lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5f4333a90710141116l6ce62d84j3b0678e242a5ae44@mail.gmail.com>
Date: Sun, 14 Oct 2007 13:16:59 -0500
From: phioust <phioust@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: full-disclosure@...hmail.com

On 10/14/07, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote:
>
> >> military grade exploits? :) dude, I am sorry man.. but you are living
> >> in some kind of a dream world. get real,
>

   So you pick apart three words of the message and the rest is null? you
seem to follow techniques of the great valdis [1] when trying to defend
worthless things ( in this case your career).


>> most of the military hacks
> >> are as simple as bruteforcing the login prompt.. or trying something
> >> as simple as XSS.


  Stop reading yahoo news

>> the reason XSS is soo neat is because it bypasses all firewalls


 It doesnt bypass "firewalls" it has nothing to do with them .. this is like
saying you beat pax because you used sql injection to get cmd exec on a
machine ( something the selinux team probably has in their presentations ).


>> ... what?, your military grade exploit can do that? your
> >> military grade exploit can attack only the things that are visible
> >> from outside.


  Or what about attacking the "outside" itself? Did you not see the core
impact talk or were you too busy giving gadi a reach around by the pool?

>> if you want to sink into the stuff then do web hacking cuz it just works.
>


  You mean "do web hacking because you do not need any skills to look good
and automated tools do it all for you". No thanks ill pass



> >> different people do different things and are experienced in different
> disciplines.


 To me this sounds like "i couldnt write an exploit for a strcpy bug so now
I write xss code so i can still put hacker on my business card.

>> btw, this is your 3rd message on FD, right?


 I guess I should whore the list more and then people will listen to me? Is
this the secret to why gadi evron is still allowed to post here?

>> I am just in a mood for philosophical conversations today.

you should stay that way since you cant handle much else


  [1]
http://archives.neohapsis.com/archives/fulldisclosure/2007-05/0226.html

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ