| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 May 2014 05:08:24 -0400 From: wola4@...e-mail.net To: coderman@...il.com Cc: fulldisclosure@...lists.org Subject: Re: [FD] project unicorn exploitable index Ok some details : If I should go for a paying model, it might be a REST/JSON API access, 0.5 btc per month is my first idea. It's back online for the day. The crawler is running at 3-20/hosts per hour, basic http auth disclosure is easily findable. PHPSESSID would work on last added hosts (last page, natural insert order for now). Planning : Short-term - Timestamping - Housekeeping - Heartbleed ticker for more data on open hosts Project distributed exploiting, long term : - Finishing leaf instances images (nodes connecting to master(s) for exploits/scan queuing/reporting) bootable in any supervisor - Securing the communication bus - Open exploits plugin system on clearnet so people can extend (github, whatever) Question now ... I can't see this going clearnet right ? Any insights on how ... legal it would be ? I truely think, securing people will only be done by kicking them in the nuts ... Sorry if you're in there, blame your provider. On Fri, May 9, 2014 at 6:12 AM, <wola4@...e-mail.net> wrote: > ... > Dropping this here, ... > http://unicorntufgvuhbi.onion/ miss it already... (~_~;) best regards, (if/when resumed, what about X.XXXBTC for db export?) _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists