lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4DF12960.9080008@trelane.net>
Date: Thu, 09 Jun 2011 16:13:20 -0400
From: Andrew D Kirch <trelane@...lane.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: LulzSec EXPOSED!

A back door with s***ty code

On 6/9/2011 4:43 AM, McGhee, Eddie wrote:
> Lol wtf is a bugdoor hahaha
>
> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Jen Savage
> Sent: 07 June 2011 00:09
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] LulzSec EXPOSED!
>
> ooo ooo speculation time!
>
> - Hacker creates website that offers "free online password management"
> - in javascript
> - bugdoors it
> - collects passwords
> - uses passwords
>
> TL;DR: over 9000 lulz were had
>
> -Jen
>
> On Mon, Jun 6, 2011 at 8:26 AM, T Biehn<tbiehn@...il.com>  wrote:
>> LOL @
>> "A timing attack on ssh passwords over the net?"
>>
>> and
>>
>> "I think its just a bruteforce."
>>
>> -Travis
>>
>> On Mon, Jun 6, 2011 at 7:58 AM, Gichuki John Chuksjonia
>> <chuksjonia@...il.com>  wrote:
>>> I think its just a bruteforce.
>>>
>>>
>>>
>>>
>>> On 6/6/11, Andreas Bogk<andreas@...reas.org>  wrote:
>>>> Excerpts from lulzfail's message of Mo Jun 06 08:39:42 +0200 2011:
>>>>> Lulzsec == pwnt
>>>> I've seen the log you pasted to pastebin.  Is this:
>>>>
>>>>   * A timing attack on ssh passwords over the net?
>>>>   * Fake, to distract us from your real 0day?
>>>>
>>>> Andreas

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ