Re: [Full-disclosure] Beware trojaned exploits!

From: Ron (iago_at_valhallalegends.com)
Date: 07/27/05

  • Next message: Etaoin Shrdlu: "Re: [Full-disclosure] Our Industry Is Seriously Ethics Impaired" 
    Date: Wed, 27 Jul 2005 08:37:07 -0500
To: full-disclosure@lists.grok.org.uk

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hmm, I'm noticing a pattern.

    Warning: don't download exploits from any sites that have an 'o'
    replaced with a '0'! The 0 obviously makes them less secure, or
    something.

    securitymarket@hush.ai wrote:
    > Hackers may be at risk!
    >
    > It has come to our attention that a large amount of public
    > security exploits/software have been modified and re-posted
    > to legitimate trusted information sites for public downloads.
    >
    > We have recently came across 5 exploits that have had a shellcode
    > modification
    > after legit verification of trusted download sites.
    >
    > The following information security sites have listed a number of
    > modified exploits:
    >
    > unl0ck security research
    > g0tfault security
    > m00 security
    >
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.9.15 (GNU/Linux)
    Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

    iD8DBQFC544DfqSf2EkP4p4RAq1iAJwLcdKzebJtb8nsJ9vbMr1cAXLDYwCffAwX
    ncwv02cySQDLh/tYaEuMmzI=
    =eUHO
    -----END PGP SIGNATURE-----
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

  • Next message: Etaoin Shrdlu: "Re: [Full-disclosure] Our Industry Is Seriously Ethics Impaired"

    Relevant Pages

    • Re: File extensions spoofable in MSIE download dialog
      ... File extensions spoofable in MSIE download dialog ... I don't have internet explorer to test but rfc 2616 describes some "security considerations". ... > extension without a sign of EXE, and issue no Security Warning dialog ...
      (Bugtraq)
    • Re: Some mail opens a blank page
      ... YW, Dan, and thanks again for your valuable feedback. ... Save that download link and Product or User ID for CA Internet Security ... and then run the Removal Tool to rid the machine of all Norton crapware. ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
    • Re: Short List of Security Questions
      ... Do you have a list of recommendations for windows? ... I think there are three separate aspects to PC security: ... get and download the latest Firefox and Thunderbird. ...
      (microsoft.public.security)
    • RE: Smiley central Active X controls
      ... security setting was selected. ... It still will not allow me to download ... Does NOT monitor behavior on the Internet ... Why some spyware services may mistake Fun Web Products and its MyWebSearch ...
      (microsoft.public.windowsxp.help_and_support)
    • The ISECOM Top 10 Real Computer Crimes for 2007 and Beyond
      ... over-hyping done in the security industry and to put things to perspective. ... The ISECOM Top 10 Real Computer Crimes for 2007 and Beyond ... it's the codec, the program, or the file so you download more and more ... try to buy stuff and ship it to Indonesia but your bank calls to alert you ...
      (Pen-Test)