Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

DMCA & Source Tree Abuse

From: Jack Ahz <anoncoder () yahoo com>
Date: Tue, 31 Dec 2002 18:44:28 -0800 (PST)
Alert: Due to all the talk about the DMCA lately, I feel obligated to publish
this. 

For reasons which I would not like to discuss, but which should become apparent
due to the nature of this memo, I should like to remain anonymous. I am a
former member of the hacking/warez courier group known as HERT, the Hacker
Emergency Response Team. Though we used to be the largest worldwide hacking
group in existence, we had to disband due to a cache of electronic munitions
(in the form of proprietary source code) which was being traded by our members.
One of these 'source codes' was the somewhat mutilated source tree of Cisco's
IOS, version 11.3. 

I have been involved in many source code 'transactions' (hi divineint!) and
most of these were done under-the-table. Unfortunately, all of the source code
on the HERT repository was leaked to thousands of people on irc, and fell into
the wrong hands. I am alarmed that certain individuals have used these source
codes (including ISS research developers who shamelessly use proprietary CDE,
Solaris, BSDI, and AIX bundles to publish information about obscure RPC-related
buffer overflows, which would take months and years to wade through the binary
disassembly) for their own selfish purposes. 

The latest striking example is this Phrack article entitled "Burning the
bridge: Cisco IOS exploits" by the german hacker FX. While the author makes
several bold claims that he relied purely on the powers of the Force to reverse
engineer IOS internals, it is quite apparent that the coincidence that IOS 11.3
is the only
known version to have leaked widely to the computer underground and IOS 11.3 is
the only version his exploit works on is slim indeed! I'm sure he figured out
malloc chunk fields such as 'Last deallocation address' purely on his own, just
by tinkering around on the serial line.

Anyhow, I wanted to note these abuses by so called 'whitehats' who smash these
obscure architectures' stacks for their own profit!

Yours truly,
Anonymous  

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: