| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Jul 8 18:57:35 2006 From: xploitable at gmail.com (n3td3v) Subject: i've found an exploit, but i want to make it do something before i report it On 7/7/06, ima cow <i-am-cow@...ers.com> wrote: > > i understand that this is "full disclosure", but before i actually spill > the beans on the exact nature of the exploit i've found, i'd like to make it > actually do something. > for now, know that it affects a popular plugin for a popular messaging > program. > i'm at the stage where i can run any command on the remote user's computer > (just like start > run...), or have them request remote assistance. > other than showing them goatse, what can i do with this? > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ Its a Yahoo Mezzenger vulnerability, we sold to him about three months ago. It must be the most whored vulnerability in the script kid circuit, none of them can work out what to do with it. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060708/3bb97370/attachment.html
Powered by blists - more mailing lists