Full Disclosure mailing list archives
vulnrability for dummy 101
From: "brent" <auto94042 () hushmail com>
Date: Mon, 4 Aug 2003 19:44:54 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 holos gentlemens of the list, it is once again time to bdazzl the F D SUBS with some new 0day . . this time i try to make some focus on some verry silly vulnearbilties that i often see report to the list . . .call these a joke 0day , but i do not mean to make monkey busines so much as offend and pleez remeber that there is very serious under curret to the vulnreabitiles for dummy 101 ! pleez know that i say no name or point the figger for any one of these one becuase i believe in mantainging civil affair with the F D SUBS , even if len ross and john cartwrit do not make an ear to my concern of the chartr , , HMMHP! there is a few termenlogy that i use to make the point since i do not have oxferd dictionry - STFU - means pucker your lip round the noddle of enema bag full of warm poopy swill of STFU ! ! ! STT - still the tounge buddy ! not a sever as STFU ! ! ! but it gives the good indicate of ** STFU ! is coming next RTFM - self-explain RTFRFC - self-explain to but if you do not know it, send me the msg and i give you my thought on this one - - - i send ti strait to the /dev/null should you need to know, i divise this into real v s fake vulners . - -- {REAL} - issue #1 - db hijacker with mysql type : adminner v s. hackerer race conditon lack of defalt passwd on mysql db allows root hijackering if you beat the adminning one to the race when making the db first . xploit codes > > > $ mysql -u root now the root is hijackered if the adminner does not become root first and set the passwd . solution -- > STFU && RTFM ! iusse # 2 = i see one like this on the F D lits : type - fail to amor the OS in lead v s . peering monkey eyes of xray hackerer aceess_log info disclose , if local one reads the access_log of apach then they know the secretes ! solutions --> - -rw-r----- 1 root root 8273 Aug 3 01:04 access_log aslo for good messure you can STFU !. issue 3 > case ; simple honnest mistake in file manage i also see one like this clowning around on the list . . . desktop destruct --- systems test: win2k and winxp SP! fill the desktop with >2GB uyseless grabbage in folder and stuff and the desktop goes KABLAAMO like ! ! quicktask bar has no icon anymore and all the desktop shotcut go straight to the /dev/null . . . does it maybe work for you ? ? it happen two times to me both because of needing the easy access to monkey affairs pics+vids with certain college ladies of diff. hetirage playing in the bath , this punish make me learn to put the monkey affairs file somewhere else . soluttions - - STT my freind, it happen to anyone and make an honnest mistake . {{{ FAKE }}} isue #1 - type : similar to xrays eye but wiuth some ftp monkey biz on the brain plain tex passwd in ftpconf file. i see many a one like this but thik about it F D SUBS , does the passwd not go over ther IP in plantext ? ? ? note pad is very usful autorotter but try something else, like tcpdup, it rooters just the same . solutions - - RTFRFC || ponder the NTFS or nuix permiss if you canot read(this is good for most passwd in the clear vulners! 1) issue # @ - - - path disclos or phpinfo(0 or file.inc disclose or most the rest of problematic sec isue in phpshitboard .. cause ; fail of F D msger to have a brain in his skull soluttion >>> RTFM, STFU || do a live action mode of you hischool death sonnet (i read it in /home/fdmsger: " nobdy cares about me , , black clouds circle 'tween my head like the evil chuerubims , , , if i take the daggur and painter this world red with my iner sorro . . . does any buddy miss me the more ? " trust me, no buddies missing you ! ! ! you find more fulfill at evrkwest than read /write the F D any how . . . is it just me that make this observe but are paul shclemel and pat szabo the same guyy ? ? ? greetz : : ldreamerz - we patners in crime / ! stephan ketz , , , we need to hackered some softs togehter sometime dud! , gunisky and his PF words of guide , p S S : remeber to have it in your head for every word you speask that you must consider wether to STFU , STT , RTFM and last resort is RTFRFC . . . && more of you that talk about adminnery on F D is less of you to adminn the boxen !' m$ is not the sole blame of ppl making hot air baloon on the list and getting hackered in the mentime ,. - --- [user]@(hush|hushmail).com iz truely the niggur of the inter net ! ! "if one spendings is greeter on jolt ! then on the person's hygene, like shampoo and deodor , then one is the hackster . . . whats more, one deserve to be the hacker @" - anony whitehouse soucre -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.3 wkYEARECAAYFAj8uxhUACgkQarKSBij8yIJtxwCdFyO+pzicj1fkQL7RYii3WFHiFicA oI4CY/hGqlDZii7Or2MpDKIvvTk8 =x2MC -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get FREE encrypted email: https://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger https://www.hushmail.com/services.php?subloc=messenger&l=434 Promote security and make money with the Hushmail Affiliate Program: https://www.hushmail.com/about.php?subloc=affiliate&l=427 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- vulnrability for dummy 101 brent (Aug 05)