Full Disclosure mailing list archives
Re: gimp sc, and evilness
From: "Christopher Abad" <aempirei () gmail com>
Date: Thu, 13 Dec 2007 14:00:54 -0800
This is a quite ridiculous series of emails that quickly turned south. Someone should clear this up. On Dec 13, 2007 12:48 AM, Kristian Erik Hermansen <kristian.hermansen () gmail com> wrote:
I don't appreciate people spreading false info about me. If there is a problem, I would rather you say it to my face, in person, than behind my back. I don't have a problem with you, but if you are "blackballing" me in the security community, then you and I have something to discuss... On Dec 12, 2007 12:20 PM, Kristian Erik Hermansen <kristian.hermansen () gmail com> wrote:Hi Christopher, I do not mean to be shady at all. The point of the exploit was not
I didnt call you shady. I LOLed a shady LOL. "A LOL--A shady one"
original shellcode. The point was creating a universal exploit for Gimp on Windows which would also allow dynamic payload. If you see, the shellcode payload changes based on the user input for the URL. Nothing new, but useful for demonstration purposes. I perhaps should have left the second line from the Metasploit output so that attribution was taken. I was not aware that shellcode output from msf is intellectual property. I have given Metasploit plenty of credit when I thought necessary. I even asked H D Moore to borrow some images for a talk I did at the Ubuntu Live conference in Oregon this year, which he personally allowed... http://www.kristian-hermansen.com/clonezilla/clonezilla.pdf I also tried to do MSF a favor for more exposure and get 3.0 into Ubuntu's multiverse repository. However, due to some nuances in the MSF License, this was not possible. I don't see why you think I am so evil. I do not mean to be. I wish I could have made it to your gathering of drinks at 20 GOTO 10 post-baysec, but I was still in Boston. I will try to meet up with you guys at the next baysec, and you will see that I am not evil. Of course, my background in security is not as proficient as yours, and I have never been a CEO. Although, I am very familiar with all the companies you have lead. I do, however, wonder why you left Cloudmark just after it became profitable. To me, that sounds shady...
Additionally, Cloudmark is a privately held company so either you guessed that they were profitable or an employee with a loose tongue unwittingly disclosed that information to you against their employment contract.
-- Kristian Erik Hermansen "I have no special talent. I am only passionately curious."-- Kristian Erik Hermansen "I have no special talent. I am only passionately curious."
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: gimp sc, and evilness Christopher Abad (Dec 13)