Mailing List Archive: Full Disclosure: Full-Disclosure

Fwd: NOTICE: Site compromised

Full Disclosure full-disclosure RSS feed

Index | Next | Previous | View Threaded

xploitable at gmail

May 10, 2008, 5:11 PM

Post #1 of 10 (462 views)
Permalink

Fwd: NOTICE: Site compromised

---------- Forwarded message ----------
From: Robert Lemos <mail[at]robertlemos.com>
Date: Sat, May 10, 2008 at 4:21 PM
Subject: NOTICE: Site compromised
To: feedback[at]robertlemos.com

You are being sent this notice, because you had a user account on my
site, robertlemos.com.
Hackers gained access to the password account to the site. This does
not mean they have your password, but a scrambled version of your
password, known as a hash. Unfortunately, malicious hackers could use
try to brute force the hash or use other techniques to find your
password, especially if is an easy to guess combination of letters and
numbers.
For that reason, I recommend that, if you use the password on other
accounts, you change those accounts to use a new password.
If you have any questions, feel free to contact me. I apologize for
the inconvenience.
-R
| robert lemos | mail[at]robertlemos.com |
| science & technology journalist |
| http://www.robertlemos.com |

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

fdiscsplat at gmail

May 10, 2008, 6:22 PM

Post #2 of 10 (444 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sat, May 10, 2008 at 8:11 PM, n3td3v <xploitable[at]gmail.com> wrote:
> ---------- Forwarded message ----------
> From: Robert Lemos <mail[at]robertlemos.com>
> Date: Sat, May 10, 2008 at 4:21 PM
> Subject: NOTICE: Site compromised
> To: feedback[at]robertlemos.com
>
>
> You are being sent this notice, because you had a user account on my
> site, robertlemos.com.
> Hackers gained access to the password account to the site. This does
> not mean they have your password, but a scrambled version of your
> password, known as a hash. Unfortunately, malicious hackers could use
> try to brute force the hash or use other techniques to find your
> password, especially if is an easy to guess combination of letters and
> numbers.
> For that reason, I recommend that, if you use the password on other
> accounts, you change those accounts to use a new password.
> If you have any questions, feel free to contact me. I apologize for
> the inconvenience.
> -R
> | robert lemos | mail[at]robertlemos.com |
> | science & technology journalist |
> | http://www.robertlemos.com |
>

Mr. Wallace,

Apparently, even a high-ranking security officer such as yourself
posts exploits to Full Disclosure.

After your exploit, Mr Lemos' website only says that his site formerly
contained "the musings of a technology and science journalist..."

Is this an action of the n3td3v group in furtherance of the n3td3v agenda?

This seems to be another confirmation of your illicit hacking that
chills me and forces me to hide behind a pseudonym. I am stunned into
disbelief that you have said intelligence services tacitly work with
you. I now fully believe your claim of being involved in the
"political scene" of security.

How else could you be allowed to make copious international threats of
violence, intimidation, slander, and engender frivolous and harassing
lawsuits while simultaneously hacking and destroying your enemies'
internet presence?

I am now even more uncertain of being able to life without harm to my
person or career, Mr. Wallace.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

xploitable at gmail

May 10, 2008, 6:59 PM

Post #3 of 10 (445 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sun, May 11, 2008 at 2:22 AM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
> On Sat, May 10, 2008 at 8:11 PM, n3td3v <xploitable[at]gmail.com> wrote:
>> ---------- Forwarded message ----------
>> From: Robert Lemos <mail[at]robertlemos.com>
>> Date: Sat, May 10, 2008 at 4:21 PM
>> Subject: NOTICE: Site compromised
>> To: feedback[at]robertlemos.com
>>
>>
>> You are being sent this notice, because you had a user account on my
>> site, robertlemos.com.
>> Hackers gained access to the password account to the site. This does
>> not mean they have your password, but a scrambled version of your
>> password, known as a hash. Unfortunately, malicious hackers could use
>> try to brute force the hash or use other techniques to find your
>> password, especially if is an easy to guess combination of letters and
>> numbers.
>> For that reason, I recommend that, if you use the password on other
>> accounts, you change those accounts to use a new password.
>> If you have any questions, feel free to contact me. I apologize for
>> the inconvenience.
>> -R
>> | robert lemos | mail[at]robertlemos.com |
>> | science & technology journalist |
>> | http://www.robertlemos.com |
>>
>
> Mr. Wallace,
>
> Apparently, even a high-ranking security officer such as yourself
> posts exploits to Full Disclosure.
>
> After your exploit, Mr Lemos' website only says that his site formerly
> contained "the musings of a technology and science journalist..."
>
> Is this an action of the n3td3v group in furtherance of the n3td3v agenda?
>
> This seems to be another confirmation of your illicit hacking that
> chills me and forces me to hide behind a pseudonym. I am stunned into
> disbelief that you have said intelligence services tacitly work with
> you. I now fully believe your claim of being involved in the
> "political scene" of security.
>
> How else could you be allowed to make copious international threats of
> violence, intimidation, slander, and engender frivolous and harassing
> lawsuits while simultaneously hacking and destroying your enemies'
> internet presence?
>
> I am now even more uncertain of being able to life without harm to my
> person or career, Mr. Wallace.
>

---------- Forwarded message ----------
From: n3td3v <xploitable[at]gmail.com>
Date: Sun, May 11, 2008 at 2:30 AM
Subject: Re: [Full-disclosure] ZF04 has been released!
To: full-disclosure[at]lists.grok.org.uk

On Sat, May 10, 2008 at 12:36 AM, <robert.lemos[at]mac.hush.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I, Robert Lemos (see robertlemos.com, I need hits!) have
> collaborated with the ZF0 team to bring you this piece. Check out
> my blog or milw0rm or http://cypher0.h18.ru//zf04.txt for more
> information! I am talking to SecurityFocus about making it a
> featured item, so don't forget to check securityfocus.com and
> robertlemos.com for further details in the upcoming weeks!
>
> Thank you dearies,
>
> Bobby "Bologna" Lemos

This is dreadful news,

I hope Robert Lemos's site recovers as quickly as possible, and I
condemn any law breaking by ZF0.

All the best,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

fdiscsplat at gmail

May 11, 2008, 4:43 AM

Post #4 of 10 (432 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sat, May 10, 2008 at 9:59 PM, n3td3v <xploitable[at]gmail.com> wrote:
> On Sun, May 11, 2008 at 2:22 AM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
>> On Sat, May 10, 2008 at 8:11 PM, n3td3v <xploitable[at]gmail.com> wrote:
>>> Hackers gained access to the password account to the site. This does
>>> not mean they have your password, but a scrambled version of your
>>> password, known as a hash. Unfortunately, malicious hackers could use
>>> try to brute force the hash or use other techniques to find your
>>> password, especially if is an easy to guess combination of letters and
>>> numbers.

>> Is this an action of the n3td3v group in furtherance of the n3td3v agenda?

> I hope Robert Lemos's site recovers as quickly as possible, and I
> condemn any law breaking by ZF0.
>
> All the best,
>
> n3td3v
>

Mr. Wallace, my question was "Is this an action of the n3td3v group in
furtherance of the n3td3v agenda?"

Your answer was, "I condemn any law breaking by ZF0."

You used a debating tactic of obfuscation called "Suppressed Evidence."

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

xploitable at gmail

May 11, 2008, 12:22 PM

Post #5 of 10 (429 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sun, May 11, 2008 at 12:43 PM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
> On Sat, May 10, 2008 at 9:59 PM, n3td3v <xploitable[at]gmail.com> wrote:
>> On Sun, May 11, 2008 at 2:22 AM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
>>> On Sat, May 10, 2008 at 8:11 PM, n3td3v <xploitable[at]gmail.com> wrote:
>>>> Hackers gained access to the password account to the site. This does
>>>> not mean they have your password, but a scrambled version of your
>>>> password, known as a hash. Unfortunately, malicious hackers could use
>>>> try to brute force the hash or use other techniques to find your
>>>> password, especially if is an easy to guess combination of letters and
>>>> numbers.
>
>>> Is this an action of the n3td3v group in furtherance of the n3td3v agenda?
>
>> I hope Robert Lemos's site recovers as quickly as possible, and I
>> condemn any law breaking by ZF0.
>>
>> All the best,
>>
>> n3td3v
>>
>
> Mr. Wallace, my question was "Is this an action of the n3td3v group in
> furtherance of the n3td3v agenda?"
>
> Your answer was, "I condemn any law breaking by ZF0."
>
> You used a debating tactic of obfuscation called "Suppressed Evidence."
>

Shut up before I prosecute you.

All the best,

n3td3v

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

fdiscsplat at gmail

May 11, 2008, 2:25 PM

Post #6 of 10 (428 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sun, May 11, 2008 at 3:22 PM, n3td3v <xploitable[at]gmail.com> wrote:
>
> On Sun, May 11, 2008 at 12:43 PM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
> > Mr. Wallace, my question was "Is this an action of the n3td3v group in
> > furtherance of the n3td3v agenda?"
> >
> > Your answer was, "I condemn any law breaking by ZF0."
> >
> > You used a debating tactic of obfuscation called "Suppressed Evidence."
> >
>
> Shut up before I prosecute you.

Mr. Wallace,

You have refused to rebut my question to you about Robert Lemos'
website being destroyed. You vanished from this list right before his
website was destroyed and you reemerged right after it had been
destroyed.

Due to your sidestepping my previous questions, it is apparent to me
that you condemn law breaking under the auspices of the ZF0 group -
but support law breaking under the auspices of the n3td3v group. I
expect this to be the understanding of any reasonable person when
presented with the text of your statements.

I continue conversing under a pseudonym due to my belief that you
destroyed Robert Lemos' website and that your reach extends far beyond
the court system into the seamy and lawless underbelly of the computer
espoionage and intelligence world.

Mr. Wallace, I have some straightforward questions for you.

Question 1: For what would you prosecute me?

Question 2: Is the n3td3v group the same as ZF0?

Question 3: What is the n3td3v agenda?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

ureleet at gmail

May 12, 2008, 7:41 AM

Post #7 of 10 (402 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

ooh, more threats

On Sun, May 11, 2008 at 3:22 PM, n3td3v <xploitable[at]gmail.com> wrote:
> On Sun, May 11, 2008 at 12:43 PM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
> > On Sat, May 10, 2008 at 9:59 PM, n3td3v <xploitable[at]gmail.com> wrote:
> >> On Sun, May 11, 2008 at 2:22 AM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
> >>> On Sat, May 10, 2008 at 8:11 PM, n3td3v <xploitable[at]gmail.com> wrote:
> >>>> Hackers gained access to the password account to the site. This does
> >>>> not mean they have your password, but a scrambled version of your
> >>>> password, known as a hash. Unfortunately, malicious hackers could use
> >>>> try to brute force the hash or use other techniques to find your
> >>>> password, especially if is an easy to guess combination of letters and
> >>>> numbers.
> >
> >>> Is this an action of the n3td3v group in furtherance of the n3td3v agenda?
> >
> >> I hope Robert Lemos's site recovers as quickly as possible, and I
> >> condemn any law breaking by ZF0.
> >>
> >> All the best,
> >>
> >> n3td3v
> >>
> >
> > Mr. Wallace, my question was "Is this an action of the n3td3v group in
> > furtherance of the n3td3v agenda?"
> >
> > Your answer was, "I condemn any law breaking by ZF0."
> >
> > You used a debating tactic of obfuscation called "Suppressed Evidence."
> >
>
> Shut up before I prosecute you.
>
> All the best,
>
> n3td3v
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Valdis.Kletnieks at vt

May 12, 2008, 9:07 AM

Post #8 of 10 (403 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sun, 11 May 2008 20:22:42 BST, n3td3v said:

> Shut up before I prosecute you.
>
> All the best,

First off, "prosecute" is a term usually reserved for the government's
attorney in criminal cases - in civil law, a tort case has a plaintiff
and a defendant, and the operative term is "file suit".

Secondly, please note that many jurisdictions recognize an offense called
"barratry", which is the repeated filing of suit, or threatening to do so,
solely to harass and annoy.

Thirdly, did you find a lawyer who is willing to pursue the suit pro bono,
or are you filing it pro se, or did you find one willing to take a risk on
a percentage of the return, or do you have some other means of financing a
lawsuit? Legal fees pile up very quickly at the average lawyer's per-hour...

fdiggle at gmail

May 12, 2008, 9:54 AM

Post #9 of 10 (399 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

Valdis,
Is your mustache a lawyer now?

Sincerely,
Fredrick

On Tue, May 13, 2008 at 2:07 AM, <Valdis.Kletnieks[at]vt.edu> wrote:
> On Sun, 11 May 2008 20:22:42 BST, n3td3v said:
>
> > Shut up before I prosecute you.
> >
> > All the best,
>
> First off, "prosecute" is a term usually reserved for the government's
> attorney in criminal cases - in civil law, a tort case has a plaintiff
> and a defendant, and the operative term is "file suit".
>
> Secondly, please note that many jurisdictions recognize an offense called
> "barratry", which is the repeated filing of suit, or threatening to do so,
> solely to harass and annoy.
>
> Thirdly, did you find a lawyer who is willing to pursue the suit pro bono,
> or are you filing it pro se, or did you find one willing to take a risk on
> a percentage of the return, or do you have some other means of financing a
> lawsuit? Legal fees pile up very quickly at the average lawyer's per-hour...
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

fdiscsplat at gmail

May 14, 2008, 5:48 AM

Post #10 of 10 (356 views)
Permalink

Re: Fwd: NOTICE: Site compromised [In reply to]

On Sun, May 11, 2008 at 3:22 PM, n3td3v <xploitable[at]gmail.com> wrote:
> On Sun, May 11, 2008 at 12:43 PM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
>> On Sat, May 10, 2008 at 9:59 PM, n3td3v <xploitable[at]gmail.com> wrote:
>>> On Sun, May 11, 2008 at 2:22 AM, Dr. J Swift <fdiscsplat[at]gmail.com> wrote:
>>>> On Sat, May 10, 2008 at 8:11 PM, n3td3v <xploitable[at]gmail.com> wrote:
>>>>> Hackers gained access to the password account to the site. This does
>>>>> not mean they have your password, but a scrambled version of your
>>>>> password, known as a hash. Unfortunately, malicious hackers could use
>>>>> try to brute force the hash or use other techniques to find your
>>>>> password, especially if is an easy to guess combination of letters and
>>>>> numbers.
>>
>>>> Is this an action of the n3td3v group in furtherance of the n3td3v agenda?
>>
>>> I hope Robert Lemos's site recovers as quickly as possible, and I
>>> condemn any law breaking by ZF0.
>>>
>>> All the best,
>>>
>>> n3td3v
>>>
>>
>> Mr. Wallace, my question was "Is this an action of the n3td3v group in
>> furtherance of the n3td3v agenda?"
>>
>> Your answer was, "I condemn any law breaking by ZF0."
>>
>> You used a debating tactic of obfuscation called "Suppressed Evidence."
>>
>
> Shut up before I prosecute you.
>
> All the best,
>
> n3td3v

Dear Mr. Wallace (aka n3td3v),

Repeatedly threatening frivolous lawsuits, which you have done to
three people in the last week, is a crime.

For what you would prosecute me?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com