Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: i've found an exploit, but i want to make it do something before i report it

From: evilrabbi <evilrabbi () gmail com>
Date: Sat, 8 Jul 2006 21:32:53 -0500
Here are some pretty generic things.. Bind shell, connect back shell. have
it download a file an execute it. Those are just a few ideas...

On 7/7/06, ima cow <i-am-cow () rogers com> wrote:


i understand that this is "full disclosure", but before i actually spill
the beans on the exact nature of the exploit i've found, i'd like to make it
actually do something.
for now, know that it affects a popular plugin for a popular messaging
program.
i'm at the stage where i can run any command on the remote user's computer
(just like start > run...), or have them request remote assistance.
other than showing them goatse, what can i do with this?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/





--
-- h0 h0 h0 --
www.nopsled.net

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: