[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Thierry@xxxxxxxxx
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Thierry@xxxxxxxxx
- From: Thierry Zoller <Thierry@xxxxxxxxx>
- Date: Mon, 14 May 2007 14:04:07 +0200
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><title></title>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<style type="text/css"><!--
body {
margin: 5px 5px 5px 5px;
background-color: #ffffff;
}
/* ========== Text Styles ========== */
hr { color: #000000}
body, table /* Normal text */
{
font-size: 9pt;
font-family: 'Courier New';
font-style: normal;
font-weight: normal;
color: #000000;
text-decoration: none;
}
span.rvts1 /* Heading */
{
font-size: 10pt;
font-family: 'Arial';
font-weight: bold;
color: #0000ff;
}
span.rvts2 /* Subheading */
{
font-size: 10pt;
font-family: 'Arial';
font-weight: bold;
color: #000080;
}
span.rvts3 /* Keywords */
{
font-size: 10pt;
font-family: 'Arial';
font-style: italic;
color: #800000;
}
a.rvts4, span.rvts4 /* Jump 1 */
{
font-size: 10pt;
font-family: 'Arial';
color: #008000;
text-decoration: underline;
}
a.rvts5, span.rvts5 /* Jump 2 */
{
font-size: 10pt;
font-family: 'Arial';
color: #008000;
text-decoration: underline;
}
span.rvts6
{
font-size: 11pt;
font-family: 'tahoma';
font-weight: bold;
color: #ffffff;
}
span.rvts7
{
font-size: 11pt;
font-family: 'consolas';
}
span.rvts8
{
font-size: 11pt;
font-family: 'tahoma';
}
a.rvts9, span.rvts9
{
font-size: 11pt;
font-family: 'consolas';
color: #800080;
text-decoration: underline;
}
a.rvts10, span.rvts10
{
font-size: 11pt;
font-family: 'consolas';
color: #0000ff;
text-decoration: underline;
}
a.rvts11, span.rvts11
{
font-size: 11pt;
font-family: 'tahoma';
color: #0000ff;
text-decoration: underline;
}
span.rvts12
{
font-size: 8pt;
font-family: 'arial';
font-style: italic;
color: #c0c0c0;
}
a.rvts13, span.rvts13
{
font-size: 8pt;
font-family: 'arial';
color: #0000ff;
text-decoration: underline;
}
/* ========== Para Styles ========== */
p,ul,ol /* Paragraph Style */
{
text-align: left;
text-indent: 0px;
padding: 0px 0px 0px 0px;
margin: 0px 0px 0px 0px;
}
.rvps1 /* Centered */
{
text-align: center;
}
--></style>
</head>
<body>
<p><br></p>
<p>Interesting, let's say I answer this troll for the fun of it..</p>
<p><br></p>
<p>Let's see</p>
<p><span class=rvts7>1 PHP Tend_Hash_Del_Key_Or_Index vulnerability</span></p>
<p><span class=rvts7>2 PHP HTML Entity Encoder Heaper Overflow
Vulnerability</span></p>
<p>- The website has no PHP scripts or PHP enabled</p>
<p><span class=rvts7>Apache Mode_Rewrite Off-By-One Buffer Overflow
Vulnerability</span></p>
<p>- The box has no mod_rewite </p>
<p>- Whats left I am vulnerable to header injection. hmmk to dumb you can't do
much with it ?</p>
<p><br></p>
<p>Thanks for your report though, I will deal with it accordingly, where the</p>
<p>trash again ? Oh and next time maybe instead of using Acunetix, which you
pirated</p>
<p>obviously (nice HTTP Headers you sent)..use your brain instead.</p>
<p><br></p>
<p>Maybe you should check the port 21 there's proftpd *hint* *hint* and
check</p>
<p>why port 10000 is a reject and not a drop.</p>
<p><br></p>
<p>Regards,</p>
<p>Thierry</p>
<p><br></p>
<p><br></p>
<div><table border=0 cellpadding=1 cellspacing=2 style="border-color: #000000;
border-style: solid;">
<tr valign=top>
<td width=14 style="background-color: #0000ff;">
<p><span class=rvts6>></span></p>
</td>
<td width=944 style="background-color: #ffffff;">
<p><span class=rvts7>Your Bluetooth nonsense is getting kind of
boring.</span></p>
<p><span class=rvts7>By the way, you should check out security more close to
home:</span></p>
<p><span class=rvts7>hxxP://secdev.zoller.lu/</span></p>
<p><span class=rvts7>website Vulnerable to:</span></p>
<p><span class=rvts7>1 PHP Tend_Hash_Del_Key_Or_Index vulnerability</span></p>
<p><span class=rvts7>2 PHP HTML Entity Encoder Heaper Overflow
Vulnerability</span></p>
<p><span class=rvts7>3 Unfiltered Header Injection in Apache
1.3.34/2.0.57/2.2.1</span></p>
<p><span class=rvts7>4 Apache Mode_Rewrite Off-By-One Buffer Overflow
Vulnerability</span></p>
<p><span class=rvts8> </span></p>
<p><span class=rvts8> </span></p>
<p><span class=rvts7>dude, you should go back to reading comics and stop
wasting our time</span></p>
<p><span class=rvts8> </span></p>
<p><span class=rvts7>Regards</span></p>
<p><span class=rvts7>winsoc</span></p>
<p><span class=rvts8> </span></p>
<p><span class=rvts8> </span></p>
<p><span class=rvts8> </span></p>
<p><span class=rvts7>"</span></p>
<p><span class=rvts7>Dear List,</span></p>
<p><span class=rvts7>I'd like to announce the immediate availability of BTcrack
Heisec Release. During the Heise Security Conference I released and demoed this
version of BTcrack, the Heisec Conference is held in Munich THIS Tuesday
15th. </span><a class=rvts9
href="http://www.heise.de/veranstaltungen/2007/heisec_konferenz/";>http://www.heise.de/veranstaltungen/2007/heisec_konferenz/</a></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>BTcrack is a pairing handshake cracker against Bluetooth
1.0 - 2.0 for more information please resort to the Paper by Shaked and Wool
and the website listed at the end of this E-mail.</span></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>In cooperation with PicoComputing (</span><a class=rvts10
href="http://www.picocomputing.com/";>http://www.picocomputing.com/</a><span
class=rvts7>) we added FPGA support to BTCrack 1.1 and increased the Software
speed by 15% reaching 200.00 keys per second on a stock P4-Dual Core
2.0ghz</span></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>Version 1.1 :</span></p>
<p><span class=rvts7>[+] Added Priority Control</span></p>
<p><span class=rvts7>[*] Fixed splash bug</span></p>
<p><span class=rvts7>[+] Added FPGA Support</span></p>
<p><span class=rvts7>[+] Speed increase (15%)</span></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>P4 2Ghz - Dual Core 200.000
keys/sec</span></p>
<p><span class=rvts7>E12 @ 50Mhz
7.600.000 keys/sec</span></p>
<p><span class=rvts7>E12 @ 75Mhz
10.000.000 keys/sec</span></p>
<p><span class=rvts7>E14
30.000.000 keys/sec</span></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>Thanks and Credits :</span></p>
<p><span class=rvts7>David Hulton</span></p>
<p><span class=rvts7>Eric Sesterhen</span></p>
<p><span class=rvts7>Myself (Thierry Zoller)</span></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>Download is available here :</span></p>
<p><a class=rvts10
href="http://www.nruns.com/_en/security_tools.php";>http://www.nruns.com/_en/security_tools.php</a></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7> </span></p>
<p><span class=rvts7>--</span></p>
<p><a class=rvts9
href="http://secdev.zoller.lu/";>http://secdev.zoller.lu</a></p>
<p><span class=rvts7>Thierry Zoller</span></p>
<p><span class=rvts7>"</span></p>
<p><span class=rvts8> </span></p>
<hr noshade size=2 >
<p><a class=rvts11
href="http://answers.yahoo.com/dir/index;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTEwOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx?link=ask&sid=396545367";>Food
fight?</a><span class=rvts8> Enjoy some healthy debate</span></p>
<p><span class=rvts8>in the </span><a class=rvts11
href="http://answers.yahoo.com/dir/index;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTEwOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx?link=ask&sid=396545367";>Yahoo!
Answers Food & Drink Q&A.</a></p>
</td>
</tr>
</table>
</div>
<p><br></p>
<p><br></p>
<p><br></p>
<p><br></p>
<p><span class=rvts12>-- </span></p>
<p><a class=rvts13
href="http://secdev.zoller.lu";>http://secdev.zoller.lu</a></p>
<p><span class=rvts12>Thierry Zoller</span></p>
<p><span class=rvts12>Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3
75DD 0AC6 F1C7</span></p>
</body></html>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/