Pwnpress 0.2 out (with the infamous GUI suggested by few people)

["Lance M. Havok" <lmh () info-pull com>]

Well, that's pretty much the whole thing. A post-auth (least
privileges required) exploit for 2.1.2 will be added soon, as well
fixing any remaining issues (and implementing the 2.0.5 exploit too).

Right now the interesting thing is the GUI. With music (Jesus H.
Christ suggested The Final Countdown, by Europe, since there's a
common belief about the end of blogging, circa 2008. I'm eager to see
it happening!). I heard someone modified the code to work for MU
versions of Wordpress, just for kicks. Hope the development folks at
wordpress.org release a (backdoor-free) update this time.

> From now on I might try to waste my time playing something else, since
I'm falling in boredom once again. Nothing new around, Myers is still
able to troll a whole crowd of certification hungry professionals and
I didn't manage to start blogging pictures of the random underage
women who had the fate of visiting my twilight zone. Someone likes
guns and he shows photos of his desk loaded of plastic pellet guns and
what not [1]. The security industry doesn't change, the same
disclosuretards keep flaming the unethicaltards and the ARC
(Association of Retarded Citizens) [2] keeps the politically incorrect
advertisements (I sort glass too, please don't throw me away).

I think I'm going to get a trip to Germany, visit the place where the
Führerbunker is supposed to be, and start digging with my bare hands.
Then seize some random Arian woman into the bunker, and commit suicide
while singing Am Adolf Hitler platz, dancing to the rhythm of the
Mickey Mouse squadron, err, symphony.

That said, you can find the latest Pwnpress code and GUI at:
http://www.info-pull.com/code.dynp
http://www.info-pull.com/code/pwnpress.rb
http://www.info-pull.com/code/pwnpress-gui.rb

http://www.info-pull.com/code/pwnpress-gui.rb.html
http://www.info-pull.com/code/pwnpress.rb.html

GUI screen-shot: http://www.info-pull.com/code/pwnpress-gui.png

For amazing video collections from my friend Mr. Green, just run
heiseNikto against that.

I have yet to pick my favorite one, with such gems I feel tempted to
pick 'em all. They are in fact safe for work, since most security
vendors don't bother buying speakers for the workstations, and we all
know what everyone does when lurking lonely inside a small cubicle.
Don't be an hypocrite, we know you like strip clubs and stuff!
Obviously Scatman John songs are not lapdance friendly, unless you are
into disgusting fetishes.

1: http://www.info-pull.com/code/maynor-home-office.jpg
2: http://www.youtube.com/watch?v=LtIStHj7o3k



PS: Don't start sending infinite Wordpress advisories please, give me
a break. And trust me when I say that if Myers confirms the
trollability of someone or something else, it's really trollable. And
there's no other way around it. He's got the final, last word on all
that is demagogic in this world. And you should fear him, by all
means. It takes him a one liner to break a sane mind into a wasted
bunch of shards!
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave