|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Matthew Wollenweber (mjw
cyberwart.com)
Date: Tue Oct 14 2008 - 13:27:46 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dave/Gleg,
Every now and then some exploits, such as the below really interest me
and my team. But it would be helpful if announcements contained a bit
more information. I know you have to balance disclosure but a couple
things that might help:
1. What versions of the software are affected?
2. Is the software in a common or default configuration?
3. What security zone is required for the exploit to work?
4. The exploit enables remote code execution?
5. How reliable is the exploit (ballpark -- for example a buffer
overflow you've never seen fail or a complicated heap corruption bug
that sometimes works).
For me, that's the basic information I want before purchasing an exploit
and IMO I don't think it gives away enough to easily go look for the bug
myself.
On Tue, 2008-10-14 at 12:35 -0400, Dave Aitel wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> D2's latest exploit pack has a couple cool tools in it:
> 1. a malicious PDF file creator
> 2. a malicious Java Applet
>
> If you're doing client side penetration tests, sometimes no exploit is
> the best exploit. Both of these are "one click to own" things.
> Immunity uses the D2 pack against our clients when we do penetration
> tests. No one can write everything!
>
> And of course Gleg continues to produce interesting remotes in things
> like J2EE servers. Luckily no one uses those, right? At this point
> they have 280 additional modules for CANVAS which almost doubles the
> size of CANVAS's standard exploit modules.
>
> And there are more third-party packs on the way! The value of these
> tools is in the content built on top of them.
>
> - -dave
> (hahahame at using the word ecosystem. Such a Microsofty word!)
> P.S. Everyone should have the cojones to post their static analysis
> responses to the list!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFI9MpUtehAhL0gheoRAtUeAJ9/PAR7t2MTDG3n/kb5REqFixELcQCbBb+H
> VEOK6SFmBQpLO5FXHpa/rcs=
> =4b/h
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
--
Matthew Wollenweber
mjwcyberwart.com
www.cyberwart.com/blog
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iQIcBAABAgAGBQJI9OSiAAoJECRGd7z8FKfjc08P/AzR4BDr1BqZUOnAzucdP/I8
2OeFi3iPRGsh1F9ZuRC85KJub1lgsaEIR8RdU7HZP69qnYIutojloJ/4qk04bDMc
C3YxO5axLoMLmFdVzPwnB2Pb8+NQMMocPEmG3YWjhJXs6smo8mvK/C+PppHA0c77
qbHjEUsX/V2O191FhLGQLcF2nx8GAvr4VgnDLMtoXMAFkKl2USFOdzuEZRwJSSDN
D6uDn5pQcG5jhPNyWtLeq1hlUbrH7aj+Q0Ga7OvQo/hrgBWkRWY6eH4MT1e8nsfa
W/xk+7IRIFts+Ffc7fy8X/61o7C/e0sc/bDy+KODRRY3w8ppxYovvhAAGf1bExm/
Tuz21k4mVsvlKLq6nsX7eDzlEYeiYhPbAHmGcTIhrMN3vDoPM/cOVXal/TsVthlw
6K5K0rU4nmxRBdl6AJ7wIsBAeDLu8ZnsIdHD97fS5qvSiptfoW6C8ZXPhXf1nomN
KVNYInpA6WPeCp9ARrNBEKF1dRYYkuEpCyA2szg34rF+QMNPvxcdvKD0KHrda8M1
XQ1u1Gz8enQqrWwg5HnzHVdJYDmlzBzmeBU0GEZtjSd3ZxRZr4q8iJ7K8oEaZflz
AxjagyCEwsvG1z7U3Auhm7fm/LsLHLPwVB1VjHdIuM10AZiidKMT2LJAA1BjWod7
ztUU0UF7rlPZxLmIxDVn
½p8
-----END PGP SIGNATURE-----
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]