lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 08 Oct 2014 12:25:56 -0400
From: illwill <illwill@...mob.org>
To: fulldisclosure@...lists.org
Subject: Re: [FD] Yahoo! hacked on October 5, 2014...

http://www.wired.com/2014/10/shellshockresearcher/

On 10/7/2014 3:42 PM, Pål Nilsen wrote:
> I guess this is related?: https://news.ycombinator.com/item?id=8416393
> On 7 Oct 2014 20:51, "Jonathan Hall" <jhall@...uresouth.us> wrote:
>
>> I submitted to Yahoo! earlier some documentation detailing both the
>> "shellshock"/bash vulnerability and how my research on it lead me to
>> discovering that Yahoo!'s internal servers had been compromised, and that
>> the individuals were working on traversing their network. It was not until
>> I contacted several media outlets and the FBI that they actually responded.
>> However, once they responded, they did confirm the servers were breached.
>> Their answer to the lack of contact methods available is absolutely absurd
>> in my opinion. In fact, the entire response was a joke. The fact that they
>> informed me I could have used the bug bounty system to report it - though
>> it's not eligible for a bounty - is equivalent to saying - "Thanks, but so
>> we're clear, we don't owe you crap, but let us know if anything else comes
>> up." Perhaps if they weren't busy paying CEO's absurd salaries, they could
>> afford to hire an IT staff that's not fresh out of ITT Technical Institute
>> and sporting pull-ups.
>>
>> Please see the rest of everything related to this at
>> http://www.futuresouth.us/yahoo_hacked.html Andhttp://
>> www.futuresouth.us/yahoo_response.jpg for their response. Email copy has
>> been attached.
>>
>> Non-authoritative answer: Name: dip4.gq1.yahoo.com Address: 63.250.204.25
>>
>> Non-authoritative answer: Name: api118.sports.gq1.yahoo.com Address:
>> 10.212.240.43
>>
>> These are the two servers that were 100% positively identified as being
>> compromised, with the dip4.gq1.yahoo.com server being the initial point
>> of entry via Shellshock.
>>
>> Jonathan D. Hall
>>
>> Future South Technologies
>> www.futuresouth.us
>> (504) 470-3748 - [main]
>> (504) 232-3306 -  [cell]
>>
>>
>> Life is a dream for the wise, a game for the fool, a comedy for the rich
>> and a tragedy for the poor.
>>
>>
>> _______________________________________________
>> Sent through the Full Disclosure mailing list
>> http://nmap.org/mailman/listinfo/fulldisclosure
>> Web Archives & RSS: http://seclists.org/fulldisclosure/
>>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> http://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists