Full Disclosure mailing list archives
Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered
From: "frank^2" <frank2 () dc949 org>
Date: Wed, 15 Jul 2009 15:12:51 -0700
Well... this assumes that all they're trying to do is take down the websites and cause disruption with no ultimate purpose. Let's say milw0rm gets owned. There are multiple backups of the site-- intentional or not-- that exist around the Internet. If milw0rm was owned, the actual defacement and destruction of the site would really be insignificant-- the database of vulnerabilities would still exist in one way or another. Meaning in the grand scheme of things, they've done absolutely nothing for their movement. Or, if they have done something, it was only for $HOURS, or $DAYS even. Even moreso, let's assume they're successful and milw0rm never returns. Much like filesharing sites and applications, three would rise in their place. Again, this assumes the sole purpose of the take-down of milw0rm is to do just that-- take it down and disrupt the public dissemination of exploit code. However, just think about the power of the statement alone if the event actually happens: "milw0rm got owned." Remember the outcry that happened when milw0rm was *intentionally* going offline? How much more powerful a message do you think it would be, how much *quicker* would the message spread if instead of intentional disconnection it was malicious defacement? Granted, I feel I may be romanticizing the situation more than it really merits (mainly because I find this entire situation just so goddamn entertaining). But tearing down an effigy of the opposition-- even if temporarily-- can be significant for how a movement appears in the eyes of others. ...the verbosity of this e-mail makes me feel like an InfoSec flunky. Gross. On Wed, Jul 15, 2009 at 1:17 PM, saphex<saphex () gmail com> wrote:
Hi, I generally don't answer to this *kind of stuff* (read netdev soap operas alike), but this is becoming funny. I want to point out some flaws in your logic/strategy, I'm not going to put a twist to your words to infer that you wrote something absurd, rather, I will really just point out some flaws. If I was about to own a web site, which have very capable people behind it (like str0ke) I wouldn't come to brag about it because of two reasons (there are many more but...): 1) If the site administrator took my threats seriously I would have to expect that some kind of counter-measures would be put in place: - Packet sniffer with a SSH traffic filter (0-day exploit not so 0-day now) - Backups in other remote servers (if not already done) - .... 2) Yet again, if the site administrator took me seriously, I would expect retaliations. I wouldn't take as granted the *confidentiality* of the Internet or of any the hosts already compromised by me in order to make the attack. There is other flaws, but there is no need to point them out. Be good, peace, saphex On Wed, Jul 15, 2009 at 6:02 PM, str0ke<str0ke () milw0rm com> wrote:Ant-Sec Movement wrote:Once we have dealt with Hackforums.net, we will terminate Milw0rm. Better you had quit and left it at that, Str0ke, for now milw0rm.com <http://milw0rm.com> will be completely and utterly wiped. It is the second highest target after Hackforums.net.I would like to opt out on the milw0rm termination / wipage. Secondly when hackforums.net comes back online and are owned by anti-sec, can I be moved to the bottom of the list if opting out isn't possible? If there are only 2 targets on the list, can you insert 5 to 6 targets in between hackforums and milw0rm bumping it down a few notches. If hackforums.net doesn't ever come back online, do I get stuck in limbo waiting until they get wiped free card? If so hackforums.net please stay offline, thanks. /str0ke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered, (continued)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered mrx (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered T Biehn (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered mrx (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered T Biehn (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered mrx (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered T Biehn (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered mrx (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered Valdis . Kletnieks (Jul 16)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered saphex (Jul 15)
- Re: Ant-Sec - We are going to terminate Hackforums.net and Milw0rm.com - New Apache 0-day exploit uncovered frank^2 (Jul 15)