Saturday, December 22, 2007

Yahoo halala.

Recently AKS has been ranting about his Yahoo crap and
coverage by stupid media.

AKS phishing is an attack not a vulnerability, anyhow we
don't expect you to know that.

Anyhow reading your advisories, one can clearly see you don't
understand implications of either redirection or phishing.

Man!, where went those good days of stack overflows, we are
seriously tired of Web hoopla joopla's, but we understand a
simple stack overflow for them is a nightmare to understand.

AKS Hurt, Scared and Lamer as usual.

A recent post by AKS on his blog really defines what he is
trying to do.

1) AKS nobody notified you, you found it for yourself, trying
to be elite (notified to me).

2) Guess what learning and bull crap don't go hand and hand.
If you are learning then act like a learner and not like some
elite security professional.

3) Motto ? , yeah we have a motto, to expose you and your
hollow self , plus hollow skills.

4) Abuse ? whats the matter can't take some criticism, stop
writing those useless articles and show some real work (of
your own of course). Also spend some time on your useless
English, it really needs a heavy improvement.

"Is this the price one has to pay if he is working hard
relentlessly!"

excuse me kiddo, you are not the only one working hard
around here. What's the matter can't put value to your
hard work ?

5) Professional Abuse ?? what's that ? English dude English.
Trying to scare us ?, don't worry we will mirror this on every online
blog available planet, lets see what you can do, Ha Ha!

At last the truth, if you were real AKS, then you wouldn't have to
worry about this blog, but it seems you are scared now.

Whether you go to CERT or BlackHat you will still remain
the same old nut.

Also in your blog why do you publicize so much ?, whats the
matter ? seems again you can't put value or weight to your
work.

Guiding students, hmm; maybe we should send a email
to your college (XCON speakers page), they must be having
some sort of mailing list system, we will find out soon.
We will drop the students an E-mail about you and your gleaming
links.

Happy bull crapping AKS!

Another HTTP crap from AKS.

This time AKS has had us heads up. Clearly stating in a
"block" that HTTP/1.1 requires a host header. Read this
and enjoy the below.

AKS now claims he can differentiate between web servers
using the HEAD request. According to him he can differentiate
between different apache versions just by a HEAD requests.

Oh! sweet lord, you are the king of HTTP, what the hell is wrong
with you, can't you all the different head request responses are
indicating different configurations and not versions!. A HEAD
request is similar to a GET request!, missing the message body
and couple of other differences.

In you blog entry about HTTP/1.1 the "ignore part" means that
web servers support HTTP/1.0 too. Clearly don't try to retaliate
when you are caught with your head up your ass.

Clearly AKS you should write the next HTTP standard, today
you made Tim Berners Lee proud.

Guys you see in the article how the fact about HTTP/1.1 and
host header is highlighted. The big fact AKS is discovered
suddenly and now he is going to market and publicize it.

This is so enjoyable, clearly AKS's children would be proud of
him.

Message for AKS: Have guts stand up to the crap you write.
Please don't change anything again, or you want us to mirror
your crap too ?

Reading this blog ?

It seems AKS is reading this blog, our daily archiver reports
a couple of changes were made, the two things discussed in
the last post were changed.

He removed his crappy HTTP requests but still the crap article
remains, hey AKS the article is still a /dev/null, cause all the time
the tool says connection refused and timeout. What in the world
are you trying to say ?.

The Ctrl+C, Ctrl+V code from the cookie crap blog entry has also
been removed. Seems he still doesn't understand encrypting cookies
cannot save him from 3rd party attacks, if we sniff your cookie we can
use it no matter what, unless you have included the parameters
that uniquely identify the *******, this too may not work in some aspects.
(Guess what AKS ?).

Seems AKS finally accepts(only to his conscious) he writes crap.

Don't worry we will keep you as correct as possible. After all
we are the core operatives division of SecNiche.

Aditya K Sood's latest plagiarism.

Once again he stands as expected guess what <a
href="http://zeroknock.blogspot.com/2007/09/web-collateral-methods-cookie.html">read
this</a>
and then <a href="http://www.codeproject.com/aspnet/HttpSecureCookie.asp">read
this</a>.

Familiar ? too much ! also no credit given to the person who wrote it.
Also encrypting cookies is a new way of avoiding 3rd party attacks for
AKS a.k.a 0kn0ck.
Hey lamer if you are reading this see below

A<---->B<---->C
A encrypts, C decrypts or vice versa
Now
A---->B--->D--->C
How do you get away from D, umm get it ?, i don't think so
cause you don't know HTTP at all.

Also here
http://triosec.secniche.org/concepts/rogue_sip_daemon.txt

Do you know why server is saying 404 ? because for HTTP/1.1, host header is
mandatory. Do you still get it ? we don't think so.

High time you did laundry instead of security.

Hats off to you!.

Monday, October 1, 2007

SecNiche Bogus: Attempt to settle noise and trauma.

SecNiche Bogus (http://secnichebogus.blogspot.com) is an initiative
and request to noise makers here.
Why spam others mailboxes when you can blog!. Hence the blog, it
simply collects, laughs and discusses bogus from
SecNiche Kindly read the FAQ below

FAQ.

1. Who is SecNiche ?

A security researcher(so called) Aditya K Sood a.k.a 0Kn0ck , who says
processes run as threads(OpenRCE), sending
keys to AntiVirus applications to manipulate them is black magic(
rootkit.com), A monkey with IDA Pro, writes strlen(Security)
where Security isn't a variable. DDoS Zombie programs zapping
applications are anti symmetric ailment,
and the coolness in eliteness list goes on and on (And thats just on
other portals try the core or traverse it)
(http://www.secniche.org).

1. Why are you doing this ?

To settle noise and bogus from the mailing lists.
To show people how these days even stupid people can
be smart thanks to the other more stupid people.
To enjoy bogus and have a laugh at the end of hard working days.
To increase secniche's popularity and website hits
(http://zeroknock.blogspot.com/2007/07/5000-hits-have-been-encountered-with-in.html
).

2. Why have you disguised yourself ?

This is what everyone is doing right ? if SecNiche
becomes what it really is we would too.

3. Can i post here ?

Yes drop an e-mail to secnichebogus@gmail.com and become
a team member. Kindly do become a team member instead of
spamming the mailing lists, this blog is born and meant
for that kind of rattling and entertainment.

You have other questions, threats, abuses kindly mail the stuff to
secnichebogus@gmail.com.
Message For SecNiche(from SecNiche, mlabs.secniche.org/about.html):
Wise men do not need to argue!

--
SecNiche Bogus -- The Core Operatives division of SecNiche
http://secnichebogus.blogspot.com