| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <op.wyfemtu4q6jdse@localhost> Date: Mon, 10 Jun 2013 02:19:31 +0700 From: kai <kai@...nn.net> To: "An unmoderated mailing list for the discussion of security issues" <full-disclosure@...ts.grok.org.uk> Subject: Re: Botnet using Plesk vulnerability and takedown my action supposed to be a counter-measure agains bad guys who could register that domain and host some bad code there. you know that kind of social engineering, right? - post some fake or real advisory on popular security forum/maillist - give a link to the "patch" - ???? - get a lot of roots i think it will be better to have that link offline - some guys will blindly run your code, then they will find out that it doesn't work and they will get enlightened by reading the code and realizing that they must change the link themselves. On Sat, 08 Jun 2013 23:50:15 +0700, <jtagtgc@...mail.org> wrote: > We put that domain in as example, obviously we not disclose our real > domain. On that domain is the clean.pl script, obvious enough. > > Also, thanks to person who register domain, you now have badass domain > name. Perhaps host the clean.pl as final_solution.txt in webroot? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists