lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
From: kquest at (
Subject: no more public exploits and general PoC gui
	de lines

Having proof of concept code is always valuable 
(and the sooner the better),
but I question releasing exploits that execute code
on the target machine. Having a DoS PoC is enough...
The legitimate pentesters will be able to modify the
PoC to execute code on the target while, at the same
time, the "kiddies" will be stuck with something of 
little or no use to them. This way everybody is happy.
Some of you might say that some "kiddies" will be able
to modify the DoS PoC to execute code for their malicious
needs. Well, if this is the case, then we are no longer
dealing with "kiddies"... If they can do this then they
are capable of creating their own exploits... 


-----Original Message-----
From: johnny cyberpunk []
Sent: Tuesday, April 27, 2004 11:37 AM
Subject: [Full-Disclosure] no more public exploits


this is an anouncement that i personally have no more intention to publish
further exploits to the public. too many flames from guys who
are too lame to use the exploits or to fix offsets for other
targets. too many risks that kiddies around the world use it for
bad purposes. i saw, that the original intention, to publish
exploits, for pentesting or patch verifing purposes didn't work.
remember, that i speak just for me, not for the rest of the group.

johnny cyberpunk/thc

Full-Disclosure - We believe in it.

Powered by blists - more mailing lists