On Wednesday 18 December 2002 21:31, matt merhar wrote:
> Hey RMS,
> Great idea, but I think it's already been in the works in the latest
> version of Dug Song's infamous dsniff. I really hope that he fixes the
> several remote exploits that exist in this acclaimed pen-testing tool,
> though.
>
wow, I never thought dsniff had remote exploitation capabilities.
All this time I thought it was a sniff+parse utility.

If you meant remotely exploitable holes, well ...

> Here are some recent #monkey logs I've acquired that highlight the
> features that I'm discussing.
> *** #monkey Session Start (11/24/02) ***

<snip> ..

> <dr``> Rubbish! I've got Lance Spitzner on my side. I'm sure he's
> audited the source code very well. What's this I hear about dsniff being
> remotely exploitable in several places throughout the CodeBase?
> <dugsong> Hmmm. Alright. I'll keep quiet.
> *** #monkey Session End (11/24/02) ***
> On Wed, 18 Dec 2002 21:28:04 -0500
>
Log sounds like a spoofed crock of shit, but whatever..
umm, last time I heard Lance doesn't code, so that further confirms my 'crock
of shit' theory.

cheers,
x
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]