lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 6 Mar 2009 19:08:37 -0500
From: Rubén Camarero <rjcamarero@...il.com>
To: Pete Licoln <pete.licoln@...il.com>, full-disclosure@...ts.grok.org.uk
Subject: Re: List of Fuzzers

You shut the hell up you piece of fucking garbage. You and the other trolls
like to talk shit in a circle jerk fashion on this fucked up list, and
others can talk it back. I've been following this shit excuse for a
gathering of information by security "professionals" for a while now and I'm
sure like everyone else I'm not the only one who tires of your bullshit you
faceless prick.

Come to orange county and talk shit and see if you don't get knocked the
fuck out. No, you won't come? I'd just about buy your plane ticket if I knew
you would not chicken out. Pussy. I've already got my job in CS so I don't
have to hold anything back when I use my real name, unlike you retarded
fucks.

And for Mr. Kletnieks, Jeremy Brown, Nick FitzGerald, the cool guys @
snosoft/netragard/whatever, all the other guys from the past, present, and
future, and from me... I give a big, hugeee FUCK YOU. That FUCK YOU is also
extended to the other trolls on this list, you've maid everyone's experience
on the internet suck. Fuckups.

On Fri, Mar 6, 2009 at 6:58 PM, Pete Licoln <pete.licoln@...il.com> wrote:

> Ask Jeremy he's fuzzer-man !
> http://www.canmag.com/images/front/movies2007/hotfuzzposter5.jpg
>
> 2009/3/6 <bobby.mugabe@...h.com>
>
> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Dear list,
>>
>> Which fuzzer on this list will help me find the most security
>> exploits?
>>
>> Thanks,
>> - -bm
>>
>> On Fri, 06 Mar 2009 18:37:01 -0500 Jeremy Brown
>> <0xjbrown41@...il.com> wrote:
>> >Don't act like you've gave any constructive advice to anyone in
>> >your life.
>> >
>> >Thanks for trolling, please don't come again.
>> >
>> >On Fri, Mar 6, 2009 at 6:21 PM, Pete Licoln
>> ><pete.licoln@...il.com> wrote:
>> >> Ok cool, then keep it up Jeremy.
>> >> At least you wont be able to say no one told you.
>> >>
>> >> 2009/3/6 Jeremy Brown <0xjbrown41@...il.com>
>> >>>
>> >>> I consider you a loser, Pete/Julio/Loser.
>> >>>
>> >>> On Fri, Mar 6, 2009 at 3:03 PM, Pete Licoln
>> ><pete.licoln@...il.com> wrote:
>> >>> > Well .. what i say is true.
>> >>> > If you cant argue on the subject then shut the hell up.
>> >>> >
>> >>> >
>> >>> > 2009/3/6 Rubén Camarero <rjcamarero@...il.com>
>> >>> >>
>> >>> >> Dont satisfy this idiot with a response, thats what he
>> >likes..
>> >>> >> Everybody
>> >>> >> knows Petie is a troll on every list just use google
>> >>> >>
>> >>> >> On Fri, Mar 6, 2009 at 10:56 AM, Jeremy Brown
>> ><0xjbrown41@...il.com>
>> >>> >> wrote:
>> >>> >>>
>> >>> >>> The reason anyone writes a fuzzer is to find bugs. Those
>> >that I have
>> >>> >>> written are of course for the same purpose as the 101
>> >listed: to find
>> >>> >>> security bugs. Your ideas are as meaningless and unhelpful
>> >as they
>> >>> >>> have been in the past. You have no goal but to troll and
>> >try to make
>> >>> >>> people look like fools, but you are clearly the ignorant
>> >one.
>> >>> >>>
>> >>> >>> What have you ever written? Let us see some of your code to
>> >poke fun
>> >>> >>> of. If it is as imperfect as you then we'd have a day of
>> >fun.
>> >>> >>>
>> >>> >>> >What's hilarious is that none of them are usefull :)
>> >>> >>>
>> >>> >>> http://www.milw0rm.com/author/1531
>> >>> >>> http://www.milw0rm.com/author/1835
>> >>> >>>
>> >>> >>> 90% of the research above were found by fuzzing, and those
>> >are public.
>> >>> >>> Clearly my fuzzers are useful.
>> >>> >>>
>> >>> >>> >You should really learn the protocol you want to fuzz, and
>> >develop a
>> >>> >>> >strategy before you create anything else.
>> >>> >>>
>> >>> >>> Although mistakes are inevitable, and seeming how the stuff
>> >I write
>> >>> >>> are pretty coherent to the protocol, your statements, once
>> >again, are
>> >>> >>> unjustifiable. The strategy is simple: gather points of
>> >input, fuzz
>> >>> >>> them, and watch for exceptions. Obviously.
>> >>> >>>
>> >>> >>> >Every fuzzer you've made use the SAME way to ""fuzz"" for
>> >differents
>> >>> >>> > app/protocol.
>> >>> >>>
>> >>> >>> Because using a fuzzing oracle is a very good way to
>> >identify security
>> >>> >>> bugs. Throwing random data will surely find lots of
>> >programming
>> >>> >>> errors, but I want a shell.
>> >>> >>>
>> >>> >>> > The only change i see is your last fuzzer .. written in a
>> >different
>> >>> >>> > language, but still the same way ...
>> >>> >>>
>> >>> >>> Yeah, I wrote it in C, and implemented a fuzzing oracle
>> >that way. I
>> >>> >>> probably put 100 hours into it, and it gave back some nice
>> >return. As
>> >>> >>> like the others.
>> >>> >>>
>> >>> >>> So, "what ever your real name is", I will continue to write
>> >fuzzers
>> >>> >>> and exploits. If you comments are meant to bend my attitude
>> >or
>> >>> >>> research rather than to troll, you don't have a chance, so
>> >get on with
>> >>> >>> your life and I will get on with mine. What a conclusion.
>> >>> >>>
>> >>> >>>
>> >>> >>> On Fri, Mar 6, 2009 at 10:22 AM, Pete Licoln
>> ><pete.licoln@...il.com>
>> >>> >>> wrote:
>> >>> >>> > What's hilarious is that none of them are usefull :)
>> >>> >>> > You should really learn the protocol you want to fuzz,
>> >and develop a
>> >>> >>> > strategy before you create anything else.
>> >>> >>> > Every fuzzer you've made use the SAME way to ""fuzz"" for
>> >differents
>> >>> >>> > app/protocol.
>> >>> >>> >
>> >>> >>> > The only change i see is your last fuzzer .. written in a
>> >different
>> >>> >>> > language, but still the same way ...
>> >>> >>> >
>> >>> >>> > 2009/3/5 Jeremy Brown <0xjbrown41@...il.com>
>> >>> >>> >>
>> >>> >>> >> That is hilarious LOL!
>> >>> >>> >>
>> >>> >>> >> On Thu, Mar 5, 2009 at 11:14 PM, Pete Licoln
>> >>> >>> >> <pete.licoln@...il.com>
>> >>> >>> >> wrote:
>> >>> >>> >> > 11 fuzzers matchs for Jeremy Brown on this page LOL !
>> >>> >>> >> >
>> >>> >>> >> > 2009/3/5 Krakow Labs <krakowlabs@...il.com>
>> >>> >>> >> >>
>> >>> >>> >> >> Krakow Labs maintains a current list of security
>> >driven fuzzing
>> >>> >>> >> >> technologies.
>> >>> >>> >> >>
>> >>> >>> >> >> http://www.krakowlabs.com/lof.html
>> >>> >>> >> >>
>> >>> >>> >> >> _______________________________________________
>> >>> >>> >> >> Full-Disclosure - We believe in it.
>> >>> >>> >> >> Charter: http://lists.grok.org.uk/full-disclosure-
>> >charter.html
>> >>> >>> >> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >>> >>> >> >
>> >>> >>> >> >
>> >>> >>> >> >
>> >>> >>> >> > _______________________________________________
>> >>> >>> >> > Full-Disclosure - We believe in it.
>> >>> >>> >> > Charter: http://lists.grok.org.uk/full-disclosure-
>> >charter.html
>> >>> >>> >> > Hosted and sponsored by Secunia - http://secunia.com/
>> >>> >>> >> >
>> >>> >>> >>
>> >>> >>> >> _______________________________________________
>> >>> >>> >> Full-Disclosure - We believe in it.
>> >>> >>> >> Charter: http://lists.grok.org.uk/full-disclosure-
>> >charter.html
>> >>> >>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >>> >>> >
>> >>> >>> >
>> >>> >>> >
>> >>> >>>
>> >>> >>> _______________________________________________
>> >>> >>> Full-Disclosure - We believe in it.
>> >>> >>> Charter: http://lists.grok.org.uk/full-disclosure-
>> >charter.html
>> >>> >>> Hosted and sponsored by Secunia - http://secunia.com/
>> >>> >>
>> >>> >>
>> >>> >>
>> >>> >> --
>> >>> >> Rubén Camarero
>> >>> >> CCNA, CISSP
>> >>> >>
>> >>> >> _______________________________________________
>> >>> >> Full-Disclosure - We believe in it.
>> >>> >> Charter: http://lists.grok.org.uk/full-disclosure-
>> >charter.html
>> >>> >> Hosted and sponsored by Secunia - http://secunia.com/
>> >>> >
>> >>> >
>> >>> > _______________________________________________
>> >>> > Full-Disclosure - We believe in it.
>> >>> > Charter: http://lists.grok.org.uk/full-disclosure-
>> >charter.html
>> >>> > Hosted and sponsored by Secunia - http://secunia.com/
>> >>> >
>> >>>
>> >>> _______________________________________________
>> >>> Full-Disclosure - We believe in it.
>> >>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >>> Hosted and sponsored by Secunia - http://secunia.com/
>> >>
>> >>
>> >>
>> >
>> >_______________________________________________
>> >Full-Disclosure - We believe in it.
>> >Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> >Hosted and sponsored by Secunia - http://secunia.com/
>> -----BEGIN PGP SIGNATURE-----
>> Charset: UTF8
>> Note: This signature can be verified at https://www.hushtools.com/verify
>> Version: Hush 3.0
>>
>> wpwEAQMCAAYFAkmxtgcACgkQT2/djsYXr/IXigQAgDdkR+dskgmYHYPQeCcKe3QlT7xf
>> w0eZDSu0ecbO2vXy0oicANDezPfZDuadwtB6L8Cwoon04gfjVYxTr6GyyvW7hUmAaLt9
>> 7GEL/Hh2/cL5rzSzz9mDNOUFrU0S8VanhMVvwjXKtFWNzAWiwfj26lvb8KVRlwfNGlP3
>> gVnFnbE=
>> =Sy3u
>> -----END PGP SIGNATURE-----
>>
>> --
>> Be a Certified Nursing Assistant. Get local training today.
>>
>> http://tagline.hushmail.com/fc/BLSrjkqoiOCPCoMRK9ZgmTNsCtwOZXGIyrzJkWo3YmH0IyTAFJVy7s9Krni/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>



-- 
Rubén Camarero
CCNA, CISSP

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ