lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAPGeVWME849DTECyeJEy25WNwkkxZBWSAd5mG-Jy37nJs1puDA@mail.gmail.com>
Date: Tue, 14 Feb 2012 16:46:09 -0700
From: Sanguinarious Rose <SanguineRose@...ultusterra.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Arbitrary DDoS PoC

Now, I had to do it. I took a look at his other projects (I know, I
know..., it has begun)

https://github.com/lfamorim/IntensiveDoS

If you thought the python code was bad... It doesn't even do anything
remotely effective. Now, pthreads has a cap of around 200 max threads
(depends on compile options, platform, etc.) a single process can do.
If this was even remotely "Intensive" it would be using async sockets
which you can at least get a few K of connections. Should I even
mention it just disconnects after connecting kinda rendering well, I
can't think of a polite way to say it, utterly useless. Any properly
setup http, apache even, can reflect this like throwing cotton balls
but in his case he is claiming the cotton balls are somehow really
bowling balls.

*http_header = "GET / HTTP/1.1\r\n\r\n";

This HTTP request doesn't include a "Host" field hence breaking the
HTTP 1.1 standard before we even begin.

I also noticed he doesn't believe in functions with variables instead
relying on globals.

Sections of the code sometimes use { } for a single
if/while/else/for/etc. statement and some don't which makes me wonder
if it's copy/paste. In my experience and in my own programming they
usually don't dash their code with such style irregularities.

Now inside his Makefile:

rm -rf IntensiveDoS IntensiveDoS.o

Do you seriously need to recursively deleted two files forcefully?

Now on this: https://github.com/lfamorim/Connect-Back-Win32-Trojan

All I can really say is it's not a very good trojan if it leaves a big
black console screen and if you click the 'X' it goes away /
terminates the reverse shell. The standard reverse shell code can be
found on google with many more improvements and there is nothing
really innovative or interesting here.

Now This: https://github.com/lfamorim/rebreaker

All I can say is 12 lines of code being called "Extremely advanced
algorithm to remove distortions from recaptcha images, allowing OCR."
using http://projects.scipy.org/scipy/milestone/0.10.0 is rather well.
Just take a look (the main 2 lines of the program that do anything).

for i in WordSlice(imread(argv[1], True)).get_words():
Hough(i).find_ellipses(lambda img: imresize(img, 0.4, 'bilinear'))

I don't think I have to say anything else for those two lines of
"Extremely advanced algorithm" besides this single line.

lfamorim pushed to master at lfamorim/rebreaker February 14, 2012 =>
40369be making things more efficient.


Combine the above with his "proxy botnet" using curl I have to ask....
why would anyone respond to this guy in a logical fashion when it is
obvious he does not know what he is doing. He is as bad as Steve
Gibson ranting about raw socket support in WindowsXP and how it's
going to end the entire internet, only in this case he is referring to
open proxies.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ