Full Disclosure mailing list archives
Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient
From: ichib0d crane <themadichib0d () gmail com>
Date: Thu, 28 Apr 2011 15:22:55 -0700
Any reason for the hostility? The nigerian thing was ages ago and out of curiosity, and I don't see how my choice of school is relevant in the situation. Wheres this six month deal coming from and when did I ever say I even counted myself as a hacker? All I'm saying is InsectPro did poor documentation and poor investigation into the "vulnerability". On Thu, Apr 28, 2011 at 3:11 PM, ghost <ghosts () gmail com> wrote:
So in 6 short months you've become a master hacker huh Gage ? All that reporting "nigerian scammers" really put you to the top of the hacker echelon ? or is it cause you finally got a piece of paper as "recognition" from your little school ? In short; Shut the fuck up and go play in traffic, kid. On Thu, Apr 28, 2011 at 2:39 PM, ichib0d crane <themadichib0d () gmail com> wrote:This isn't a zero day. This is a vulnerability. Being able to crash the system is nothing compared to the effort needed to actually write the exploit. What function is the heap overflow in? Did you guys even bother to find out? How do I know this is even a heap overflow? Heck you couldnt even overwrite a single register! How effective are standard mitigations on the target? Are there even any?(if there isnt and you couldnt overwrite a single reg theres something wrong with you). Cool fuzz story bro, tell it again, but a quick fuzz doesn't drop zero days. A smart exploit WRITER drops zero days. Come back once you stop being an amateur. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Juan Sacco (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Mario Vilas (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Valdis . Kletnieks (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient ichib0d crane (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient ghost (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient ichib0d crane (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient -= Glowing Doom =- (Apr 29)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Cal Leeming (Apr 29)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Valdis . Kletnieks (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Mario Vilas (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient Mario Vilas (Apr 28)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient -= Glowing Doom =- (Apr 29)
- Re: Insect Pro - Advisory 2011 0428 - Zero Day - Heap Buffer Overflow in xMatters APClient R0me0 *** (Apr 29)