lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040427234709.GF16244@mars-attacks.org>
From: boklm at mars-attacks.org (nicolas vigier)
Subject: no more public exploits

On Tue, 27 Apr 2004, Dave Aitel wrote:

> 
> Well, if it's that much of an issue, you can always buy your exploits
> from a commercial source, such as Immunity
> (http://www.immunitysec.com/CANVAS/ . We have an LSASS (one exploit
> fits all) and a PCT exploit (ported from SP0-4), so you can show all
> your management exactly why they should patch. And you can also feel
> secure that the exploits you download aren't trojaned when you're
> using something with commercial support. At $995 for a full site
> license, including source, CANVAS is cheaper than the alternative...

This is interesting ... This mean that anyone who have enought money
can get the exploits they want. And if people can get theses exploits
as easily, an admin cannot ignore them, and there is no reason to
avoid a public release because the people who really want them for
a bad action aldready have them (they only need money).

And this program seems pretty usefull ...
Does any open source program similar to this one aldready exists ?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ