Full Disclosure mailing list archives
Re: Re: InlineEgg library release
From: "Ivan Arce" <ivan.arce () corest com>
Date: Tue, 9 Sep 2003 13:47:02 -0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 To the moderator: I am not subscribed to full-disclosure myself, but I would like this reply to be approved since it addresses questions directed towards the company I work for. Thanks. - -- Hello nd, I am pleased that you found inline egg a really nice piece of code and I am sure Gerardo Richarte, its author, will like knowing that. As for the circunstances, we (myself included) have been talking publicly about automating pentesting and building exploit code automatically and on the fly using helper libraries for several years. Our first presentation on the topic was at BlackHat Briefings 2001 in Las Vegas, 6 months prior to the release of CORE IMPACT which implemets since v1.0 many of the features we discussed, including LibEgg which is a superset of InlineEgg Check out http://www.blackhat.com/presentations/bh-usa-01/IvanAcre/bh-usa-01-Iva n-Arce.ppt We released IMPACT v1.0 on March 2002. We further developed the original ideas presentat at BH 2001 Las Vegas and subsequentelly presented at: SANS IOWargames in September 2001 http://www1.corest.com/common/showdoc.php?idx=167&idxseccion=13&idxmen u=32 CanSecWest 2002 in May 2002 http://www1.corest.com/common/showdoc.php?idx=226&idxseccion=13&idxmen u=32 BlackHat Briefings 2002 Las Vegas in July 2002 http://www1.corest.com/common/showdoc.php?idx=167&idxseccion=13&idxmen u=32 G-Con ONE in Mexico in December 2002 http://www1.corest.com/common/showdoc.php?idx=359&idxseccion=13&idxmen u=32 http://www.g-con.org/speakers/Automated_Pen_Testing/Pres2.ppt (slide 21 specifically mentions InlineEgg and some samples using it) BlackHat Briefings 2003 Las Vegas in July this year. http://www1.corest.com/common/showdoc.php?idx=360&idxseccion=13&idxmen u=32 All of them touched on technologies and techniques used for attack and penetration and included in or being researched for IMPACT. So I hope this clarifies the 'funnyness' you point out about our release. We've been working on all these things for years, InlineEgg is just a small part of our work and we figured it is a usefull piece of code for the pentester and security researcher so we released it to the public. I am pleased to see that you are interested in our company financials, competitive landscape and product strategy but the simple truth is that, as many other publicly available tools, InlineEgg can both provide some benefits to the infosec community and benefit from its contributions as well, and it is in that spirit that we released it. - -ivan - -- Ivan Arce CTO CORE SECURITY TECHNOLOGIES 46 Farnsworth Street Boston, MA 02210 Ph: 617-399-6980 Fax: 617-399-6987 ivan.arce () coresecurity com www.coresecurity.com PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836 B25D 207B E78E 2AD1 F65A - ----- Original Message ----- From: "ned" <nd () felinemenace org> Newsgroups: core.lists.full-disclosure To: <full-disclosure () lists netsys com> Sent: Friday, September 05, 2003 3:22 AM Subject: [Full-disclosure] Re: InlineEgg library release
i find this release funny, not because it isn't a really nice piece of code, but because of the circumstances surrounding it. check this out: http://www.blackhat.com/html/bh-federal-03/bh-federal-03-speakers.ht ml#David%20Aitel dave aitel will give a talk on his software MOSDEF, which as i understand it is a python c compiler with some other pretty neet features. so what? immunitysec (which dave aitel started) has a product CANVAS (www.immunitysec.com/CANVAS) which is a python exploit suite for testing networks. MOSDEF will be a part of CANVAS when completed, and will also be GPL'd so that everyone else can use it. on the other hand we have CORE, with their product IMPACT (everyone loves the big caps names dont they?) which again, is a python exploit toolkit thing aswell. however, dave aitel has been talking about MOSDEF for months now, and all of a sudden a copy of inlineegg pop's up which offers the same functionability as MOSDEF (i spose). why would CORE do this? are IMPACT sales down (ie, symatec hasn't renewed their licenses) or do they feel threated by the publicity MOSDEF & CANVAS will be receiving at blackhat? -- http://felinemenace.org/~nd
-----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBP14EAiB7544q0fZaEQIDCgCaA0fD4BLH/FKxCXwvsziksfOQ9WcAoO81 BCOAHb1Z6nP/tPMWYZ4z54uX =n0Oy -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- InlineEgg library release Gerardo Richarte (Sep 04)
- <Possible follow-ups>
- Re: InlineEgg library release ned (Sep 05)
- Re: Re: InlineEgg library release Ivan Arce (Sep 09)
- Re: Re: InlineEgg library release ned (Sep 10)
- Re: Re: InlineEgg library release Ivan Arce (Sep 09)