jf | 1 Nov 07:04 2007
Picon

Re: Flash that simulates virus scan

must be on one of the .gov red teams ;]

On Wed, 31 Oct 2007, reepex wrote:

> Date: Wed, 31 Oct 2007 16:56:20 -0500
> From: reepex <reepex <at> gmail.com>
> To: Joshua Tagnore <joshua.tagnore <at> gmail.com>,
>     full-disclosure <at> lists.grok.org.uk
> Subject: Re: [Full-disclosure] Flash that simulates virus scan
>
> resulting to se in a pen test cuz you cant break any of the actual machines?
>
> lulz
>
> On 10/31/07, Joshua Tagnore <joshua.tagnore <at> gmail.com> wrote:
> > List,
> >
> >     Some time ago I remember that someone posted a PoC of a small site that
> > had a really nice looking flash animation that "performed a virus scan" and
> > after the "virus scan" was finished, the user was prompted for a "Download
> > virus fix?" question. After that, of course, a file is sent to the user and
> > he got infected with some malware. Right now I'm performing a penetration
> > test, and I would like to target some of the users of the corporate LAN, so
> > I think this approach is the best in order to penetrate to the LAN.
> >
> >     I searched google but failed to find the URL, could someone send it to
> > me ? Thanks!
> >
> > Cheers,
> > --
(Continue reading)

lsi | 1 Nov 04:16 2007
Picon

Re: spammer wades into US Presidential race

> Did you try contacting his campaign, and asking them if it was theres?
>  While they may not fess up,  it wouldn't hurt.

Actually, it would hurt my wallet, and waste my time, compounding the 
loss
already incurred by receiving the spam in the first place.

> Also, if you really believed that it might come from his campaign,

I didn't say that.

> wouldn't it be worth trying to find out if

No.

> Simply postulating that it's his (considering spamming is not a nice

I didn't do that.  But now you mention it - why would a spammer 
divert precious bandwidth from sending profitable spam?  That's gonna 
cost him money.  Either the spammer donated his resources for free, 
or someone paid - and who is that most likely to be?   You?  Me?  Ron 
Paul?  Hilary Clinton?  You decide.

> thing) without even checking his record on such a topic, and claiming
> "newsworthy" isn't quite... nice.

Check out Wired's take on it here:

http://www.wired.com/politics/security/news/2007/10/paul_bot

(Continue reading)

reepex | 1 Nov 04:40 2007
Picon

Re: Flash that simulates virus scan

dont you listen to pdp ever? the government uses xss and bruteforces
remote desktop logins

http://seclists.org/fulldisclosure/2007/Oct/0417.html

pdp: "military grade exploits? :) dude, I am sorry man.. but you are living
in some kind of a dream world. get real, most of the military hacks
are as simple as bruteforcing the login prompt.. or trying something
as simple as XSS."

------

pdp is an hero and a computer security expert and based on his fans
from the list he is the greatest researched since lcamtuf. his word =
gold

On 11/1/07, jf <jf <at> danglingpointers.net> wrote:
> must be on one of the .gov red teams ;]
>
>
> On Wed, 31 Oct 2007, reepex wrote:
>
> > Date: Wed, 31 Oct 2007 16:56:20 -0500
> > From: reepex <reepex <at> gmail.com>
> > To: Joshua Tagnore <joshua.tagnore <at> gmail.com>,
> >     full-disclosure <at> lists.grok.org.uk
> > Subject: Re: [Full-disclosure] Flash that simulates virus scan
> >
> > resulting to se in a pen test cuz you cant break any of the actual machines?
> >
(Continue reading)

reepex | 1 Nov 04:55 2007
Picon

Re: ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability

post auth sql injection in random admin console - lulz

On 10/31/07, zdi-disclosures <at> 3com.com <zdi-disclosures <at> 3com.com> wrote:
> The specific flaw exists in the okxLOV.jsp page in the Administration
> console.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

reepex | 1 Nov 04:57 2007
Picon

Re: ZDI-07-063: RealPlayer RA Field Size File Processing Heap Oveflow Vulnerability

user interaction on a random file format? haven't we been over this
types of bugs?

This pool of zdi bugs is almost more laughable then idefense's aix spam flood

On 10/31/07, zdi-disclosures <at> 3com.com <zdi-disclosures <at> 3com.com> wrote:
> This vulnerability allows remote attackers to execute code on vulnerable
> installations of RealPlayer.  User interaction is required in that a
> user must open a malicious .ra/.ram file or visit a malicious web
> site.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Aaron Katz | 1 Nov 05:11 2007
Picon

Re: spammer wades into US Presidential race

> Actually, it would hurt my wallet, and waste my time, compounding the
> loss
> already incurred by receiving the spam in the first place.

But it's worth your time to forward spam to everyone on the
full-disclosure mailing list.

> > Also, if you really believed that it might come from his campaign,
> I didn't say that.

Then what benefit was there to forwarding it along?

> > Simply postulating that it's his (considering spamming is not a nice
> I didn't do that.

Then I apologize if I read too much into your email.

> But now you mention it - why would a spammer
> divert precious bandwidth from sending profitable spam?  That's gonna
> cost him money.  Either the spammer donated his resources for free,
> or someone paid - and who is that most likely to be?   You?  Me?  Ron
> Paul?  Hilary Clinton?  You decide.

I'd rather wait for some form of evidence.  Right now all that is
available is gossip.

> > thing) without even checking his record on such a topic, and claiming
> > "newsworthy" isn't quite... nice.
> Check out Wired's take on it here:
> http://www.wired.com/politics/security/news/2007/10/paul_bot
(Continue reading)

scott | 1 Nov 05:09 2007
Picon

Re: Flash that simulates virus scan


It would be nice if the people who ridicule pdp would actually do some
research in the field of JS exploits before passing judgement.

Two places I can think of are RSnake's blog at http://ha.ckers.org/
and also the forum: http://sla.ckers.org/forum/
You might learn something regarding the dangers of XSS.

Cheers,
Scott
reepex wrote:
> dont you listen to pdp ever? the government uses xss and bruteforces
> remote desktop logins
>
> http://seclists.org/fulldisclosure/2007/Oct/0417.html
>
> pdp: "military grade exploits? :) dude, I am sorry man.. but you are living
> in some kind of a dream world. get real, most of the military hacks
> are as simple as bruteforcing the login prompt.. or trying something
> as simple as XSS."
>
> ------
>
> pdp is an hero and a computer security expert and based on his fans
> from the list he is the greatest researched since lcamtuf. his word =
> gold
>
>
>
> On 11/1/07, jf <jf <at> danglingpointers.net> wrote:
(Continue reading)

Nick FitzGerald | 1 Nov 05:32 2007
Picon
Picon

Re: Flash that simulates virus scan

Joshua Tagnore wrote:

>     Some time ago I remember that someone posted a PoC of a small site that
> had a really nice looking flash animation that "performed a virus scan" and
> after the "virus scan" was finished, the user was prompted for a "Download
> virus fix?" question. After that, of course, a file is sent to the user andu
> he got infected with some malware. Right now I'm performing a penetration
> test, and I would like to target some of the users of the corporate LAN, so
> I think this approach is the best in order to penetrate to the LAN.

That approach is dying/has kinda died...

>     I searched google but failed to find the URL, could someone send it to
> me ? Thanks!

...I mean, why arse around with authoring such large, complex SWFs when 
you can achieve about as compelling an effect with JavaScript?

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

silky | 1 Nov 12:45 2007
Picon

an open letter to kevin bacon: hello, how's it going?

please, if you know kevin bacon, can you forward this mail to him, and
have him reply to me? or at least if you know someone who you think
might then know him, please send it on. i'm testing something.

thanks.

==========================================================

hi kevin!

 it's mike! how are you? doing any new movies? i hope so. keep up the
good work. all the best.

--

-- 
mike

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Bernhard Mueller | 1 Nov 13:06 2007

SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALL SSL-VPN Client

SEC Consult Security Advisory < 20071101-0 >
=====================================================================================
                  title: Multiple vulnerabilities in SonicWALL SSL-VPN
Client
                         * Deletion of arbitrary files on the client
                         * Arbitrary code execution thru various buffer
overflows
                program: SonicWALL SSL-VPN
     vulnerable version: SonicWALL SSL-VPN 1.3.0.3
                         WebCacheCleaner ActiveX Control 1.3.0.3
                         NeLaunchCtrl ActiveX Control 2.1.0.49
               homepage: www.sonicwall.com
                  found: 04-23-2007
                     by: lofi42
             perm. link: http://www.sec-consult.com/303.html
=====================================================================================

Vendor description:
---------------

SonicWALL SSL-VPN solutions can be configured to provide users with
easy-to-use, secure and clientless remote access to a broad range of
resources on the corporate network.

Vulnerabilty overview:
---------------

The SonicWALL SSL-VPN solution comes with various ActiveX Controls which
allows users to access the VPN with Internet Explorer. These controls
contain various vulnerabilities. An attacker could take control of the
(Continue reading)


Gmane