lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1059269395.938.166.camel@localhost>
From: chris at neitzert.com (christopher neitzert)
Subject: DCOM RPC exploit  (dcom.c)

Hicks,

I am concerned that you construed my remark as going after F-D, I read
F-D for the commentary as I find it educational and entertaining at the
same time.

Pure-evil, in this case is not necessarily bad. 

Perhaps I should have been more verbose;

I'm particularly happy that this exploit has been published as i hope it
will motivate Microsoft to fix the problems with their McOS. 

Whats evil, or beautiful, about it (depending on how you look at it) is
that it works very nicely on an XP box hardened to NSA-SNAC
Specification regarding secure RPC.  

My hat is off to FlashSky, Benjurry, and H D Moore, keep up the great
work! 


chris



On Sat, 2003-07-26 at 23:45, hicks wrote:
> this was on a website before it was published on full disclosure btw it came
> out today and that was that, no need to go after full disclosure btw it was
> on french bugtraq soon after being published and then made its way on here
> why be on full-disclosure if u say its bad or pure evil.. Its well written
> and has a few bugs but its nice code IMHO, what u expect after the vuln
> releases
> 
> 
> ----- Original Message ----- 
> From: "christopher neitzert" <chris@...tzert.com>
> To: "Full-Disclosure@...ts.Netsys.Com" <full-disclosure@...ts.netsys.com>
> Sent: Saturday, July 26, 2003 6:19 PM
> Subject: RE: [Full-Disclosure] DCOM RPC exploit (dcom.c)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030726/ef554f52/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ