| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun Jul 9 03:33:02 2006 From: evilrabbi at gmail.com (evilrabbi) Subject: i've found an exploit, but i want to make it do something before i report it Here are some pretty generic things.. Bind shell, connect back shell. have it download a file an execute it. Those are just a few ideas... On 7/7/06, ima cow <i-am-cow@...ers.com> wrote: > > i understand that this is "full disclosure", but before i actually spill > the beans on the exact nature of the exploit i've found, i'd like to make it > actually do something. > for now, know that it affects a popular plugin for a popular messaging > program. > i'm at the stage where i can run any command on the remote user's computer > (just like start > run...), or have them request remote assistance. > other than showing them goatse, what can i do with this? > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > -- -- h0 h0 h0 -- www.nopsled.net -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060708/b91b8770/attachment.html
Powered by blists - more mailing lists