[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-Disclosure] tripbid secure codes
From: <auto94042 () hushmail ! com>
Date: 2003-06-27 5:25:13
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
holos,
i come to tell a very grave thing that make me many a stress . . .
i post the thing to the vuln dev some days ago and get quite a big respnose.
not only do i get a heart 2 heat with n1xo reiman about portmon ! but
some folks want me to look at the code they make, specially a 'hello-
world.c' progie -> " holo, can you check my hello-world.c for strcpy
?? securecode do the trick " <- paraphase the msg, i rm -rf / it since
it make me anger and stress it !
i am willing to try the secure code since the grep 'strcpy' is losing
his thrills so i trick around with :
[user@localhost]$ ./securecode -s hello-world.c
File to open: hello-world.c
Please wait...
The scan has finished!
i see that the hello world is safe from strcpy over flow so not a worry
and then i eat some snack. behold ! some monkey buisness when i came
back-
[user@localhost]$ ls
bala_clava_has_you/ hello-world.c r00t_is_next_pylon/ securecode*
tmp/ YOU_ARE_SUCH_A_FUCKING_MOMO/
/* some stuff got snippity , for levity of full discloshure(i read the
chatter by len!*/
i do not mkdir these thing !! who can it be clowning around? ?
i attach the hello_world and zipper it to protect the readers you can
unzipper it(tar -zxvf) but you may be hack if your not careful and try
secure code -s to it . maybe some one can tell me what happen or help
me figure it what next to do ? ? i think this machnie is not a trusted
one :
[user@localhost]$ uname -a
Linux localhost 2.4.21-0.13mdk #1 Fri Mar 14 15:08:06 EST 2003 i686 unknown
unknown GNU/Linux
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.3
wkYEARECAAYFAj77gD4ACgkQarKSBij8yILBZgCcD6Vh3B8TypME+MFqe5XrjhA46owA
n2prBzaEsw7Wk4YoOx/VV/Qc2tzm
=hrqO
-----END PGP SIGNATURE-----
["hello-world.tar.gz" (application/x-gzip)]
["hello-world.tar.gz.sig" (text/plain)]
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.3
wkYEABECAAYFAj77fdoACgkQarKSBij8yIItTQCeMZVh34obKMNOhxtcUmwHlDUfDJQA
oLqBsemigogG779FtrsHgN2fKxiY
=E/EN
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic