lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALCvwp7RyZoX_6ms_NzspNzcbBQ_ZNmJD=2KU7=W0Ywcf0GiqA@mail.gmail.com>
Date: Fri, 11 Nov 2011 10:54:57 +1100
From: xD 0x41 <secn3t@...il.com>
To: Henri Salo <henri@...v.fi>, Sam Johnston <samj@...j.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Steam defaced

ha...well ill be...
@Henri
A friend of mine, used to be able to shell steam, using sql but, he
failed to be able to keep the shell uploaded, they were running some
kind of 'cleaner' every 2minutes or so checking for any inclusions,
wich then would delete, or simply had a good sigs list , but this was
also for valve.. I do think tho the guy who was able todo this BakO,
very skilled with webs sql, was able to only get that far asfar as
rfis, and sql, but, i assume if he had wanted to deface then, they
were vuln to atleast sql ayear ago atleast, i know that same problem
is always thru and thru, the shell is deleted or bot is deleted, even
when exploits were succeeding...
This maybe true and maybe why they defaced, coz there was nothing else
maybe todo ... interesting but, again, a prooven failboat, and they
also handle masses of cc's :S and accounts of steam, god... some ppl
would live of a db from here!
Good read.
cheers.


@Sam Johnston
about the clouds, dude, i found the whole attacking of amazon as rude,
and shit, so, as i said before, your a lamer. and, just stfu and wear
it, thats MY opinion i did not say the whole list has to follow
shithead.
stfu and ride your magical carpet thru the clouds... :P~
to the others who find cloud bs amusing, or ripping or fucking with
amazon as amusing, go read what your kids are buying shit from.. then
maybe you would see, some places, you do not fuck with, you ttreat
with respect, because they sometimes wont affect you directly, but
oneday, it wmay well do this, thanks to your silly exploits on things
that should not be used like this, features manipulated into
exploits...shit, you should not be disclosing shit with amazon, on Fd,
fullstop.
If you cannot see my view then, your just as stupid as i have thought.
now go play with your cloud formations, and upload some f1les to s0m3
l33t 4p4ch3 s3rv3r kid.


eh sorry henri and others, but i had to just get that out to, about
cloud/sploitcloud... it is fkn ridicuoud...asking for trouble, people
like that should get knocks on the door, simply to be put into a
mnental home for theyre own good.

cheers!




On 11 November 2011 10:25, Henri Salo <henri@...v.fi> wrote:
> As I usually have good news.. Here is some more: http://forums.steampowered.com/forums/
>
> Steam joins the failboat.
>
> Regards,
> Henri Salo
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ