| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 22 May 2012 09:55:48 +0100 From: Michele Orru <antisnatchor@...il.com> To: Juan Sacco <jsacco@...loitpack.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>, Charles Morris <cmorris@...odu.edu>, Juan Sacco <jsacco@...ecurityresearch.com> Subject: Re: FW: Curso online - Profesional pentesting - Promocion ( 25% de descuento ) LOL, when did I say ExploitPack is cool ? Maybe in your dreams! And btw, the Javascript agent you sent are not the one I analyzed. This is the one: http://pastebin.com/7j1wfB2n After you scroll down, skipping jquery, you see the BeEF code that you included. You were just replacing the BeEF global variable calling it "bot", and re-using large parts of BeEF. Anyway, everyone knows you...you're like the second MustLive. Your Metasploit clone, apart from shitty InfoSec articles, is a complete failure and clone. So get a life man! Cheers antisnatchor On Sun, May 20, 2012 at 8:04 PM, Juan Sacco <jsacco@...loitpack.com> wrote: > Michele Orru.. Sorry to write you directly to the list.. But you did it > too.. So.. please allow me to answer.. > > Exploit Pack != Beef ... Just similar projects.. different approaches > > In fact you came to a webcast where I showed the code of Exploit Pack... I > remember you saying that Exploit Pack is a cool project... > > Please check out our javascript agent... > http://www.exploitpack.com/Gate/jsacco.js > http://www.exploitpack.com/Gate/PLAINdoMagic.js > > I am not pointing you with a gun.. if you don not like Exploit Pack tools.. > just do not use our tools... > > In my personal opinion, beef is a good project, in fact I am a big fan of > it. But it doesnt work like i want it, beef cannot handle more than 10 > bots.. almost all the times I run the ruby project it crashes.. also some > modules doesnt work either.. the popup persistent is old and do not work on > recent browsers.. among other things.. Also beef doesnt have any module for > defense like clientside SQLi / XSS protection... > > SQLi: http://www.youtube.com/watch?v=kD2gI8giOQA > XSS: http://www.youtube.com/watch?v=1rYy5SA9PPs&feature=relmfu > > Regards > JSacco > > On Sun, May 20, 2012 at 7:40 AM, Michele Orru <antisnatchor@...il.com> > wrote: >> >> An btw, his WebSecurity tool is a pure clone of BeEF. >> >> If you try it, and analyze the Javascript hook file, is the same thing. >> He just change the global variable name from beef to bot, leaving >> everything else :D including the BeEF version he used to copy from. >> >> LOL. >> >> On Sun, May 20, 2012 at 8:30 AM, BMF <badmotherfsckr@...il.com> wrote: >> > Actually, this Juan Sacco assclown has been pissing me off too. I'm in >> > some group with him on linkedin and getting his messages. I keep >> > flagging them as spam. I wish I knew how to get him to stop emailing >> > and messaging me. >> > >> > Juan: Knock it off, you disaffected deleterious douchenozzle. >> > >> > On Sat, May 19, 2012 at 10:44 AM, Charles Morris <cmorris@...odu.edu> >> > wrote: >> >>> I request your permission to test any and all of your facilities in >> >>> any way I deem appropriate including (by not limited to) your personal >> >>> machines, the machines of your coworkers and family, and any other device I >> >>> deem within scope of my testing. Further, I request you to grant full, >> >>> unlimited access and authorization for me to test these devices in any way I >> >>> see fit with full unadulterated impunity. >> >>> >> >> >> >> stop flexing >> >> >> >> _______________________________________________ >> >> Full-Disclosure - We believe in it. >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> > >> > _______________________________________________ >> > Full-Disclosure - We believe in it. >> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> > Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> >> -- >> /antisnatchor >> >> _______________________________________________ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ > > -- /antisnatchor _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists