lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <6341B9AD-6942-4B67-BBD2-3A1C9176B242@ariko-security.com>
Date: Mon, 20 Dec 2010 15:27:37 +0100
From: Maciej Gojny <vuln@...ko-security.com>
To: full-disclosure@...ts.grok.org.uk
Subject: CCBILL critical vulnerability story part II

hello  FULL  DISCLOSURE!

We have found nice story about our previous ccbill advisory:
http://gfy.com/showthread.php?t=982701&page=2

 CCBILL CEO Ron C has written:

"This report was a complete joke. This was just a variation of a Nigerian scam. We contacted the website and they responded via GMAIL if we would "Western Union" them 10k they would tell us what was wrong. LOL They create a fake security page and post stuff and hope companies will pay the blackmail money VIA WESTERN UNION (LOL) 
But hey if it is on the Internet it MUST BE TRUE. 
End of Story. "

@Ron C everything you wrote is a lie! We will release soon full ccbill story part #2 with CCBILL working exploits, all chat logs etc...i hope you and William Bell will like it :)

You had enough time to fix all vulnerabilities (4 months).

regards,

Marcin Wrona
Ariko-Security TEAM



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ