Full Disclosure mailing list archives
Re: IIS hacking contest
From: H D Moore <fdlist () digitaloffense net>
Date: Thu, 7 Apr 2005 18:18:44 -0500
Marc, I will buy you *two* Xbox's for a nice IIS 6.0 remote :-) Seriously, the "market value" of a remote exploit for IIS 6.0 is somewhere between two and twenty thousand dollars, depending on how shady you want to get. These "find some 0day and give it to us" challenges are a waste of a time in terms of product security, its just blatent exploitation (the bad kind). -HD On Thursday 07 April 2005 17:35, Marc Maiffret wrote:
The "funny" part is if the server gets DDoS'd then so will Windows IT Pro magazine whom is hosting the hack server (now at least) on the same subnet as their main website and with the same routes of course... Maybe they can product test some Arbor networks gear while they are at it :-) two for one. Then again we did break our last xbox, so hmmmm Signed, Marc Maiffret
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- IIS hacking contest Bryan Loveless (Apr 07)
- Re: IIS hacking contest Randall Perry (Apr 07)
- <Possible follow-ups>
- RE: IIS hacking contest Marc Maiffret (Apr 07)
- Re: IIS hacking contest H D Moore (Apr 07)
- Re: IIS hacking contest sHz (Apr 08)
- Re: IIS hacking contest n3td3v (Apr 08)
- Re: IIS hacking contest H D Moore (Apr 07)