| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.44.0309092306400.27550-100000@felinemenace> From: nd at felinemenace.org (ned) Subject: Re: InlineEgg library release seeing that your syscall proxying implementation was the first of it's kind (publicly) , it really doesn't paralell to the current situation. this is the first code published by CORE that is directly included in IMPACT no? as dave aitel as been openly sharing pieces of his CANVAS since it's inception, and now you've decided to open the gates and release something similiar to what he has been developing (openly) for months? no doubt you've provided decent pentest-esque style talks at a multitude of hacker-cons, except this time, the timing is a little too coincidental for my liking. On Tue, 9 Sep 2003, Ivan Arce wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > To the moderator: I am not subscribed to full-disclosure myself, but > I would like this reply to be approved since it addresses questions > directed towards the company I work for. Thanks. > - -- > > Hello nd, > I am pleased that you found inline egg a really nice piece of code > and I am > sure Gerardo Richarte, its author, will like knowing that. > > As for the circunstances, we (myself included) have been talking > publicly about > automating pentesting and building exploit code automatically and on > the > fly using helper libraries for several years. Our first presentation > on the > topic was at BlackHat Briefings 2001 in Las Vegas, 6 months prior to > the > release of CORE IMPACT which implemets since v1.0 many of the > features > we discussed, including LibEgg which is a superset of InlineEgg > Check out > http://www.blackhat.com/presentations/bh-usa-01/IvanAcre/bh-usa-01-Iva > n-Arce.ppt > > We released IMPACT v1.0 on March 2002. We further developed the > original ideas > presentat at BH 2001 Las Vegas and subsequentelly presented at: > > SANS IOWargames in September 2001 > http://www1.corest.com/common/showdoc.php?idx=167&idxseccion=13&idxmen > u=32 > > CanSecWest 2002 in May 2002 > http://www1.corest.com/common/showdoc.php?idx=226&idxseccion=13&idxmen > u=32 > > BlackHat Briefings 2002 Las Vegas in July 2002 > http://www1.corest.com/common/showdoc.php?idx=167&idxseccion=13&idxmen > u=32 > > G-Con ONE in Mexico in December 2002 > http://www1.corest.com/common/showdoc.php?idx=359&idxseccion=13&idxmen > u=32 > http://www.g-con.org/speakers/Automated_Pen_Testing/Pres2.ppt > (slide 21 specifically mentions InlineEgg and some samples using it) > > BlackHat Briefings 2003 Las Vegas in July this year. > http://www1.corest.com/common/showdoc.php?idx=360&idxseccion=13&idxmen > u=32 > > All of them touched on technologies and techniques used for attack > and penetration and > included in or being researched for IMPACT. So I hope this clarifies > the 'funnyness' you > point out about our release. We've been working on all these things > for years, InlineEgg > is just a small part of our work and we figured it is a usefull piece > of code for the pentester > and security researcher so we released it to the public. > > I am pleased to see that you are interested in our company > financials, competitive landscape and > product strategy but the simple truth is that, as many other publicly > available tools, InlineEgg > can both provide some benefits to the infosec community and benefit > from its contributions > as well, and it is in that spirit that we released it. > > - -ivan > > - -- > Ivan Arce > CTO > CORE SECURITY TECHNOLOGIES > > 46 Farnsworth Street > Boston, MA 02210 > Ph: 617-399-6980 > Fax: 617-399-6987 > ivan.arce@...esecurity.com > www.coresecurity.com > > PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A > > > - ----- Original Message ----- > From: "ned" <nd@...inemenace.org> > Newsgroups: core.lists.full-disclosure > To: <full-disclosure@...ts.netsys.com> > Sent: Friday, September 05, 2003 3:22 AM > Subject: [Full-Disclosure] Re: InlineEgg library release > > > > i find this release funny, not because it isn't a really nice piece > > of code, but because of the circumstances surrounding it. > > check this out: > > http://www.blackhat.com/html/bh-federal-03/bh-federal-03-speakers.ht > > ml#David%20Aitel dave aitel will give a talk on his software > > MOSDEF, which as i understand it is a python c compiler with some > > other pretty neet features. > > so what? > > immunitysec (which dave aitel started) has a product CANVAS > > (www.immunitysec.com/CANVAS) which is a > > python exploit suite for testing networks. MOSDEF will be a part of > > CANVAS when completed, and will also be GPL'd so that everyone > > else can use it. on the other hand we have CORE, with their product > > IMPACT (everyone loves the big caps names dont they?) which again, > > is a python exploit toolkit thing aswell. however, dave aitel has > > been talking about MOSDEF for months now, and all of a sudden a > > copy of inlineegg pop's up which offers the same functionability > > as MOSDEF (i spose). > > > > why would CORE do this? are IMPACT sales down (ie, symatec hasn't > > renewed their licenses) or do they feel threated by the publicity > > MOSDEF & CANVAS will be receiving at blackhat? > > > > -- > > http://felinemenace.org/~nd > > > > > -----BEGIN PGP SIGNATURE----- > Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> > > iQA/AwUBP14EAiB7544q0fZaEQIDCgCaA0fD4BLH/FKxCXwvsziksfOQ9WcAoO81 > BCOAHb1Z6nP/tPMWYZ4z54uX > =n0Oy > -----END PGP SIGNATURE----- > > -- http://felinemenace.org/~nd
Powered by blists - more mailing lists