Full Disclosure mailing list archives
Re: Is www.sco.com hacked?
From: "Elia Florio" <eflorio () edmaster it>
Date: Mon, 29 Nov 2004 15:56:08 +0200
There are these two JPG files on www.sco.com : (the good one) http://www.sco.com/images/landing_pages_new/webinar_land2.jpg (the supposed hacked one) http://www.sco.com/images/landing_pages_new/webinar_land2-1.jpg These are the JFIF headers of the images: (the good one) 0100 FF D8 FF E0 00 10 4A 46-49 46 00 01 02 01 00 48 ......JFIF.....H 0110 00 48 00 00 FF E1 0C 22-45 78 69 66 00 00 4D 4D .H....."Exif..MM 0120 00 2A 00 00 00 08 00 07-01 12 00 03 00 00 00 01 .*.............. 0130 00 01 00 00 01 1A 00 05-00 00 00 01 00 00 00 62 ...............b 0140 01 1B 00 05 00 00 00 01-00 00 00 6A 01 28 00 03 ...........j.(.. 0150 00 00 00 01 00 02 00 00-01 31 00 02 00 00 00 14 .........1...... (the supposed hacked one) 0100 FF D8 FF E0 00 10 4A 46-49 46 00 01 02 00 00 64 ......JFIF.....d 0110 00 64 00 00 FF EC 00 11-44 75 63 6B 79 00 01 00 .d......Ducky... 0120 04 00 00 00 3C 00 00 FF-EE 00 0E 41 64 6F 62 65 ....<......Adobe 0130 00 64 C0 00 00 00 01 FF-DB 00 84 00 06 04 04 04 .d.............. 0140 05 04 06 05 05 06 09 06-05 06 09 0B 08 06 06 08 ................ 0150 0B 0C 0A 0A 0B 0A 0A 0C-10 0C 0C 0C 0C 0C 0C 10 ................ ....mmmm I remember the "Ducky Adobe" strings in the crafted JPEGs of GDI+ bugs.....maybe just a coincidence? EF ________________________________________________ Messaggio inviato da Edizioni Master Webmail http://mbox.edmaster.it _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Is www.sco.com hacked?, (continued)
- Re: Is www.sco.com hacked? Kevin Finisterre (Nov 29)
- Re: Is www.sco.com hacked? Joe Matusiewicz (Nov 29)
- Re: Is www.sco.com hacked? adf--at--Code511.com (Nov 29)
- Re: Is www.sco.com hacked? DanB UK (Nov 29)
- Re: Is www.sco.com hacked? Joel Merrick (Nov 29)
- Re: Is www.sco.com hacked? Bart . Lansing (Nov 29)
- Re: Is www.sco.com hacked? Danny (Nov 29)
- Re: Is www.sco.com hacked? Brian Porter (Nov 29)
- RE: Is www.sco.com hacked? Randal, Phil (Nov 29)
- Re: Is www.sco.com hacked? class 101 (Nov 29)
- Re: Is www.sco.com hacked? Elia Florio (Nov 29)
- Re: Is www.sco.com hacked? dk (Nov 29)
- Re: Is www.sco.com hacked? Andrew Farmer (Nov 29)
- Re: Is www.sco.com hacked? dk (Nov 29)
- RE: Is www.sco.com hacked? Hans Peter Smyk (Nov 29)
- AW: Is www.sco.com hacked? Robert Marquardt (Nov 29)
- Re: AW: Is www.sco.com hacked? dk (Nov 29)
- AW: Is www.sco.com hacked? Robert Marquardt (Nov 29)
- RE: Is www.sco.com hacked? Todd Towles (Nov 29)
- Re: Is www.sco.com hacked? Jason Coombs (Nov 29)
- Re: Is www.sco.com hacked? Cedric Blancher (Nov 29)
- RE: Is www.sco.com hacked? Todd Towles (Nov 29)