Re: New Source Code Vulnerability Scanner (Free 30 Day Trial)

[Jens Christian Hillerup <jens () hillerup net>]

Dropping a 0day for y'all.

So I found a vulnerability in the license management code in this
software. It's off the top of my head, and is presented in an untested
state. It seems, however, that if you continue using the software
*after* the free 30-day trial it will actually continue working! This
is due to a very week license management implementation, relying on
the user agreeing to remove the software after having used it for a
total of thirty days.

This flaw affects all known builds of the source code posted, and
stands currently with no workaround or hotfix. The vendor has yet to
be contacted, but is expected to push a patch for this vuln any day
now.

-jc

On Thu, Dec 2, 2010 at 9:30 PM, netinfinity
<netinfinity.securitylab () gmail com> wrote:
> How much is the commercial version?
>
> I'd like to buy it for my hosting company.
>
> On Thu, Dec 2, 2010 at 7:18 PM, <vulnscan () hushmail com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Esteemed members of the Full Disclosure mailing list,
> >
> > In the wake of the recent compromise of the ProFTPd distribution
> > server and the subsequent root-level backdoor that was placed into
> > the source[0], we are proud to announce a cutting edge source code
> > scanner that will help you detect backdoors in your code. This code
> > is free to use for 30 days, after which time you must pay for it.
> >
> >
> > - ------------- el8 Vuln Scan v.0.1 -------------
> >
> > #!/bin/bash
> >
> > ###################################################################
> > #
> > # Place this script inside the top level directory of your
> > # source code repo.
> > #
> > # Please delete this after 30 days, or purchase a copy from our
> > # online store.
> > #
> > # 50% of all proceeds will go to the victims that have been
> > # owned by ACIDBITCHES within the past 6 years.
> > #
> > ###################################################################
> >
> > # main
> >
> > export PATH=/bin
> >
> > grep -r ACIDBITCHES *
> >
> > - ------------- el8 Vuln Scan v.0.1 -------------
> >
> >
> > Thank you for helping us to help you make the Internet a safer
> > place.
> >
> >
> > [0]
> > http://permalink.gmane.org/gmane.comp.security.ids.snort.emerging-
> > sigs/7965
> > -----BEGIN PGP SIGNATURE-----
> > Charset: UTF8
> > Version: Hush 3.0
> > Note: This signature can be verified at https://www.hushtools.com/verify
> >
> > wpwEAQMCAAYFAkz34wkACgkQnCf21LwRaXbdlwP/bRK2S7SA77h05jF1cdBty4hefooL
> > Zx0GOeABoqTZKnaNuKxGqwdPtg7fyNctrb7iMzehzJWBXnAD1Zik2UCujZINxeE8BFhw
> > yTN9gshJZB1cdWSHwxQdiB+NqS9eRqg3s0J8i/9EjzNVkgX4EJTJZMXv9oEUDCgwW92h
> > 7KFZMWU=
> > =mJJI
> > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> --
> www.google.com
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/