| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4F798694.7080702@gmail.com> Date: Mon, 02 Apr 2012 06:59:32 -0400 From: Dan Rosenberg <dan.j.rosenberg@...il.com> To: "ZeroDay.JP" <unixfreaxjp22@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: An April Fools' Day Android Payload Hendrik, Well, they know about it now. ;-) I figured it was appropriate for April Fools' Day in keeping with the spirit of mischief. I wouldn't worry too much about seeing exploitation of what amounts to a local DoS vulnerability that requires a compromised browser session to exploit. It would be sort of silly to go through the effort to own someone's phone with the end goal of being a minor inconvenience to them. And sorry about the bad formatting on the original post, seems my text editor, email client, and this mailing list just didn't get along this time. Clean version at: http://vulnfactory.org/exploits/aprilfools.S Regards, Dan On 04/02/2012 04:42 AM, ZeroDay.JP wrote: > Mr. Rosenberg, > > I understand the PoC you coded and its affect to APT. > But for the April's fool connection, I just don't get it :-) > > Does Google know it yet? > > regards, > > --- > ZeroDay Japan http://0day.jp > Hendrik ADRIAN /アドリアン・ヘンドリック > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists