[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200209131443.g8DEhoG19875@mailserver4.hushmail.com>
From: isergevsky at hushmail.com (isergevsky@...hmail.com)
Subject: RE: remote kernel exploits?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>If this group of coders el8 (yes, I heard about them before - I
> remember
>somebody got the wu-ftpd 2.6.2 exploit from them a few weeks be
>fore it was
>released) would have such type of exploits than it's only a mat
>her of weeks
>before it's gonna show up.
>
Not everybody cares about disclosing bugs as you SURELY don't know. The ~el8 team are supporters/initiators of 'Project Mayhem', an underground movement trying to bring the internet to its knees. They will not disclose such thing. Ac1dB1tch3z are aswell supporting this movement.
>Since they're underground they're probably not looking for mone
>y but fame (if
>they really want to steal cc information all they have to do is
> search google
>for orders.dbf cart32.exe and God knows what other insecure web
>cart
>releases.). So if they're looking for fame they will probably r
>elease in a
>few weeks or so some kind of exploit (with something like "wors
>hip us 'cauze
>we are the gods of coding" in the coments).
>
Hahahaha! Not *EVERYBODY* cares about hacking into pr0n websites to grab warrez. Besides, these guys seem to have more skill than u can imagine and they don't care about YOU or other kiddies like you 'worship' them or not. Disclosing such a bug (if it exists) would mean TOTAL HAVOC on InterNet structure.
>Yes, it's true that a kernel exploit would pass firewalls becau
>se 99% of
>firewalls are based on kernel. But i don't think that it would
>be the end of
>the world. Because the reason we love open-source is the speed
>of patching
>it. And if it's gonna be an exploit, there's certanly gonna be
>a patch for
>it. Apache, OpenSSH, OpenSSL are all widespread services yet th
>ey all have
>been vulnerable... we survived. We're still here... my server's
> are still not
>compromised... So have no fear cause "In open-source we trust"
>
>--
>-------------------
>Proud member of PentaGuard
>"Making the net a safer place since 1998"
Let me laugh my ass off, please! Since when does PentaGuard care about security? Last time i checked you guys were a lame defacing group using IIS 4.0 exploits to own .mil sites. As people found out that the bug exists (after 1 year since it was posted on bugtraq) your group's activity was reduced to zero. You have no clue about the scene or *nix. Please, dont make a fool out of yourself and shut up.
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com
wl8EARECAB8FAj2Ck/MYHGlzZXJnZXZza3lAaHVzaG1haWwuY29tAAoJEMfRnqqodk8T
SwkAn068ZgxaYV2d14L0MZE1Dc//+WiaAKCMeolS1wwqZsdG1PFizSPlQe7+cg==
=aphN
-----END PGP SIGNATURE-----
Get your free encrypted email at https://www.hushmail.com
Powered by blists - more mailing lists