[OWASP-Bangalore] New to mailing list

Govindappa, Satish satish.govindappa at fmr.com
Wed Sep 2 00:10:44 EDT 2009


FIDELITY INTERNAL INFORMATION

Hi All,

This is Satish here. I am new to this mailing list. I am interested in
attending the session in Frazer town this weekend. I would like to know
if there are any formalities to complete before attending the session.
Is it open to everyone ? Do I have to book a seat? Whom to contact for
more details?  

Regards,

Satish G 

-----Original Message-----
From: owasp-bangalore-bounces at lists.owasp.org
[mailto:owasp-bangalore-bounces at lists.owasp.org] On Behalf Of
owasp-bangalore-request at lists.owasp.org
Sent: Saturday, August 29, 2009 6:32 PM
To: owasp-bangalore at lists.owasp.org
Subject: OWASP-Bangalore Digest, Vol 21, Issue 15

Send OWASP-Bangalore mailing list submissions to
	owasp-bangalore at lists.owasp.org

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.owasp.org/mailman/listinfo/owasp-bangalore
or, via email, send a message with subject or body 'help' to
	owasp-bangalore-request at lists.owasp.org

You can reach the person managing the list at
	owasp-bangalore-owner at lists.owasp.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of OWASP-Bangalore digest..."


Today's Topics:

   1. BSNL Modems Exploit (PraKash)
   2. Re: Upcoming Meet Details (aryavalli gandhi)
   3. Apache.org compromised (chintan dave)
   4. Re: Upcoming Meet Details (Sundar N)
   5. Re: Upcoming Meet Details (aryavalli gandhi)


----------------------------------------------------------------------

Message: 1
Date: Fri, 28 Aug 2009 20:25:46 +0530
From: PraKash <prakash2757 at gmail.com>
Subject: [OWASP-Bangalore] BSNL Modems Exploit
To: null-co-in at googlegroups.com, owasp-bangalore at lists.owasp.org
Message-ID:
	<cf2478a20908280755l4eb54118wad195b534f2160c5 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

Just got hand of it, thought of sharing with you all.

As per my knowledge, BSNL India gives 80 % of users ZTE modems.
Specifically
- ZXDSL 831 II.

here are few exploits out on wild.. watch out.

Change Admin Password & get full access to the modem

http://192.168.1.1/adminpasswd.cgi

URL Below gives access to configuration of the modem and you can get
PPPOE
user & password with any Asterisk Password Revealers

http://192.168.1.1/vpivci.cgi

Is anyone aware at BSNL or informed them ? If they dont push a firmware
update (Hope they do) there are lakhs of Indian users at risk.

If you are BSNL User with this modem, watch out.

- Prakash
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090828/0
7e685b4/attachment-0001.html 

------------------------------

Message: 2
Date: Fri, 28 Aug 2009 08:01:40 -0700 (PDT)
From: aryavalli gandhi <gandhiasrn at yahoo.com>
Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
To: owasp-bangalore at lists.owasp.org
Message-ID: <434281.88991.qm at web30606.mail.mud.yahoo.com>
Content-Type: text/plain; charset=us-ascii

Hey,

Could someone confirm whether the planned event is in the same venue.  I
do want to join, but just like to know that there is no change in the
planned meet tomorrow.

Thanks
Gandhi 

--- On Tue, 8/25/09, Akash <akashmahajan at gmail.com> wrote:

> From: Akash <akashmahajan at gmail.com>
> Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
> To: owasp-bangalore at lists.owasp.org
> Date: Tuesday, August 25, 2009, 2:59 PM
> Hi just an update about the combined
> NULL+OWASP meet up planned for
> 5th September 2009 starting at 10 AM ( Saturday )
> 
> There are two talks planned
> 
> 1. Cookie Replay Attacks by Ravi (OWASP)
> 2. Cloud Security - 15 domains to think about before moving
> your app
> to the cloud. by Shashidhar (NULL)
> 
> We plan to start dot on 10 AM as there is a lot of stuff to
> cover. The
> venue has a projector, power points, chairs and usually we
> get
> tea/coffee as well. In short an excellent place to have a
> fruitful
> discussion and learn from each other.
> 
> 2009/8/13 Sundar N <suntracks at gmail.com>:
> > Just one update that I forgot to mention.
> > This is a combined meet with Null and OWASP .
> > Also there is a live hacking session planned as part
> of
> > the null meet.
> >
> > Regards,
> > Sundar.
> >
> > On Wed, Aug 12, 2009 at 7:21 PM, Sundar N <suntracks at gmail.com>
> wrote:
> >>
> >> Hello Everyone,
> >> It is scheduled to have the next meet on 5th Sep
> @10.00
> >> A session from Ravi on cookie Replay Attacks.
> >> Kindly make yourself available.
> >> Venue : Praxeva India Services Pvt. Ltd, Atrium
> Business Center,
> >> 66/1 2nd Floor, Coles Road, Frazer Town,
> Bangalore-560005
> >>
> >> Map Location : http://www.praxeva.com/contact_us.html
> >>
> >> Thanks to Simran, Akash & others in helping
> out for the venue :)
> >>
> >> Regards,
> >> Sundar.
> >
> >
> > _______________________________________________
> > OWASP-Bangalore mailing list
> > OWASP-Bangalore at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> >
> >
> 
> 
> 
> -- 
> warm regards,
> Akash Mahajan
> ----------------------------------------------------------
> Security Consultant, (Web / Networks /
> Servers / IT/ Virtualization)
> Founder Headstart Network Foundation
> ----------------------------------------------------------
> http://www.linkedin.com/in/akashm
> http://network.headstart.in
> ----------------------------------------------------------
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 


      


------------------------------

Message: 3
Date: Fri, 28 Aug 2009 22:14:22 +0530
From: chintan dave <davechintan at gmail.com>
Subject: [OWASP-Bangalore] Apache.org compromised
Message-ID:
	<7891b1dc0908280944p22135290pd26b7077d257505d at mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

FYI...

http://news.netcraft.com/archives/2009/08/28/apacheorg_compromised.html

-- 
Regards,
Chintan Dave,

LinkedIn Profile: http://www.linkedin.com/in/chintandave
Blog:http://www.chintandave.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090828/6
0a766bc/attachment-0001.html 

------------------------------

Message: 4
Date: Fri, 28 Aug 2009 09:52:23 -0700
From: Sundar N <suntracks at gmail.com>
Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
To: owasp-bangalore at lists.owasp.org
Message-ID:
	<c1e982c50908280952l30c7804by7fea828dce1f87b8 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

The Event is planned on Sep 5th @10.00 AM (Saturday) which would be
combined

meet i.e. OWASP + Null.

Venue : Praxeva India Services Pvt. Ltd, AtriumBusiness Center,
66/1 2nd Floor, Coles Road, Frazer Town,Bangalore-560005

 Map Location : http://www.praxeva.com/contact_us.html

Regards,
sundar.

On Fri, Aug 28, 2009 at 8:01 AM, aryavalli gandhi
<gandhiasrn at yahoo.com>wrote:

> Hey,
>
> Could someone confirm whether the planned event is in the same venue.
I do
> want to join, but just like to know that there is no change in the
planned
> meet tomorrow.
>
> Thanks
> Gandhi
>
> --- On Tue, 8/25/09, Akash <akashmahajan at gmail.com> wrote:
>
> > From: Akash <akashmahajan at gmail.com>
> > Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
> > To: owasp-bangalore at lists.owasp.org
> > Date: Tuesday, August 25, 2009, 2:59 PM
> > Hi just an update about the combined
> > NULL+OWASP meet up planned for
> > 5th September 2009 starting at 10 AM ( Saturday )
> >
> > There are two talks planned
> >
> > 1. Cookie Replay Attacks by Ravi (OWASP)
> > 2. Cloud Security - 15 domains to think about before moving
> > your app
> > to the cloud. by Shashidhar (NULL)
> >
> > We plan to start dot on 10 AM as there is a lot of stuff to
> > cover. The
> > venue has a projector, power points, chairs and usually we
> > get
> > tea/coffee as well. In short an excellent place to have a
> > fruitful
> > discussion and learn from each other.
> >
> > 2009/8/13 Sundar N <suntracks at gmail.com>:
> > > Just one update that I forgot to mention.
> > > This is a combined meet with Null and OWASP .
> > > Also there is a live hacking session planned as part
> > of
> > > the null meet.
> > >
> > > Regards,
> > > Sundar.
> > >
> > > On Wed, Aug 12, 2009 at 7:21 PM, Sundar N <suntracks at gmail.com>
> > wrote:
> > >>
> > >> Hello Everyone,
> > >> It is scheduled to have the next meet on 5th Sep
> > @10.00
> > >> A session from Ravi on cookie Replay Attacks.
> > >> Kindly make yourself available.
> > >> Venue : Praxeva India Services Pvt. Ltd, Atrium
> > Business Center,
> > >> 66/1 2nd Floor, Coles Road, Frazer Town,
> > Bangalore-560005
> > >>
> > >> Map Location : http://www.praxeva.com/contact_us.html
> > >>
> > >> Thanks to Simran, Akash & others in helping
> > out for the venue :)
> > >>
> > >> Regards,
> > >> Sundar.
> > >
> > >
> > > _______________________________________________
> > > OWASP-Bangalore mailing list
> > > OWASP-Bangalore at lists.owasp.org
> > > https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> > >
> > >
> >
> >
> >
> > --
> > warm regards,
> > Akash Mahajan
> > ----------------------------------------------------------
> > Security Consultant, (Web / Networks /
> > Servers / IT/ Virtualization)
> > Founder Headstart Network Foundation
> > ----------------------------------------------------------
> > http://www.linkedin.com/in/akashm
> > http://network.headstart.in
> > ----------------------------------------------------------
> > _______________________________________________
> > OWASP-Bangalore mailing list
> > OWASP-Bangalore at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> >
>
>
>
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.owasp.org/pipermail/owasp-bangalore/attachments/20090828/7
cf7d1aa/attachment-0001.html 

------------------------------

Message: 5
Date: Fri, 28 Aug 2009 11:20:17 -0700 (PDT)
From: aryavalli gandhi <gandhiasrn at yahoo.com>
Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
To: owasp-bangalore at lists.owasp.org
Message-ID: <189643.20976.qm at web30604.mail.mud.yahoo.com>
Content-Type: text/plain; charset=iso-8859-1

Oh! thank you.  

--- On Fri, 8/28/09, Sundar N <suntracks at gmail.com> wrote:

> From: Sundar N <suntracks at gmail.com>
> Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
> To: owasp-bangalore at lists.owasp.org
> Date: Friday, August 28, 2009, 10:22 PM
> The Event is planned on Sep 5th @10.00 AM
> (Saturday) which would be combined 
> meet i.e. OWASP + Null.
> 
> Venue : Praxeva India Services Pvt. Ltd, AtriumBusiness
> Center,
> 66/1 2nd Floor, Coles Road, Frazer Town,Bangalore-560005
> 
> 
> 
> 
> ?Map Location : http://www.praxeva.com/contact_us.html
> 
> Regards,
> sundar.
> 
> On Fri, Aug 28, 2009 at 8:01 AM,
> aryavalli gandhi <gandhiasrn at yahoo.com>
> wrote:
> 
> 
> Hey,
> 
> 
> 
> Could someone confirm whether the planned event is in the
> same venue. ?I do want to join, but just like to know that
> there is no change in the planned meet tomorrow.
> 
> 
> 
> Thanks
> 
> Gandhi
> 
> 
> 
> --- On Tue, 8/25/09, Akash <akashmahajan at gmail.com>
> wrote:
> 
> 
> 
> > From: Akash <akashmahajan at gmail.com>
> 
> > Subject: Re: [OWASP-Bangalore] Upcoming Meet Details
> 
> > To: owasp-bangalore at lists.owasp.org
> 
> > Date: Tuesday, August 25, 2009, 2:59 PM
> 
> > Hi just an update
> about the combined
> 
> > NULL+OWASP meet up planned for
> 
> > 5th September 2009 starting at 10 AM ( Saturday )
> 
> >
> 
> > There are two talks planned
> 
> >
> 
> > 1. Cookie Replay Attacks by Ravi (OWASP)
> 
> > 2. Cloud Security - 15 domains to think about before
> moving
> 
> > your app
> 
> > to the cloud. by Shashidhar (NULL)
> 
> >
> 
> > We plan to start dot on 10 AM as there is a lot of
> stuff to
> 
> > cover. The
> 
> > venue has a projector, power points, chairs and
> usually we
> 
> > get
> 
> > tea/coffee as well. In short an excellent place to
> have a
> 
> > fruitful
> 
> > discussion and learn from each other.
> 
> >
> 
> > 2009/8/13 Sundar N <suntracks at gmail.com>:
> 
> > > Just one update that I forgot to mention.
> 
> > > This is a combined meet with Null and OWASP .
> 
> > > Also there is a live hacking session planned as
> part
> 
> > of
> 
> > > the null meet.
> 
> > >
> 
> > > Regards,
> 
> > > Sundar.
> 
> > >
> 
> > > On Wed, Aug 12, 2009 at 7:21 PM, Sundar N <suntracks at gmail.com>
> 
> > wrote:
> 
> > >>
> 
> > >> Hello Everyone,
> 
> > >> It is scheduled to have the next meet on 5th
> Sep
> 
> > @10.00
> 
> > >> A session from Ravi on cookie Replay
> Attacks.
> 
> > >> Kindly make yourself available.
> 
> > >> Venue : Praxeva India Services Pvt. Ltd,
> Atrium
> 
> > Business Center,
> 
> > >> 66/1 2nd Floor, Coles Road, Frazer Town,
> 
> > Bangalore-560005
> 
> > >>
> 
> > >> Map Location : http://www.praxeva.com/contact_us.html
> 
> > >>
> 
> > >> Thanks to Simran, Akash & others in
> helping
> 
> > out for the venue :)
> 
> > >>
> 
> > >> Regards,
> 
> > >> Sundar.
> 
> > >
> 
> > >
> 
> > > _______________________________________________
> 
> > > OWASP-Bangalore mailing list
> 
> > > OWASP-Bangalore at lists.owasp.org
> 
> > > https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 
> > >
> 
> > >
> 
> >
> 
> >
> 
> >
> 
> > --
> 
> > warm regards,
> 
> > Akash Mahajan
> 
> >
> ----------------------------------------------------------
> 
> > Security Consultant, (Web / Networks /
> 
> > Servers / IT/ Virtualization)
> 
> > Founder Headstart Network Foundation
> 
> >
> ----------------------------------------------------------
> 
> > http://www.linkedin.com/in/akashm
> 
> > http://network.headstart.in
> 
> >
> ----------------------------------------------------------
> 
> > _______________________________________________
> 
> > OWASP-Bangalore mailing list
> 
> > OWASP-Bangalore at lists.owasp.org
> 
> > https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 
> >
> 
> 
> 
> 
> 
> 
> 
> _______________________________________________
> 
> OWASP-Bangalore mailing list
> 
> OWASP-Bangalore at lists.owasp.org
> 
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 
> 
> 
> 
> -----Inline Attachment Follows-----
> 
> _______________________________________________
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-bangalore
> 


      


------------------------------

_______________________________________________
OWASP-Bangalore mailing list
OWASP-Bangalore at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-bangalore


End of OWASP-Bangalore Digest, Vol 21, Issue 15
***********************************************



More information about the OWASP-Bangalore mailing list