lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <001501cb6711$40d05090$c270f1b0$@org>
Date: Fri, 8 Oct 2010 14:50:06 -0300
From: "Nelson Brito" <nbrito@...ure.org>
To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>,
	<dailydave@...ts.immunityinc.com>
Subject: [WARNING] A fake version of T50!!!

Okay, as many of you know, I am going to present the results of a private
research about "Stress Testing" - focusing on Denial-of-Service.

Today, while searching for some references to add in my presentation, I
found the following message in a "hacker" (?) forum:
	- "MELHOR FERRAMENTA DE DENIAL OF SERVICE DO MUNDO (BASILEIRA)"
(http://www.forum.darkers.com.br/index.php?topic=12674.msg53240;topicseen)

Translating it to English: "WORLD'S BEST DENIAL OF SERVICE TOOL
(BRAZILIAN)".

It is just to let you know:
	1. THIS TOOL IS A FAKE.
	2. I have no plans to release the source code, nor even after the
H2HC 7th Edition.
	3. The "T50 Sukhoi PAK FA Mixed Packet Injector Tool" was totally
written to work on Linux environment, and has no version to work on Windows
environment or any other environment other than Linux.

All the beta-testers received binaries of T50 with restrictions, such as:
	1. Limited time frame: no one can use it in a time frame bigger than
30 days.
	2. RFC 1918 Compliance: no one can run T50 against valid IP
addresses, it is only capable to test IANA IP address allocation for private
internets (i.e., "10/8", "172.16/12" and "192.168/16").
	3. T50 is not based on any tool publicly available, it uses unique
techniques never seen before in any tool.

So I have no credits for this code (http://pastebin.ca/1957112). Some coward
released it, anonymously, writing my name on it. 

Shame on you, coward!!!

Nelson Brito
Security Researcher
http://fnstenv.blogspot.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ