS6mmSEcNXCngEnJA
>X
>> >f
>> >>
>>
>>8p8i57pby3KmK6Os29OeesSIedRgM81MxrF8bZ2itPpNYtyrVAC5ztWEfAVJDP01z9
>C
>> >L
>> >>
>>
>>93B9OS/IdedZSvXokQAHrtEdO6wZHarddeE772GG3RfWlY5a/SA8agWUIkGAALugJy
>v
>> >R
>> >> gPyqE40=
>> >> =sCNw
>> >> -----END PGP SIGNATURE-----
>> >>
>> >>
>> >>
>> -----BEGIN PGP SIGNATURE-----
>> Note: This signature can be verified at
>https://www.hushtools.com/verify
>> Charset: UTF8
>> Version: Hush 2.5
>>
>>
>wpwEAQECAAYFAkcU7oUACgkQ+dWaEhErNvTuzAP/bgT6FkLr1a/g4ICZ+G+vIFympNG
>2
>>
>LRHvwum/30YdR4i3SCeASVioRI7N4Cty6cH0jKjF2DMp/uRJORsdHFXv4lJnquGo2lV
>H
>>
>li1RC5L8XsJkQ15S6MlHfIGPUvQri60h8DZwEtHn5eKzi8pQmTcBR8EKq9LkbrCMrnM
>l
>> ObNbaRU=
>> =gaS9
>> -----END PGP SIGNATURE-----
>>
>>
>>
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcU8MgACgkQ+dWaEhErNvR8pQP/d3WTIy9grtZOnVXBUkIGN8PskQkY
9c/UqQwTsWYvhbH18zcwI/5KGeBRKU3EoNvSsg2fVUQMAlG+V7HkkcVB389RkrntSlsq
nLDBDy5e6Rf7lGsENwCT0RWq8nCIhO7cKjrMGaUfR/jC5c4F13JJEgqC4j20wjG9FP6Y
aoH2Qms=
=ZERQ
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists