Full Disclosure mailing list archives

Re: full-disclosure () hushmail com

From: phioust <phioust () gmail com>
Date: Sun, 14 Oct 2007 13:16:59 -0500

On 10/14/07, pdp (architect) <pdp.gnucitizen () googlemail com> wrote:

military grade exploits? :) dude, I am sorry man.. but you are living
in some kind of a dream world. get real,


   So you pick apart three words of the message and the rest is null? you
seem to follow techniques of the great valdis [1] when trying to defend
worthless things ( in this case your career).

most of the military hacks

are as simple as bruteforcing the login prompt.. or trying something
as simple as XSS.



  Stop reading yahoo news

the reason XSS is soo neat is because it bypasses all firewalls



 It doesnt bypass "firewalls" it has nothing to do with them .. this is like
saying you beat pax because you used sql injection to get cmd exec on a
machine ( something the selinux team probably has in their presentations ).

... what?, your military grade exploit can do that? your

military grade exploit can attack only the things that are visible
from outside.



  Or what about attacking the "outside" itself? Did you not see the core
impact talk or were you too busy giving gadi a reach around by the pool?

if you want to sink into the stuff then do web hacking cuz it just works.



  You mean "do web hacking because you do not need any skills to look good
and automated tools do it all for you". No thanks ill pass

different people do different things and are experienced in different

disciplines.



 To me this sounds like "i couldnt write an exploit for a strcpy bug so now
I write xss code so i can still put hacker on my business card.

btw, this is your 3rd message on FD, right?



 I guess I should whore the list more and then people will listen to me? Is
this the secret to why gadi evron is still allowed to post here?

I am just in a mood for philosophical conversations today.


you should stay that way since you cant handle much else


  [1]
http://archives.neohapsis.com/archives/fulldisclosure/2007-05/0226.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: full-disclosure () hushmail com, (continued)
- - - Re: full-disclosure () hushmail com scott (Oct 13)
    - Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com full-disclosure (Oct 13)
  - Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com full-disclosure (Oct 13)
  - Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com full-disclosure (Oct 14)
  - Re: full-disclosure () hushmail com phioust (Oct 14)
    - Message not available
    - Re: full-disclosure () hushmail com phioust (Oct 14)
    - Re: full-disclosure () hushmail com pdp (architect) (Oct 15)
    - Re: full-disclosure () hushmail com phioust (Oct 14)
    - Re: full-disclosure () hushmail com pdp (architect) (Oct 15)
  - Re: full-disclosure () hushmail com Dude VanWinkle (Oct 14)
    - Re: full-disclosure () hushmail com gjgowey (Oct 14)
    - Re: full-disclosure () hushmail com phioust (Oct 14)
    - Re: full-disclosure () hushmail com gjgowey (Oct 14)
    - Re: full-disclosure () hushmail com Peter Besenbruch (Oct 14)
    - Re: full-disclosure () hushmail com crazy frog crazy frog (Oct 15)
- Re: full-disclosure () hushmail com full-disclosure (Oct 14)
  - Re: full-disclosure () hushmail com Dude VanWinkle (Oct 14)
    - Re: full-disclosure () hushmail com scott (Oct 14)

(Thread continues...)