[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200307270830.h6R8UCN9019269@haackey.com>
From: neeko at haackey.com (Neeko Oni)
Subject: DCOM RPC exploit (dcom.c)
Note: I'm pretty sure this'll spawn a lot of vicious hatemail and/or a
subthread or two about how *horrible* I am for posting Chris's mail to me.
Honestly, I don't care. It'll be nice to see how many people reading this
list are "PaymeforCSandPorn" admins. I think our writing is far more
readable (and less insulting to the eyes) than that of morningwood/etc, and
if they can take the list in horrible, offtopic, flame-engulfed directions..
At least when I write "ware to omppile code plz!!!!!!" I'm *kidding.*
Read on, my children. Laugh, as I have laughed. If you take this too
seriously, go read some Hopkins. That dapple-dawn-drawn falcon always
makes me feel better.
Everything quoted with ">" is Mr. GenericWinAdmin.
(Chris)
.Neek
>
>
> I'm taking this off the list, since you're obviously after a flame-war. I'm not
> about to start one on the list.
I wasn't after a flame-war, you were flamebait.
>
> If the worm goes after SP3, it'll get 70-80% of the Windows hosts on the net,
> while the others just fall over. Plenty enough to propagate, and a nice way to
> kill the remainder.
99% of statistics are made up. 100% of the bullshit you cite is bullshit.
Next?
(Oh, and why aren't those 70-80% patched at SP4 with RPC firewalled?)
>
> What's the weather like on your planet? What about the compiled binaries that
> people are now hosting?
>
I thought I'd kill two birds with one stone and point out how ignorant/lazy/etc
you were being _and_ take a shot at the people asking the same questions you
were probably asking in #l33th4ck@...RN3T a few weeks ago.
(were do i downlod gcc !!! i have winxp)
>
> You've obviously never administered a network with 10,000 servers.
>
Typical. "Waahh, I can't be expected to firewall, patch, or otherwise protect
my machines! When will I have time to play Counter-Strike and leech porn?"
You aren't /actually/ paid to play CS and download pornography, sir. That's
why you have to take classes in buzzwordology, remember?
>
> How about blaming people who give guns away for free?
>
What would you do for a profession if it weren't for people giving away 'guns'
for free? Dear Mr. Pentester, you're staring the gifthorse in the mouth and
asking for trouble.
>
> Actually, NAT is the correct word. Network Address Translation covers a range
> of IP-layer translation technologies - check your facts.
You should be more specific in the future; this is, infact, a technical forum.
It's not just the place where you can collect warez, charge Joe Corp to run it,
and whine that other people can do the same thing.
>
> As for looking like I'm exploiting these sites - have you sat on a raw internet
> pipe and looked at the amount of TCP/135 traffic flying around at the moment?
> You really think any more is gonna be noticed?
A raw.. internet pipe.. Someone flipped over his buzzword of the day calender!
PHB, is that you? I think it's nice that you've backed off and you're trying
to justify your suggested attack on those servers.
(ObGodwin: I bet you're the kind if *Nazi* that burns books you don't agree
with, too. Information is for you, and you alone!)
>
> The point? There is none. That's why I was thinking of doing it instead of
> actually doing it.
You essentially threatened those websites. Have I told you to grow up yet?
I'm telling you now. Grow up.
Nobody is to blame when your machines get compromised by your clubie brethren
*except you* -- astounding.
>
> Mental giant? Probably not. Smart enough to write my own exploit code for
> this? Yes. Smart enough to work for NGS Software, pen-testing some of the
> worlds largest companies? Definitely. Don't believe me? Phone up any of the
> top guys at Oracle and ask them about me - they all know me by name, and will
> vouch for my intelligence and skill. You, on the other hand, are a nobody.
I'm Neek. Nice meeting you. I'd never heard of you before your inane,
ignorant post on this list; great way to meet someone, eh? Sir, you don't
matter. I hate to burst your bubble, but I came home to a nice load of
messages saying I did the right thing, smacking you in the head.
"I'm Nobody! Who are you?/Are you - Nobody - Too?/Then there's a pair of us!"
>
>
> Sure. Despite the fact that I was penetration testing for a living long before
> Slammer hit. And if you think it's dumb to still be patching when Slammer hit,
> I say again - you've never administered a network of 10,000 servers. Even MS
> got hit - patching servers was evidently not as easy as you made out.
What are you paid to do? Oh, that's right. Counter-Strike and porn.
Welcome to the real world. Perhaps Microsoft got hit by Slammer, but remember:
They're the same knuckleheads that wrote the software being exploited.
How long did you girls have to patch before Slammer came around? Do you
play *that much* CS? Do you view *that much* pornography? Get on the
fucking ball and stop ruining things for the rest of us.
>
> Next time you want to start an argument to try and make yourself look smart,
> make sure you know what you're talking about first.
Next time you post a whiney message to a mailing list.. make sure
you're justified. Or keep it simple: "I DON'T WANT TO PROTECT MY MACHINES!
STOP RELEASING CODE! I PREFER TO BURY MY HEAD IN THE SAND AND PRETEND ITS
NOT EXPLOITABLE!"
Many long discussions with people far less.. well, you're /that/ type of
"security" guy. Then there's the other, productive type. After long
discussions with the /productive/ type, it's pretty easy to say that you
guys would never patch (until compromised) without having an exploit thrown
in your face. It's the sad, sad truth.
>
> Chris
>
More notes:
* Refer to the "A question for the list..." thread (back in May?) before
crying about forwarding a "private" conversation between two people.
* Notice that I didn't say anything regarding whether our friend Chris
actually has the credentials he brags about: The horrible truth is, he
very well may. These guys get paid an awful lot to play CS/view porn/echo
buzzwords, and they make good impressions on (clueless) managers. He could
very well be some kind of PHB security messiah. Another hint as to why
Slammer was such a 'success' as far as propagation. This leads us to...
* Neekie's Law: Those who can, do. Those who can't, get promoted.
If you've read this far, I think you'll read anything. Read this.
[Bratty Little Bacon Boy]
Bratty little bacon boy-
Oh, what a bratty little bacon boy, he was.
Bratty little bacon boy ate bacon, nothing more;
Nothing more, nothing less... bacon, he said,
Was the very best!
Bacon in the morning, bacon in the noon,
Bacon on a moonlit night, bacon in the bedroom.
That was, of course, until the faithful day,
When bratty little bacon boy... turned to bacon-
And tragicly, sadly, sizzled away.
Yum.
Powered by blists - more mailing lists