| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: kquest at toplayer.com (kquest@...layer.com) Subject: no more public exploits and general PoC gui de lines Having proof of concept code is always valuable (and the sooner the better), but I question releasing exploits that execute code on the target machine. Having a DoS PoC is enough... The legitimate pentesters will be able to modify the PoC to execute code on the target while, at the same time, the "kiddies" will be stuck with something of little or no use to them. This way everybody is happy. Some of you might say that some "kiddies" will be able to modify the DoS PoC to execute code for their malicious needs. Well, if this is the case, then we are no longer dealing with "kiddies"... If they can do this then they are capable of creating their own exploits... kcq -----Original Message----- From: johnny cyberpunk [mailto:johncybpk@....net] Sent: Tuesday, April 27, 2004 11:37 AM To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] no more public exploits hi, this is an anouncement that i personally have no more intention to publish any further exploits to the public. too many flames from guys who are too lame to use the exploits or to fix offsets for other targets. too many risks that kiddies around the world use it for bad purposes. i saw, that the original intention, to publish exploits, for pentesting or patch verifing purposes didn't work. remember, that i speak just for me, not for the rest of the group. cheers, johnny cyberpunk/thc _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists