| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 14 Oct 2007 19:30:59 +0100 From: "pdp (architect)" <pdp.gnucitizen@...glemail.com> To: phioust <phioust@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: full-disclosure@...hmail.com you win man... I must have been mad to challenge you... check this out.. you are my hero of the day: http://www.gnucitizen.org/about/pdp#comment-58407 On 10/14/07, phioust <phioust@...il.com> wrote: > > > On 10/14/07, pdp (architect) <pdp.gnucitizen@...glemail.com> wrote: > > >> military grade exploits? :) dude, I am sorry man.. but you are living > > >> in some kind of a dream world. get real, > > > > So you pick apart three words of the message and the rest is null? you > seem to follow techniques of the great valdis [1] when trying to defend > worthless things ( in this case your career). > > > >> most of the military hacks > > >> are as simple as bruteforcing the login prompt.. or trying something > > >> as simple as XSS. > > Stop reading yahoo news > > > >> the reason XSS is soo neat is because it bypasses all firewalls > > It doesnt bypass "firewalls" it has nothing to do with them .. this is like > saying you beat pax because you used sql injection to get cmd exec on a > machine ( something the selinux team probably has in their presentations ). > > > >> ... what?, your military grade exploit can do that? your > > >> military grade exploit can attack only the things that are visible > > >> from outside. > > Or what about attacking the "outside" itself? Did you not see the core > impact talk or were you too busy giving gadi a reach around by the pool? > > >> if you want to sink into the stuff then do web hacking cuz it just > works. > > You mean "do web hacking because you do not need any skills to look good > and automated tools do it all for you". No thanks ill pass > > > >> different people do different things and are experienced in different > disciplines. > > To me this sounds like "i couldnt write an exploit for a strcpy bug so now > I write xss code so i can still put hacker on my business card. > > > >> btw, this is your 3rd message on FD, right? > > I guess I should whore the list more and then people will listen to me? Is > this the secret to why gadi evron is still allowed to post here? > > >> I am just in a mood for philosophical conversations today. > > you should stay that way since you cant handle much else > > > [1] > http://archives.neohapsis.com/archives/fulldisclosure/2007-05/0226.html > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- pdp (architect) | petko d. petkov http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists