lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: nd at felinemenace.org (ned)
Subject: Re: InlineEgg library release

seeing that your syscall proxying implementation was the first of it's 
kind (publicly) , it really doesn't paralell to the current situation.

this is the first code published by CORE that is directly included in 
IMPACT no? as dave aitel as been openly sharing pieces of his CANVAS since 
it's inception, and now you've decided to open the gates and release 
something similiar to what he has been developing (openly) for months?
no doubt you've provided decent pentest-esque style talks at a multitude 
of hacker-cons, except this time, the timing is a little too coincidental 
for my liking.

 On 
Tue, 9 Sep 2003, Ivan Arce wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> To the moderator: I am not subscribed to full-disclosure myself, but
>  I would like this reply to be approved since it addresses questions
> directed towards the company I work for. Thanks.
> - --
> 
> Hello nd, 
> I am pleased that you found inline egg a really nice piece of code
> and I am
> sure Gerardo Richarte, its author, will like knowing that.
> 
> As for the circunstances, we (myself included) have been talking
> publicly about
> automating pentesting and building exploit code automatically and on
> the
> fly using helper libraries for several years. Our first presentation
> on the
> topic was at BlackHat Briefings 2001 in Las Vegas, 6 months prior to
> the
> release of CORE IMPACT which implemets since v1.0 many of the
> features
> we discussed, including LibEgg which is a superset of InlineEgg
> Check out
> http://www.blackhat.com/presentations/bh-usa-01/IvanAcre/bh-usa-01-Iva
> n-Arce.ppt
> 
> We released IMPACT v1.0 on March 2002. We further developed the
> original ideas 
> presentat at BH 2001 Las Vegas and subsequentelly presented at: 
> 
> SANS  IOWargames in September 2001
> http://www1.corest.com/common/showdoc.php?idx=167&idxseccion=13&idxmen
> u=32
> 
> CanSecWest 2002 in May 2002 
> http://www1.corest.com/common/showdoc.php?idx=226&idxseccion=13&idxmen
> u=32
> 
> BlackHat Briefings 2002 Las Vegas in July 2002
> http://www1.corest.com/common/showdoc.php?idx=167&idxseccion=13&idxmen
> u=32
> 
> G-Con ONE in Mexico in December 2002
> http://www1.corest.com/common/showdoc.php?idx=359&idxseccion=13&idxmen
> u=32
> http://www.g-con.org/speakers/Automated_Pen_Testing/Pres2.ppt
> (slide 21 specifically mentions InlineEgg and some samples using it)
> 
> BlackHat Briefings 2003 Las Vegas in July this year.
> http://www1.corest.com/common/showdoc.php?idx=360&idxseccion=13&idxmen
> u=32 
> 
> All of them touched on technologies and techniques used for attack
> and penetration and
> included in or being researched for IMPACT. So I hope this clarifies
> the 'funnyness' you
> point out about our release. We've been working on all these things
> for years, InlineEgg
> is just a small part of our work and we figured it is a usefull piece
> of code for the pentester
> and security researcher so we released it to the public.
> 
> I am pleased to see that you are interested in our company
> financials, competitive landscape and 
> product strategy but the simple truth is that, as many other publicly
> available tools, InlineEgg
> can both provide some benefits to the infosec community and benefit
> from its contributions
>  as well, and it is in that spirit that we released it.
> 
> - -ivan
> 
> - --
> Ivan Arce
> CTO
> CORE SECURITY TECHNOLOGIES
> 
> 46 Farnsworth Street
> Boston, MA 02210
> Ph: 617-399-6980
> Fax: 617-399-6987
> ivan.arce@...esecurity.com
> www.coresecurity.com
> 
> PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
>  
> 
> - ----- Original Message ----- 
> From: "ned" <nd@...inemenace.org>
> Newsgroups: core.lists.full-disclosure
> To: <full-disclosure@...ts.netsys.com>
> Sent: Friday, September 05, 2003 3:22 AM
> Subject: [Full-Disclosure] Re: InlineEgg library release
> 
> 
> > i find this release funny, not because it isn't a really nice piece
> > of  code, but because of the circumstances surrounding it.
> > check this out:
> > http://www.blackhat.com/html/bh-federal-03/bh-federal-03-speakers.ht
> > ml#David%20Aitel dave aitel will give a talk on his software
> > MOSDEF, which as i understand  it is a python c compiler with some
> > other pretty neet features.
> > so what?
> > immunitysec (which dave aitel started) has a product CANVAS 
> > (www.immunitysec.com/CANVAS) which is a 
> > python exploit suite for testing networks. MOSDEF will be a part of
> > CANVAS  when completed, and will also be GPL'd so that everyone
> > else can use it. on the other hand we have CORE, with their product
> > IMPACT (everyone loves  the big caps names dont they?) which again,
> > is a python exploit toolkit  thing aswell. however, dave aitel has
> > been talking about MOSDEF for months  now, and all of a sudden a
> > copy of inlineegg pop's up which offers the  same functionability
> > as MOSDEF (i spose).
> > 
> > why would CORE do this? are IMPACT sales down (ie, symatec hasn't
> > renewed  their licenses) or do they feel threated by the publicity
> > MOSDEF & CANVAS  will be receiving at blackhat?
> > 
> > -- 
> > http://felinemenace.org/~nd
> > 
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
> 
> iQA/AwUBP14EAiB7544q0fZaEQIDCgCaA0fD4BLH/FKxCXwvsziksfOQ9WcAoO81
> BCOAHb1Z6nP/tPMWYZ4z54uX
> =n0Oy
> -----END PGP SIGNATURE-----
> 
> 

-- 
http://felinemenace.org/~nd


Powered by blists - more mailing lists