From owner-freebsd-security@freebsd.org  Tue Mar  7 20:29:48 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id E157AD02089;
 Tue,  7 Mar 2017 20:29:48 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-ua0-x244.google.com (mail-ua0-x244.google.com
 [IPv6:2607:f8b0:400c:c08::244])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id A72B81A98;
 Tue,  7 Mar 2017 20:29:48 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: by mail-ua0-x244.google.com with SMTP id 72so2676754uaf.1;
 Tue, 07 Mar 2017 12:29:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:from:date:message-id:subject:to:cc;
 bh=c7V23IEUlgIt6PhlZHJt9kZ8ynZqdukuFygrFP5v0yk=;
 b=MlMUlTMMySclqV7c/eUrxqXstSi2Tsa93vDMR8fitNcxDCBy7nm2xa7yQEf8IOCrkT
 5YQltvsRDWVYmta18ihFUslIu8k8Y/vK/ZJXf7uXzRiALlYkfX7ipbS7g8uVjJbI0jal
 koWIS2uz4Guw2i+lsPCzDFyxsNVFRpA6zXcwtZOklf0w82EEeExhWnQcbRWgH1gh57L7
 a0NV9ceCWedSxjqQAioXAEXejh2doo/n8XSWLM7VvpBAmt0Tg/6VRnS674HwLOfE/5/O
 Tm2mgSfijCYtG68xtdGm5WaumRdVjsC7PCJU14e4tlmz2mcKajNT0iwl/M5Dper60q1/
 2JAA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
 bh=c7V23IEUlgIt6PhlZHJt9kZ8ynZqdukuFygrFP5v0yk=;
 b=so0FuFe4XjEBJVGx4mSuTZzBYEUzgbM4z8iXXm6fhio/ebVn3kWZ+EMcMKxCa7lI8s
 m5pmdWi5/iqlrr+HtHc0cxW4zszgipBjXp61H082GtJaFUipvgvjQBWij3/rEG2ZyAc4
 CwEa+DEujPA9EBtniFFaO7T97U4TWM3ns8WBiFJF3DsqeUvv36FmQ1R0Q5njV9xLBR/j
 nE+04XNAVSfUhspRPfqQ1abayVfmtub6VX9wRaUeIfUHK//cO6+jD2xrrPoCwbVYaKm1
 vuD1S554SDRCbRoK61ygTyN/HXI4ipmRi9l/EVvYm9Zc7Ci4fRnOAFwrHeV/JRQYS/jz
 OfkA==
X-Gm-Message-State: AMke39kJOA4DnlK8IQfp+flYzhRs0/X6/DlIj4crCM49ymtd2AkO+hL/amUDKkHqZpCCK/raRPqiuyKsMf7aoQ==
X-Received: by 10.176.83.142 with SMTP id k14mr1259753uaa.64.1488918587627;
 Tue, 07 Mar 2017 12:29:47 -0800 (PST)
MIME-Version: 1.0
Received: by 10.159.48.143 with HTTP; Tue, 7 Mar 2017 12:29:07 -0800 (PST)
From: grarpamp <grarpamp@gmail.com>
Date: Tue, 7 Mar 2017 15:29:07 -0500
Message-ID: <CAD2Ti28acbW+pGQR5UihECWvg9WduGmVzkVFug_2ZWRF2zyTBw@mail.gmail.com>
Subject: WikiLeaks CIA Exploits: FreeBSD References Within
To: freebsd-security@freebsd.org
Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-Mailman-Approved-At: Tue, 07 Mar 2017 20:56:43 +0000
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 20:29:49 -0000

https://search.wikileaks.org/?q=freebsd

Currently returns many pages similarly named...

"Shell Code Database
This page includes local links to a shellcode
database discovered at shell-storm.org."
(And a pentest report mention from much older HBGary.
Plus some other unlikely miscellaneous hits.)

As this is only part 1 of a supposedly multipart release
of potentially new exploits, it makes sense to establish
ongoing search and review of this dataset for any as yet
unfixed exploits.

Included as fyi on cc: questions@ and hackers@ .
Discussion is likely better moved in reply to just security@ ,
with reporting of any actual unfixed exploits found
to the FreeBSD Bugzilla tracker.

From owner-freebsd-security@freebsd.org  Wed Mar  8 15:52:09 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00315D037CA;
 Wed,  8 Mar 2017 15:52:09 +0000 (UTC) (envelope-from des@des.no)
Received: from smtp.des.no (smtp.des.no [194.63.250.102])
 by mx1.freebsd.org (Postfix) with ESMTP id B493D1D86;
 Wed,  8 Mar 2017 15:52:08 +0000 (UTC) (envelope-from des@des.no)
Received: from desk.des.no (smtp.des.no [194.63.250.102])
 by smtp.des.no (Postfix) with ESMTP id 59DE010BA6;
 Wed,  8 Mar 2017 15:52:07 +0000 (UTC)
Received: by desk.des.no (Postfix, from userid 1001)
 id 714AA7026; Wed,  8 Mar 2017 16:52:08 +0100 (CET)
From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no>
To: grarpamp <grarpamp@gmail.com>
Cc: freebsd-security@freebsd.org, freebsd-hackers@freebsd.org,
 freebsd-questions@freebsd.org
Subject: Re: WikiLeaks CIA Exploits: FreeBSD References Within
References: <CAD2Ti28acbW+pGQR5UihECWvg9WduGmVzkVFug_2ZWRF2zyTBw@mail.gmail.com>
Date: Wed, 08 Mar 2017 16:52:08 +0100
In-Reply-To: <CAD2Ti28acbW+pGQR5UihECWvg9WduGmVzkVFug_2ZWRF2zyTBw@mail.gmail.com>
 (grarpamp@gmail.com's message of "Tue, 7 Mar 2017 15:29:07 -0500")
Message-ID: <86innjojfb.fsf@desk.des.no>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (berkeley-unix)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Mar 2017 15:52:09 -0000

grarpamp <grarpamp@gmail.com> writes:
> https://search.wikileaks.org/?q=3Dfreebsd
>
> Currently returns many pages similarly named...
>
> "Shell Code Database
> This page includes local links to a shellcode
> database discovered at shell-storm.org."

That doesn't indicate a vulnerability.  Shell code is what you use to
exploit a remote code execution vulnerability once you've found it.  It
usually needs to be tailored to the target operating system, sometimes
to the exact environment and to the application used to inject it, so it
makes sense that a shell code database would reference FreeBSD.

> [...] it makes sense to establish ongoing search and review of this
> dataset for any as yet unfixed exploits.

Note to anyone thinking of getting involved in this: depending on your
jurisdiction and employment situation, downloading material from the CIA
dump may be illegal and / or a firing offense.  Simply browsing it
online may or may not be safe; get legal advice before you do.  IANAL.

DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no

From owner-freebsd-security@freebsd.org  Thu Mar  9 10:38:46 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8D655D042BA;
 Thu,  9 Mar 2017 10:38:46 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-ua0-x230.google.com (mail-ua0-x230.google.com
 [IPv6:2607:f8b0:400c:c08::230])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4888D1CB5;
 Thu,  9 Mar 2017 10:38:46 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: by mail-ua0-x230.google.com with SMTP id u30so75868316uau.0;
 Thu, 09 Mar 2017 02:38:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc:content-transfer-encoding;
 bh=H3ycku3Xlb4JAuzrinsJ6FKhezaV5a30fGV6cFUNo2A=;
 b=IBX9cYm0EtUmEOj4Iel5sJBcqcpogFC+AYafe9bLkqtGYsaWohRXSmXbB2TFwAG11h
 aJVZcqmDPR3wx4aeNWg56hpGwg88khdyqy7OerJVjhS2/N1RmMetaAUOw+g+tWEtzWSj
 HRyu4R7kU7lU2zbxMChE+a76H7xezTexuEbH0tLoY2+iKdmM35RFj3emoNRe51BhnTVj
 i5ALXtsxqo7WlRcX/32bXrWoUYMY/EulUJXeM/2vpjJu37FvqBznSTkrT/9mnn5VaDD2
 MNzxQ9N1CGX6vE7/Z8NrCQkT5+WFv7qD2UGWKw4/bWrPl2lHMTavBzCb5VKhlLXy3dJZ
 yvUA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc:content-transfer-encoding;
 bh=H3ycku3Xlb4JAuzrinsJ6FKhezaV5a30fGV6cFUNo2A=;
 b=nwD8Q/+UpPsDhfoMwzkPuJSRK2kHkbzVB22vaaEzAcdUW0LvgHAdgntgF1zaVrbeqg
 6qyzQ79trYoGqabr8bIlqi6BVA7pSkdZFynO24yhTBeUYx8fG53N8DhZagm/Z2fmXHId
 hqb2M8epSSQKcoGqaPwQaY1JvB0IbWdA8OALfQci8lvSNYh+tO+ZOpBXTH+CbUSZmmPi
 nkyUdyY9qyWDwZ0adSJM4X6rXZzwmQgmCJyTZq1J6QI5uaQd3OUTy9IrSZtONObyUE4m
 g4s4jf8wVI510cTmoHiSW9Ct9Apu1ynoGYHNkt3f754mWVyyHa2tEorxkZeivJI5dgpX
 DXxA==
X-Gm-Message-State: AMke39nPVT4Nwiz9/nqS5EmYgo6TwbMYdZuUWY0E/WoOVBtIjgaIMCWP3p6XW8GByjMcI3pHc8W9XOGbzDXpyA==
X-Received: by 10.31.137.75 with SMTP id l72mr6722253vkd.138.1489055925238;
 Thu, 09 Mar 2017 02:38:45 -0800 (PST)
MIME-Version: 1.0
Received: by 10.159.48.143 with HTTP; Thu, 9 Mar 2017 02:38:04 -0800 (PST)
In-Reply-To: <86innjojfb.fsf@desk.des.no>
References: <CAD2Ti28acbW+pGQR5UihECWvg9WduGmVzkVFug_2ZWRF2zyTBw@mail.gmail.com>
 <86innjojfb.fsf@desk.des.no>
From: grarpamp <grarpamp@gmail.com>
Date: Thu, 9 Mar 2017 05:38:04 -0500
Message-ID: <CAD2Ti29qm-JK6RR0HpY+gpvpXwFcGRTJp7F6acWW0sN1H-KwBA@mail.gmail.com>
Subject: Re: WikiLeaks CIA Exploits: FreeBSD References Within
To: freebsd-security@freebsd.org
Cc: freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Mailman-Approved-At: Thu, 09 Mar 2017 12:18:04 +0000
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Mar 2017 10:38:46 -0000

On Wed, Mar 8, 2017 at 10:52 AM, Dag-Erling Sm=C3=B8rgrav <des@des.no> wrot=
e:
> grarpamp <grarpamp@gmail.com> writes:
>> https://search.wikileaks.org/?q=3Dfreebsd
> That doesn't indicate a vulnerability.  Shell code is what you use to

Yep, sec folks are aware of the difference between
sample and exploit code, and vulnerabilities.
https://www.freebsd.org/security/advisories.html
http://shell-storm.org/shellcode/

The post wasn't meant to "indicate a vulnerability".
But as a heads up that maybe some might end up being
published there. On the other hand, there are countless eyes
on it, so OS vendors will find out in time,
even if they aren't eyeballing it themselves.

> legal advice

Let us all get legal advice before living, as it might entail risks ;)
Lots of sites offer a variety of advice for those facing risks.
Here are some related to employers, browsing, and law...
https://intelexit.org/ https://www.youtube.com/watch?v=3DfklxuoBXXqw
https://www.torproject.org/ https://geti2p.net/
https://www.eff.org/
IANAGPA, but they do exist.

(Btw, the pentest turned out to be old Nessus and Metasploit stuff.)