lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a46d7eaa0907151317s2f342dfcv513576873a5b8e1e@mail.gmail.com>
Date: Wed, 15 Jul 2009 21:17:33 +0100
From: saphex <saphex@...il.com>
To: str0ke <str0ke@...w0rm.com>
Cc: Ant-Sec Movement <anti.sec.movement@...il.com>,
	full-disclosure@...ts.grok.org.uk
Subject: Re: Ant-Sec - We are going to terminate
	Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered

Hi,

I generally don't answer to this *kind of stuff* (read netdev soap
operas alike), but this is becoming funny. I want to point out some
flaws in your logic/strategy, I'm not going to put a twist to your
words to infer that you wrote something absurd, rather, I will really
just point out some flaws.
If I was about to own a web site, which have very capable people
behind it (like str0ke) I wouldn't come to brag about it because of
two reasons (there are many more but...):

1) If the site administrator took my threats seriously I would have to
expect that some kind of counter-measures would be put in place:
   - Packet sniffer with a SSH traffic filter (0-day exploit not so 0-day now)
   - Backups in other remote servers (if not already done)
   - ....

2) Yet again, if the site administrator took me seriously, I would
expect retaliations. I wouldn't take as granted the *confidentiality*
of the Internet or of any the hosts already compromised by me in order
to make the attack.

There is other flaws, but there is no need to point them out.

Be good, peace,
saphex

On Wed, Jul 15, 2009 at 6:02 PM, str0ke<str0ke@...w0rm.com> wrote:
> Ant-Sec Movement wrote:
>> Once we have dealt with Hackforums.net, we will terminate Milw0rm.
>> Better you had quit and left it at that, Str0ke, for now milw0rm.com
>> <http://milw0rm.com> will be completely and utterly wiped. It is the
>> second highest target after Hackforums.net.
>>
>
> I would like to opt out on the milw0rm termination / wipage.  Secondly
> when hackforums.net comes back online and are owned by anti-sec, can I
> be moved to the bottom of the list if opting out isn't possible?  If
> there are only 2 targets on the list, can you insert 5 to 6 targets in
> between hackforums and milw0rm bumping it down a few notches.  If
> hackforums.net doesn't ever come back online, do I get stuck in limbo
> waiting until they get wiped free card?  If so hackforums.net please
> stay offline, thanks.
>
> /str0ke
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ