lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4920ef06.0e1b6e0a.7a4a.ffffd178@mx.google.com>
Date: Mon, 17 Nov 2008 09:41:45 +0530
From: "Debasis Mohanty" <debasis.mohanty.listmails@...il.com>
To: "'buzzedlightyear'" <buzzedlightyear@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Microsoft Windows Server Service (MS08-067)
	Exploit

Point taken! :) 

Actually I wanted to have separate section for putting the exploits I have
published for vulnerabilities already discovered by someone else; but later
thought of putting all in the same page with a note indicating highlighting
those vulnerabilities which are not mine but the exploits are... 

Hence the text is now changed to - 

"All the vulnerabilities/exploits listed here are all researched and
discovered by me except the one highlighted in blue (In this case the
exploit is by me)."


Thanks for pointing out this.... -d

-----Original Message-----
From: buzzedlightyear [mailto:buzzedlightyear@...il.com] 
Sent: 17 November 2008 08:46
To: Debasis Mohanty
Cc: full-disclosure@...ts.grok.org.uk.
Subject: Re: [Full-disclosure] Microsoft Windows Server Service (MS08-067)
Exploit

not really fair to say "All the vulnerabilities/exploits listed here are 
all researched and discovered by me." on your page when in fact you 
didn't discover this one (didn't check the others listed there).

Debasis Mohanty wrote:
> Having not found one (except msf) that reliably works against my own setup
> thought of writing my own MS08-067 exploit piece. Plugged the shellcode
for
> win2k and win2k3[sp2]. No plans for updating the xp shellcode. 
>
> Grab the python here: 
> http://www.hackingspirits.com/vuln-rnd/vuln-rnd.html
>
>
>
> -d
> www.coffeenandsecurity.com
> www.hackingspirits.com
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>   

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ