Re: In soviet russia the telephone api calls YOU

[Dave Aitel <dave () immunitysec com>]

Holden Williamson wrote:

> Also that exploit was very primitive in the anti-IDS way of things,
>
> but it was coded way back in 2002AD and unfortunately we're not all
> swedish.
>
> <3
>
> -holden
>  
Hahahaha. I'm not swedish either 
(http://www.immunitysec.com/downloads/dave_gen/) , as anyone using the 
early CANVAS versions knows, but I think maybe Nico is, at least a bit, 
swedish, because our Spooler exploit, released today, seems to be fairly 
reliable, cross platform/language. And, of course, it has all the 
standard CANVAS anti-IDS stuff, so when companies claim to have 0 to 
2-day protection in their network greppers, we can say "maybe." :>

I just think of exploits as art. which is why I pay top dollar for good 
ones, and nothing most of them. As Justine will testify, given a choice, 
I'd rather leave the walls in the apartment completely blank, but I do 
see the beauty in a well written heap overflow. Thanks to Kostya for a 
neat bug (which, of course, he smashed into bits :<)!

Who would have known that the first public (assuming you're in the 
Partner's program or have hacked www.immunitysec.com) exploit was not 
the "trivial" UPNP, but actually the "DoS" Spooler? :>

-dave
P.S "Hey, that's not a dd posting, that's just a cheap advert from 
someone without any VC money!" ";>"
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave