lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4F96C5F5.9000909@xiscosoft.es>
Date: Tue, 24 Apr 2012 17:25:41 +0200
From: klondike <klondike@...cosoft.es>
To: Григорий Братислава
	<musntlive@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Vulnerability in Gentoo hardened

El 24/04/12 14:41, Григорий Братислава escribió:
> Is good evening.
Is good afternoon.
>  I is would like to warn you about is vulnerability in
> Backtrack is all version.
I is want to advise you on one failure in Gentoo Hardened at all types
> Backtrack Linux is penetration tester is system. Is come complete with
> tool for to make hacking for penetration tester.
Gentoo Hardened is advanced security is system. Is come complete with
hardened nucleum for to make at system is securer
> In is booting Backtrack, vulnerability exist in booting for when start
> if attacker is edit grub, attacker can bypass restricted user and is
> boot into admin account. E.g.:
In is making Gentoo Hardened, failure exist in sysadmin at when usage if
attacker is rubber hose, attacker can override authentication and is
make admin account. Making simple program. E.g.:
1. Apply rubber hose for sysadmin
2. Ask at password and try it.
3. If error make 1.

> I is will make this into video for bypassing security in Backtrack for
> to post on InfoSecInstitute
I is will be this for video by bypassing security at Gentoo Hardened or
to post by Youtube. I is named "Reservoir Dogs".

PD: Bad English written on purpose, please forgive me for any correct
grammar I may have used :P
PD2: Григорий seeing your historial I think the mail was a joke but
anyway, just in the improbable case it may not be:
  1. Bad administration issues are not global to a distro issues.
  2. Make sure a vulnerability is not a not so secure by design feature.
  3. Really if you ever want to write a paper or something make sure you
get it readen by at least two or three english speaking partners for
your own sake.


Download attachment "signature.asc" of type "application/pgp-signature" (263 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ