Re: DCOM RPC exploit (dcom.c)

[christopher neitzert <chris () neitzert com>]

Hicks,

I am concerned that you construed my remark as going after F-D, I read
F-D for the commentary as I find it educational and entertaining at the
same time.

Pure-evil, in this case is not necessarily bad. 

Perhaps I should have been more verbose;

I'm particularly happy that this exploit has been published as i hope it
will motivate Microsoft to fix the problems with their McOS. 

Whats evil, or beautiful, about it (depending on how you look at it) is
that it works very nicely on an XP box hardened to NSA-SNAC
Specification regarding secure RPC.  

My hat is off to FlashSky, Benjurry, and H D Moore, keep up the great
work! 


chris



On Sat, 2003-07-26 at 23:45, hicks wrote:
> this was on a website before it was published on full disclosure btw it came
> out today and that was that, no need to go after full disclosure btw it was
> on french bugtraq soon after being published and then made its way on here
> why be on full-disclosure if u say its bad or pure evil.. Its well written
> and has a few bugs but its nice code IMHO, what u expect after the vuln
> releases
>
>
> ----- Original Message ----- 
> From: "christopher neitzert" <chris () neitzert com>
> To: "Full-Disclosure () Lists Netsys Com" <full-disclosure () lists netsys com>
> Sent: Saturday, July 26, 2003 6:19 PM
> Subject: RE: [Full-disclosure] DCOM RPC exploit (dcom.c)

Attachment: signature.asc
Description: This is a digitally signed message part