| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Aug 2007 14:51:03 -0500
From: Nicolas Waisman <nicolas.waisman@...unityinc.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Security Advisory] Backdoor Discovered
in?Immunity Debugger]]
Sorry for the delay, I was sorting my database of our users' debugger
sessions, emails, porn pictures, underwear size, etc.
NO, THERE IS NO BACKDOOR AT ALL IN IMMUNITY DEBUGGER. We don't get any
system information or "debugging sessions" (???) or anything else
weird like that. Immunity
Debugger does make an HTTP connection to Immunity to look for updates
much the way Firefox
or any other modern software updates.
Again, NO, we don't do any data mining.
In any case, thanks for the free advertisement "goudatr0n".
If you are still afraid, here is the list of md5 hashes:
437152d25787a1a06597f387d8f4811f ImmunityDebugger_setup.exe
00ff5ccf4b35fa9117bef2f23e108f61 Bookmark.dll
20152f8682a9b103ae3e41e1075048a4 Cmdline.dll
1aa2be74e77da0370986222efd794edd debugger.pyd
88d1df93fdb89dfbf5f9dd9b617ef28e ImmunityDebugger.exe
10acf61aa4046b1fc8c8e434fbd291d6 ImmunityDebugger.ini
c739f6a204665c05ee75f9b8a4f10d2f LICENSE.txt
89d432e3e47cb9546bf4d9a91f6fda79 loaddll.exe
7d5221499f25014169d555ea428e6053 uninstall.exe
f102ee2438bf9bdf1e6e84627d927909 updater.exe
Cheers,
Nico
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists