lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: phc at hushmail.com (phc@...hmail.com)
Subject: greyhat-IS-whitehat?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

First of all - the guy posting from phc@...h.com is a moronic poser.

On Thu, Sep 19, 2002 at 08:52:00PM -0600, Charles Stevenson wrote:
> Fuk,

fuk is dead (R.I.P dawg). Please address us as PHC.

> Since when do I work for SnoSoft? I'm a fucking lab assistant bro. I
> help people setup network printers and fix paper jams. I make minimum
> wage.

That's too bad, Charles. PHC feels sorry that a w00w00 'security expert' such as yourself is struggling to get through life -- in fact, we'd be more than happy to make a donation. We could send 5 0days to SnoSoft under your name if you like -- that would earn you $250 ($50 per exploit) -- and you could possibly invest it in a slab of prozac and a handjob down at your local brothel (you have a lot of pent up tension).

> Secondly since when am I a whitehat? Do you have any idea how many
> machines I've rooted in my life?

No, but please feel free to tell us. PHC would like to apply Lance's theory of 'know your enemy' to this particular case.

> Pfft... I rose from script kid to exploit developer in 3 years. Maybe
> you're jealous that some of us actually learnt from w00w00crond.c and > went from ./w00w00crond to #!w00w00.

The only thing you learnt from that exploit is w00w00's says-it-all phrase: 'You're lucky we're whitehats, else we'd own your dumb ass' (or whatever).

BTW - does w00w00 take donations? We have a CD with beta AIM sources that we could possibly throw their way if they are ready to make an oh-so-big impact on the security scene with their annual advisory...

> I'm coming after you and you know what I don't think anyone would
> care if I have to break the law to put your nuts in a ringer. So
> climb down off your soap box. PHC couldn't hack their way out of a
> wet paper bag. So if you wanted a war. You got one. And to quote

Well, core.. not much is exploitable in a paper bag, but, using mystical
black arts we would:

  1. Assign a point on the bag at which to overflow.
  2. Decide who could aim their penis with tactful-precision.
  3. Aim the penis at the overflow point and begin to urinate.
  4. Once the overflow point is nice and moist, penetrate the paperbag.

> So if you wanted a war. You got one. And to quote  2pac... 'and
> please print this.' No actually I'll save you the trouble.

We don't want to wage war with you any more than we'd want to kick a wheelchair confined amputee in the nuts.

We do believe in a certain amount of charity. The farthest we'd go from matched competition is to GForce Pakistan. We wouldn't meet you in the abyss beyond that.

> ALIAS: core
> REAL NAME: charles stevenson
> WORK: snosoft <-- i have access to their boxen but is
> snosoft even a company? free access to hardware I
> can't afford so that I can make 0day for ingrateful
> script kids like yourself? why do I bother? because we
> all start somewhere. and i started out ./'n .za. But
> as I've walked the path from neophyte towards guru I
> have gained some wisdom and some respect. You lack
> respect, skill, talent, creativity, ethics, and
> probably don't even have pubes yet. I will never work
> for a bullshit security company that wants nothing
> more than to slap me under an NDA and own everything I
> work on, force me from contributing to open source,
> etc.. If I was to go out labeling people as this or
> that I think I would do my fucking homework first.

We're glad you're doing custodial work at SnoSoft. It's a great opportunity for you to prime your dumpster diving skills to find the sheets of paper used by KF in jotting down his intense mathematical calculations for his perl -e command line overflows that are as interesting as watching paint dry.

Please give Blue Boar our best regards. As SnoSoft's assistant janitor, he is really trying to at least maintain a fingernail grip on his estranged Vuln-Dev, but sadly, The Vuln-Dev New Guy is at a higher rung of the ladder and casts all of Blue Boar's technically challenged posts in the trash.

> AFFILIATIONS: b10z <-- b10z has been dead since like '99.. anyone
> who joined thereafter has no idea what b10z used to do
>
> The only affiliation I claim is with the Creator and my fellow man. So
> from one man to another.. from one whose shit stinks just as bad as
> yours... whose blood is just as red as yours... who is also mortal,
> human and prone to imperfection. Shut the fuck up. Get a life. What's
> even funnier is I bet when I pull down your mask we can all laugh at
> the fact that you work as a security consultant. A little too
> ironic.. yeah I really do think. ;)
>
> http://phrack.efnet.ru/greyhat-IS-whitehat.txt

It might have been a better idea to put this URL at the top of the e-mail so people knew what you were rambling on about from the start.

> All your 0day comes from us... you really want to bite the hand that
> feeds you?

"Us" as in whitehats? We knew it. Yes, you feed us. No mistake about that... we've compromised so much shit with the CSS/XSS crap pumped out by people like you daily.

In conclusion:

Your very ignorance in calling people you don't know 'script kids' -- you attest PHC relies on exploits you create, you fucking inbred imbecile -- is the same level of ignorance that has seen so-called 'experts' in the passed owned to fuck. Anyway, it is our collective opinion that you're a total zero, and the fact that you consider yourself a formidable opponent is truly laughable. Don't you have better things to do than throw tantrums on public mailing lists?

> peace,

Peace? Is this not a little bit of a contradiction after you have just declared war on the #phrack High Council?

> core
>

PHC

> --
> Charles Stevenson (core) <core@...eoa.com>
> Lab Assistant, College of Eastern Utah San Juan Campus
> http://www.bokeoa.com/~core/core.asc
>

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlgEARECABgFAj2LDCsRHHBoY0BodXNobWFpbC5jb20ACgkQ0rw64nEc6GKbqACfQkQp
RVPX5tud3LzPpNichDcHl8QAnjy2bKE70WWTDFuvVpCrUm6FkCXz
=83sN
-----END PGP SIGNATURE-----




Get your free encrypted email at https://www.hushmail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ