Re: [Full-disclosure] imageshack - pwned for anti-sec.



As annoying as full disclosure can be to some of us who manage
multiple sites for a wide range of customers using packages such as
phpbb, wordpress, etc. (and subsequently fall victim to mass attacks)
I do believe that the only way to assure that we write secure code and
use secure practices is to have complete and reaponsible full
discolsure. History is the best way to make a more secure future.

Philippe Ouellet
Sent from my iPhone

On 2009-07-10, at 10:15 PM, rxxayywzzr@xxxxxxx wrote:



__ .__
_____ _____/ |_|__| ______ ____ ____
\__ \ / \ __\ | ______ / ___// __ \_/ ___\
/ __ \| | \ | | | /_____/ \___ \\ ___/\ \___
(____ /___| /__| |__| /____ >\___ >\___ >
\/ \/ \/ \/ \/

Proudly presents...

_ _ _
(_) | | | |
_ _ __ ___ __ _ __ _ ___ ___ | |__ __ _ ___| | __
| | '_ ` _ \ / _` |/ _` |/ _ \' / __| | '_ \ / _` |/ __| |/ /
| | | | | | | (_| | (_| | __/ \__ \ | | | (_| | (__| <
|_|_| |_| |_|\__,_|\__, |\___| |___/ |_| |_|\__,_|\___|_|\_\
__/ |
|___/


Anti-sec. We're a movement dedicated to the eradication of
full-disclosure. We wanted to give everyone an image of what we're
all
about.

Full-disclosure is the disclosure of exploits publicly - anywhere.
The
security industry uses full-disclosure to profit and develop
scare-tactics to convince people into buying their firewalls,
anti-virus software, and auditing services.

Meanwhile, script kiddies copy and paste these exploits and compile
them, ready to strike any and all vulnerable servers they can get
a hold
of. If whitehats were truly about security this stuff would not be
published, not even exploits with silly edits to make them slightly
unusable.

As an added bonus, if publication wasn't enough, these exploits are
mirrored and distributed widely across the Internet with a nice
little
advertisement embedded in them for the crew or website which first
exposed the vulnerability to the public.

It's about money. While the world is difficult to change, and
money will
certainly continue to be a very important in the eyes of many, our
battle is that of the removal of full-disclosure for the purpose of
making it harder for the security industry to exploit its
consequences.

It is our goal that, through mayhem and the destruction of all
exploitive and detrimental communities, companies, and individuals,
full-disclosure will be abandoned and the security industry will be
forced to reform.

How do we plan to achieve this? Through the full and unrelenting,
unmerciful elimination of all supporters of full-disclosure
and the security industry in its present form. If you own a
security
blog, an exploit publication website or you distribute any
exploits...

"you are a target and you will be rm'd. Only a matter of time."

This isn't like before. This time everyone and everything is
getting
owned.



Signed: The Anti-sec Movement

"No images were harmed in the making of this... image."

anti-sec:~/pwn# perl img-scan.pl

Found img1.imageshack.us - lighttpd/1.4.18 - SSH-1.99-OpenSSH_4.5
[snip]
Found img998.imageshack.us - lighttpd/1.4.18 - SSH-1.99-OpenSSH_4.5

anti-sec:~/pwn# perl mass-pwn.pl

Connecting...

Linux worf.imageshack.us 2.6.15-1.2054_FC5 #1 SMP Tue Mar 14
15:48:20 EST 2006 x86_64 x86_64 x86_64 GNU/Linux

Replacing images...


img1 --> img998

All images replaced: http://img998.imageshack.us/antisec.jpg




If you think that we oppose your website, our advise is to pack it
up and shut it down, because we're coming for you.

- anti-sec.



--
Click now and enjoy a fantastic vacation in the wine country.
http://tagline.hushmail.com/fc/BLSrjkqdLRlMNd0RptkoG7EHMUX9UWYhGwIIOEdGkkLzEAEQYywTUPkr1Co/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: [Full-Disclosure] Where is security industry gng??
    ... [Full-Disclosure] Where is security industry gng?? ... We have specialties for people wanting to backup their ... hour is now average where last year charging $100 an hour was certainly not ...
    (Full-Disclosure)
  • Re: [Full-disclosure] security industry software license
    ... Sorry I did a mistake about the price. ... [Full-disclosure] security industry software license ... generally have a weak grasp on the security industry as a whole. ... Manufactures and distributes plastic blow-molded reels with unique locking design for use in the cable, wire, hose, and other industries. ...
    (Full-Disclosure)
  • [Full-disclosure] imageshack - pwned for anti-sec.
    ... Full-disclosure is the disclosure of exploits publicly - anywhere. ... security industry uses full-disclosure to profit and develop ... As an added bonus, if publication wasn't enough, these exploits are ... Signed: The Anti-sec Movement ...
    (Full-Disclosure)
  • [Full-Disclosure] International Convention on Cybercrime
    ... many people concerned about this treaty and how it may affect the IT ... security industry. ... Full-Disclosure - We believe in it. ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Ganging up on n3td3v
    ... doesnt stand for Fat Douches it stands for Full Disclosure. ... I see that you are an A-list blogger for the web2.o security industry ... > Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ...
    (Full-Disclosure)