Win2k ( + NT ) source code leak

[no_way]

For people who dont happen to frequent slashdot:

Win2k source code has hit the net. The file listing has been posted publicly, and it appears to be legit. Not full, i.e. some subsystems are missing but frigheningly large part is in.

 

[zurich]

http://news.bbc.co.uk/1/hi/business/993933.stm

Confirmed.

Source:

http://www.hopf.demon.co.uk/humour/win98.txt

 

[V3]

Hmm this is bad, I suppose. Like there isn't enough security hole in Windows to begin with.

Now hackers have a freaking blue print to those security holes, this is going to suck

 

[rabidrabbit]

Does this mean that Microsoft does not keep their workstations up to date with their own security patches :?

 

[no_way]

k, the code is out there, but its Win2K only. Quite some spin around already too, BBC is reporting that MS was hacked into with some virus and their network was compromised for more than three months.
MS-Watch and some other sites are speculating on leak via MS Shared Source Initiative.

 

[nutball]

k, the code is out there, but its Win2K only.

The installed base of Win2K is pretty large I think. Lots of businesses run it, they're more conservative about upgrades than Johnny Home User.

Secondly, there's quite a lot of commonality between NT, 2K and XP, so any gaping holes in 2K may well be present in the other two as well.

There's also the thorny issue of IP, Linux, etc. Non-trivial.

 

[bloodbob]

I'd like to thank everyone here by ruining the name of beyond3d by advertising warez. If you don't understand how you have advertised warez it is simple because you have openly told people that a partial copy of the windows source code is illegally aviable on the internet.

For more information on how you have done this you may whish to see this thread

http://www.beyond3d.com/forum/viewtopic.php?t=8368

 

[epicstruggle]

bloodbob, i was going to piss on your post. But after reading the slashdot article and comments. I found that one (or more didnt read them all) post had a bittorrent link to the source code. So I guess this thread should either get deleted, locked, or the offending link removed.

later,
epic

 

[no_way]

I found that one (or more didnt read them all) post had a bittorrent link to the source code.

Oh, for god sake. At the time of when i posted this, there were NO links to the source. Also, there are two thousand posts already on the slashdot, do i have to grep them all ?

Of course, starting a thread that announces a leak or a theft of source codes should be fine but if the thread continues onto discussing the source codes it will not be allowed.

Is it ok to discuss the implications of this ?


BTW its all over the news by now

 

[epicstruggle]

I found that one (or more didnt read them all) post had a bittorrent link to the source code.

Oh, for god sake. At the time of when i posted this, there were NO links to the source. Also, there are two thousand posts already on the slashdot, do i have to grep them all ?

Of course, starting a thread that announces a leak or a theft of source codes should be fine but if the thread continues onto discussing the source codes it will not be allowed.

Is it ok to discuss the implications of this ?

I wasnt checking timedates either. There is a valid point that the thread you are linking to has info on getting the source code. Now you and I might not have a problem with that, but others might.

Theres also rumours that office xp sp3 has been leaked to. Not a good day for microsoft.

later,
epic

 

[bloodbob]

I found that one (or more didnt read them all) post had a bittorrent link to the source code.

Oh, for god sake. At the time of when i posted this, there were NO links to the source. Also, there are two thousand posts already on the slashdot, do i have to grep them all ?

You think that there wasn't heaps of HL2 beta news items???

 

[K.I.L.E.R]

I don't mean to start conspiracy theories but could someone from the inisde who loathes Bill Gates have done this?

Or was it the Illuminati?

*Sorry, couldn't resist.

 

[epicstruggle]

The leak has already been identified. It was Mainsoft.One of the many companies/universities/countries that have some part of the source code.
http://slashdot.org/comments.pl?sid=96614&cid=8266501

Security bugs.. Nah...
$ grep -r strcpy -i . | wc
10454 42054 1069145

Where it was ganked from:
There is a core dump file inside the windows 2000 (sp1) archive, it clearly shows that the source was stolen from a system at Mainsoft. The following url confirms that they did have access to the leaked code. http://mainsoft.com/news/press_releases/2000_3_22_ 01.html

The actual strings which confirm this:

PWD=/usr/ms/win2k_sp1/private/security/msv_sspi
DOMAIN=mainsoft.com
REPLYTO=eyala@mainsoft.com
ORGANIZATION=Mainsoft Co. Ltd.
MWBATCH_SERVER=lod:8000
MSOFTLM_HOST=@xor
MAINSOFTLM_HOST=@xor
XAPPLRESDIR=/il2/users/eyala/app-defaults
EDITOR=vi
BASE_LIBPATH=/usr/lib

later,
epic

 

[Althornin]

I'd like to thank everyone here by ruining the name of beyond3d by advertising warez. If you don't understand how you have advertised warez it is simple because you have openly told people that a partial copy of the windows source code is illegally aviable on the internet.

For more information on how you have done this you may whish to see this thread

http://www.beyond3d.com/forum/viewtopic.php?t=8368

Give it up already, please grow up. You'd be alot more believeable if the only reason you do stuff like this wasnt because you'd been called on it in the past.
troll.

 

[digitalwanderer]

Is it only the SP1 code that's been leaked like I've been hearing?

EDITED BITS: For clarifications sake, is it just the Win2K SP1 code that was leaked as W2S is reporting and if so how bad is that?

 

[Sxotty]

And now you see why they did not want to give their source code out to folks...

 

[nelg]

push me

/* Source Code Windows 2000 */

#include "win31.h"
#include "win95.h"
#include "win98.h"
#include "workst~1.h"
#include "evenmore.h"
#include "oldstuff.h"
#include "billrulz.h"
#include "monopoly.h"
#include "backdoor.h"
..............

 

[ByteMe]

I hope this hurts m$.

 

[K.I.L.E.R]

I hope this hurts m$.

Short term hurt. I don't see it hurting them in the long run.

 

[notAFanB]

I hope this hurts m$.

if it's legit, it will. Don't forget to kill all humans btw.