Full Disclosure mailing list archives
Re: full-disclosure () hushmail com
From: "pdp (architect)" <pdp.gnucitizen () googlemail com>
Date: Sun, 14 Oct 2007 18:56:23 +0100
military grade exploits? :) dude, I am sorry man.. but you are living in some kind of a dream world. get real, most of the military hacks are as simple as bruteforcing the login prompt.. or trying something as simple as XSS. the reason XSS is soo neat is because it bypasses all firewalls... what?, your military grade exploit can do that? your military grade exploit can attack only the things that are visible from outside. if you want to sink into the stuff then do web hacking cuz it just works. btw, the reason I do mostly web hacking and information architecture, is because I love the topic and find it fascinating, something that you will never experience since you are looking for military grade exploits. find a job that you love and you will never work till the rest of your life, as they say... oh btw, maybe you can write a military grade exploit but you suck in other things... this is the real world. different people do different things and are experienced in different disciplines. that's why we do tiger-teams. or you can do all of it? :) on offense, right? I am just in a mood for philosophical conversations today. :) btw, this is your 3rd message on FD, right? On 10/14/07, phioust <phioust () gmail com> wrote:
I believe this discussion is about people who have real skills ( which is why you are confused ).. not "o so I couldn't finish my CS degree or function outside of computers so now I am doing XSS for a living" .... If XSS is the extent of your knowledge then I guess it will get food on your table but I think you should switch to this: http://www.securityfocus.com/archive/105 mailing list. and btw: needing someone to visit a webpage so you can xsrf isnt exactly military grade 0day nor is it stealthy ( not that you would know anything about stealthy exploits) but i guess people jumped on it so much so that their cissp capable minds wouldn't be confused by sql injection [1]. I also do not know why you assume someone that doesnt consider lame XSS as an 'exploit' could not work professionally. Maybe you just have no skill and thats all your job requires of you? [1] http://seclists.org/dailydave/2007/q4/0016.html On 10/14/07, pdp (architect) <pdp.gnucitizen () googlemail com > wrote:I really don't know what you refer to as an exploit.. :) and more over, it is obvious that you have a lack of knowledge on what's more valuable nowadays. don't take it personal. do you work professionally?_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- pdp (architect) | petko d. petkov http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: full-disclosure () hushmail com, (continued)
- Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com scott (Oct 13)
- Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com full-disclosure (Oct 13)
- Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com full-disclosure (Oct 13)
- Re: full-disclosure () hushmail com worried security (Oct 13)
- Re: full-disclosure () hushmail com full-disclosure (Oct 14)
- Re: full-disclosure () hushmail com phioust (Oct 14)
- Message not available
- Re: full-disclosure () hushmail com phioust (Oct 14)
- Re: full-disclosure () hushmail com pdp (architect) (Oct 15)
- Re: full-disclosure () hushmail com phioust (Oct 14)
- Re: full-disclosure () hushmail com pdp (architect) (Oct 15)
- Re: full-disclosure () hushmail com phioust (Oct 14)
- Re: full-disclosure () hushmail com gjgowey (Oct 14)
- Re: full-disclosure () hushmail com phioust (Oct 14)
- Re: full-disclosure () hushmail com gjgowey (Oct 14)
- Re: full-disclosure () hushmail com Peter Besenbruch (Oct 14)
- Re: full-disclosure () hushmail com Dude VanWinkle (Oct 14)