lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CABgawuaWFxxMtRwAhGKCYBOJnHgTX6pQcwd8UDw-gYO6=bg6WQ@mail.gmail.com>
Date: Thu, 17 May 2012 12:42:43 -0400
From: Charles Morris <cmorris@...odu.edu>
To: Григорий Братислава <musntlive@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Vulnerability in is Dopewars

You should have went to a CERT with this, shouldn't vendor
coordination be of urgency here?

On Thu, May 17, 2012 at 12:35 PM, Григорий Братислава
<musntlive@...il.com> wrote:
> Hello Full-Disclosure!! !! !!
>
> Is like to warn you about is vulnerability in Dopewars. I'm is
> discover vulnerability perhaps 10 years ago but is posting now.
>
> Is problem exist when carry more than is 50 cocaines and is Officer
> Hardass (pitifully armed) is kill 2 of is your bitches. Is when this
> happen player is obviously targeted!
>
> Is exploit will happen only when player is in is Brooklyn (not Queens)
> and is has identity given to Officer Hardass!
>
> Proof exist in code:
>
> 8056370:       85 c0                   test   %eax,%eax
> 8056372:       7f dc                   jg     8056350
> <gtk_clist_select_row@...+0x7da0>
> 8056374:       eb b9                   jmp    805632f
> <gtk_clist_select_row@...+0x7d7f>
> 8056376:       8d 76 00                lea    0x0(%esi),%esi
> 8056379:       8d bc 27 00 00 00 00    lea    0x0(%edi),%edi
> 8056380:       55                      push   %ebp
> 8056381:       89 e5                   mov    %esp,%ebp
> 8056383:       53                      push   %ebx
> 8056384:       83 ec 14                sub    $0x14,%esp
> 8056387:       8b 5d 0c                mov    0xc(%ebp),%ebx
> 805638a:       c7 44 24 04 00 00 00    movl   $0x46256595(%eip) //
> <------ Is hardcoded proof
>
> perl -e 'printf "Barrett your is bed is ready @ " . "0x" .
> "%02x"x4."\n",70,37,101,149'
>
> Is MusntLive not contact Dopewars developer this year but next when is
> I release new advisory!
>
> (NO IS HAMSTER IS HURT DURING IS MAKING OF IS POST AND IS NO
> LUMBERJACKS IS HARMED ISEVER SEKTIEWHOARE IS EXPOSED)
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ