Full Disclosure mailing list archives
RE: remote kernel exploits?
From: isergevsky () hushmail com (isergevsky () hushmail com)
Date: Fri, 13 Sep 2002 07:43:49 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
If this group of coders el8 (yes, I heard about them before - I remember somebody got the wu-ftpd 2.6.2 exploit from them a few weeks be fore it was released) would have such type of exploits than it's only a mat her of weeks before it's gonna show up.
Not everybody cares about disclosing bugs as you SURELY don't know. The ~el8 team are supporters/initiators of 'Project Mayhem', an underground movement trying to bring the internet to its knees. They will not disclose such thing. Ac1dB1tch3z are aswell supporting this movement.
Since they're underground they're probably not looking for mone y but fame (if they really want to steal cc information all they have to do is search google for orders.dbf cart32.exe and God knows what other insecure web cart releases.). So if they're looking for fame they will probably r elease in a few weeks or so some kind of exploit (with something like "wors hip us 'cauze we are the gods of coding" in the coments).
Hahahaha! Not *EVERYBODY* cares about hacking into pr0n websites to grab warrez. Besides, these guys seem to have more skill than u can imagine and they don't care about YOU or other kiddies like you 'worship' them or not. Disclosing such a bug (if it exists) would mean TOTAL HAVOC on InterNet structure.
Yes, it's true that a kernel exploit would pass firewalls becau se 99% of firewalls are based on kernel. But i don't think that it would be the end of the world. Because the reason we love open-source is the speed of patching it. And if it's gonna be an exploit, there's certanly gonna be a patch for it. Apache, OpenSSH, OpenSSL are all widespread services yet th ey all have been vulnerable... we survived. We're still here... my server's are still not compromised... So have no fear cause "In open-source we trust" --
------------------- Proud member of PentaGuard "Making the net a safer place since 1998"
Let me laugh my ass off, please! Since when does PentaGuard care about security? Last time i checked you guys were a lame defacing group using IIS 4.0 exploits to own .mil sites. As people found out that the bug exists (after 1 year since it was posted on bugtraq) your group's activity was reduced to zero. You have no clue about the scene or *nix. Please, dont make a fool out of yourself and shut up.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
-----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wl8EARECAB8FAj2Ck/MYHGlzZXJnZXZza3lAaHVzaG1haWwuY29tAAoJEMfRnqqodk8T SwkAn068ZgxaYV2d14L0MZE1Dc//+WiaAKCMeolS1wwqZsdG1PFizSPlQe7+cg== =aphN -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.com
Current thread:
- RE: remote kernel exploits?, (continued)
- RE: remote kernel exploits? Gommers, Joep (Sep 11)
- RE: remote kernel exploits? andy_mn () hushmail com (Sep 12)
- RE: remote kernel exploits? Andrew Thomas (Sep 12)
- RE: remote kernel exploits? HalbaSus (Sep 13)
- RE: remote kernel exploits? silvio () big net au (Sep 13)
- Message not available
- RE: remote kernel exploits? silvio () big net au (Sep 13)
- RE: remote kernel exploits? gml (Sep 13)
- RE: remote kernel exploits? Nick FitzGerald (Sep 13)
- RE: remote kernel exploits? gml (Sep 13)