| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 06 Oct 2011 11:26:44 +0200 From: PsychoBilly <zpamh0l3@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: New open source Security Framework Boludoooo! no jodes con un PorteƱo fino! Aya se callen or desaparecen . [[ Juan Sacco ]] @ [[ 06/10/2011 02:16 ]]-------------------------------------------------- > Hey.. I already gave you an answer about this. > > AGAIN. For the last time. > I respect the author's name of all the exploits added to Exploit Pack, like you suggest in a terrible and way.. Insulting and posting like 10 mail to the this list. I will add a " # Thank you [AUTHOR NAME ] for let us use your public script " in the > top of all new exploit added to Exploit Pack Framework. > > ** Also, I created a mailing list to discuss this kind of things, report bugs and much more ( But sorry, NO INSULTING is allowed there ) ** > > As other people told you stop doing chatting here. This is not a forum. > > JSacco > > On Wed, Oct 5, 2011 at 8:57 PM, xD 0x41 <secn3t@...il.com <mailto:secn3t@...il.com>> wrote: > > <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A"> > Free Float FTP Server USER Command Remote Buffer Overflow Exploit > when parsing the command 'USR', which leads to a stack based overflow. Also Free Float FTP Server allow remote anonymous login by default > exploiting these issues could allow an attacker to compromise the application, access or modify data. > </Information> > > > erm, sorry this dont count, it should be IN the code, not, after running it :P > thats bs mate, and i wont agree with your crap, until you see my point really. It is, something you write, compared to running thwe GUI.. > > > xd > > > > On 6 October 2011 10:47, Juan Sacco <juansacco@...il.com <mailto:juansacco@...il.com>> wrote: > > Hey, > Its really a shame that you didn't even take like 2 minutes to watch the source code of Exploit Pack before create an opinion. > This can't be a copy of CANVAS. Canvas is made on Python. Exploit Pack JAVA. See the diference? Also, please take a look at the interface design, both are really different. Show me where Exploit Pack is similar to Canvas! I think you spent > too much time looking for Waldo :-D > > We respect the exploit author and that is why I add them at the first line of the XML file > You should run the program before creating this crappy post with your nonsense opinions ( Harassing the free work of others, you wrote lke 5 - 6 insulting posts in like.. 2 minutes?.. Dude go find a girl, come on ) > > Take a look if you want: > > <?xml version="1.0" encoding="UTF-8"?> > <Module> > > <Exploit NameXML="Free Float FTP Server" CodeName="FreeFloatFTPServer.py" Platform="windows" Service="ftp" Type="remote" RemotePort="21" LocalPort="" ShellcodeAvailable="R" ShellPort="4444" SpecialArgs=""> > </Exploit> > > <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A"> > Free Float FTP Server USER Command Remote Buffer Overflow Exploit > when parsing the command 'USR', which leads to a stack based overflow. Also Free Float FTP Server allow remote anonymous login by default > exploiting these issues could allow an attacker to compromise the application, access or modify data. > </Information> > > JSacco > > On Wed, Oct 5, 2011 at 8:16 PM, xD 0x41 <secn3t@...il.com <mailto:secn3t@...il.com>> wrote: > > Heya jeff, > The author is clearly not smart. > He is copying other codes, this is a plain rip off of canvas...hehe... and same with his insect pro... he stole metasplit for tht one, then he wants repect, when we see him removing simplly one line wich would atleast say a ty and, show > [ppl who writes, is maybe sometimes stabler than other authors, it would be better to have this in, not out.. he should be able to see thats how it works with exploit code/pocs in general... sometimes, if i see php code from one person, i > will tend to look, but if it was from an unknown person, i prolly wouldnt. > But this (open sauce) project, i will download and waste 5minutes on. > Then illm go back to Backbox and BT5 and things wich work :) > hehe > (this guy is really mad about his app... and i mean, dang mad angry! I will buy some tissues and send to him, that is my donation for his app) > :)) > xd > > > On 6 October 2011 08:59, Jeffrey Walton <noloader@...il.com <mailto:noloader@...il.com>> wrote: > > On Wed, Oct 5, 2011 at 5:32 AM, root <root_@...ertel.com.ar <mailto:root_@...ertel.com.ar>> wrote: > > - * @author Stefan Zeiger (szeiger@...ocode.com <mailto:szeiger@...ocode.com>) > > - print " Written by Blake " > > - <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A"> > > > > +#Exploit Pack - Security Framework for Exploit Developers > > +#Copyright 2011 Juan Sacco http://exploitpack.com > > +# > > +#This program is free software: you can redistribute it and/or modify > > it under the terms of the > > +#GNU General Public License as published by the Free Software > > Foundation, either version 3 > > +#or any later version. > > +# > > +#This program is distributed in the hope that it will be useful, but > > WITHOUT ANY WARRANTY; > > +#without even the implied warranty of MERCHANTABILITY or FITNESS FOR A > > PARTICULAR > > +#PURPOSE. See the GNU General Public License for more details. > > +# > > +#You should have received a copy of the GNU General Public License > > along with this program. > > +#If not, see http://www.gnu.org/licenses/ > GPL V3 - they had to encumber it to set it free? > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > -- > _________________________________________________ > Insecurity Research - Security auditing and testing software > Web: http://www.insecurityresearch.com > Insect Pro 2.5 was released stay tunned > > > > > > > -- > _________________________________________________ > Insecurity Research - Security auditing and testing software > Web: http://www.insecurityresearch.com > Insect Pro 2.5 was released stay tunned > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists