Re: New open source Security Framework

[xD 0x41 <secn3t () gmail com>]

as i said again stop the lies.'

Take a look if you want:

<?xml version="1.0" encoding="UTF-8"?>
<Module>

<Exploit NameXML="Free Float FTP Server"
CodeName="FreeFloatFTPServer.py"  Platform="windows" Service="ftp"
Type="remote" RemotePort="21" LocalPort="" ShellcodeAvailable="R"
ShellPort="4444" SpecialArgs="">
</Exploit>

<Information Author="Blake" Date="August 23 2011" Vulnerability="N/A">
Free Float FTP Server USER Command Remote Buffer Overflow Exploit
when parsing the command 'USR', which leads to a stack based overflow.
Also Free Float FTP Server allow remote anonymous login by default
exploiting these issues could allow an attacker to compromise the
application, access or modify data.
</Information>

JSacco

I did, and i also looked at hyour git src to.
screw u and the pack,. until it is pro, i wont b near it, and, it wont EVER
b pro, with YOU runnin it,. who will give u GOOD stuff, for 2bux.. fool.
and you dare lie, anyone can check what i just saw, and, thats him, plain
out lying about his stuff, instead of just, admitting, "ok well, it is new,
and, could be, fixed alittle..any siggestions are welcome..."

as, i did give him already one in PM... but now, pfft. stop ccing me pls.
xd




On 6 October 2011 11:16, Juan Sacco <juansacco () gmail com> wrote:

> Hey.. I already gave you an answer about this.
>
> AGAIN. For the last time.
> I respect the author's name of all the exploits added to Exploit Pack, like
> you suggest in a terrible and way.. Insulting and posting like 10 mail to
> the this list. I will add a " # Thank you [AUTHOR NAME ] for let us use your
> public script " in the top of all new exploit added to Exploit Pack
> Framework.
>
> ** Also, I created a mailing list to discuss this kind of things, report
> bugs and much more ( But sorry, NO INSULTING is allowed there )  **
>
> As other people told you stop doing chatting here. This is not a forum.
>
> JSacco
>
> On Wed, Oct 5, 2011 at 8:57 PM, xD 0x41 <secn3t () gmail com> wrote:
>
> > <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A">
> > Free Float FTP Server USER Command Remote Buffer Overflow Exploit
> > when parsing the command 'USR', which leads to a stack based overflow. Also Free Float FTP Server allow remote 
> > anonymous login by default
> > exploiting these issues could allow an attacker to compromise the application, access or modify data.
> > </Information>
> >
> >
> > erm, sorry this dont count, it should be IN the code, not, after running it :P
> > thats bs mate, and i wont agree with your crap, until you see my point really. It is, something you write, compared 
> > to running thwe GUI..
> >
> >
> > xd
> >
> >
> >
> > On 6 October 2011 10:47, Juan Sacco <juansacco () gmail com> wrote:
> >
> > > Hey,
> > > Its really a shame that you didn't even take like 2 minutes to watch the
> > > source code of Exploit Pack before create an opinion.
> > > This can't be a copy of CANVAS. Canvas is made on Python. Exploit Pack
> > > JAVA. See the diference? Also, please take a look at the interface design,
> > > both are really different. Show me where Exploit Pack is similar to Canvas!
> > > I think you spent too much time looking for Waldo :-D
> > >
> > > We respect the exploit author and that is why I add them at the first
> > > line of the XML file
> > > You should run the program before creating this crappy post with your
> > > nonsense opinions ( Harassing the free work of others, you wrote lke 5 - 6
> > > insulting posts in like.. 2 minutes?.. Dude go find a girl, come on )
> > >
> > > Take a look if you want:
> > >
> > > <?xml version="1.0" encoding="UTF-8"?>
> > > <Module>
> > >
> > > <Exploit NameXML="Free Float FTP Server" CodeName="FreeFloatFTPServer.py"  Platform="windows" Service="ftp" 
> > > Type="remote" RemotePort="21" LocalPort="" ShellcodeAvailable="R" ShellPort="4444" SpecialArgs="">
> > > </Exploit>
> > >
> > > <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A">
> > > Free Float FTP Server USER Command Remote Buffer Overflow Exploit
> > > when parsing the command 'USR', which leads to a stack based overflow. Also Free Float FTP Server allow remote 
> > > anonymous login by default
> > > exploiting these issues could allow an attacker to compromise the application, access or modify data.
> > > </Information>
> > >
> > > JSacco
> > >
> > > On Wed, Oct 5, 2011 at 8:16 PM, xD 0x41 <secn3t () gmail com> wrote:
> > >
> > > > Heya jeff,
> > > > The author is clearly not smart.
> > > > He is copying other codes, this is a plain rip off of canvas...hehe...
> > > > and same with his insect pro... he stole metasplit for tht one, then he
> > > > wants repect, when we see him removing simplly one line wich would atleast
> > > > say a ty and, show [ppl who writes, is maybe sometimes stabler than other
> > > > authors, it would be better to have this in, not out.. he should be able to
> > > > see thats how it works with exploit code/pocs in general... sometimes, if i
> > > > see php code from one person, i will tend to look, but if it was from an
> > > > unknown person, i prolly wouldnt.
> > > > But this (open sauce) project, i will download and waste 5minutes on.
> > > > Then illm go back to Backbox and BT5 and things wich work :)
> > > > hehe
> > > > (this guy is really mad about his app... and i mean, dang mad angry! I
> > > > will buy some tissues and send to him, that is my donation for his app)
> > > > :))
> > > > xd
> > > >
> > > >
> > > > On 6 October 2011 08:59, Jeffrey Walton <noloader () gmail com> wrote:
> > > >
> > > > > On Wed, Oct 5, 2011 at 5:32 AM, root <root_ () fibertel com ar> wrote:
> > > > > > - * @author Stefan Zeiger (szeiger () novocode com)
> > > > > > - print "   Written by Blake  "
> > > > > > - <Information Author="Blake" Date="August 23 2011"
> > > > > Vulnerability="N/A">
> > > > > > +#Exploit Pack - Security Framework for Exploit Developers
> > > > > > +#Copyright 2011 Juan Sacco http://exploitpack.com
> > > > > > +#
> > > > > > +#This program is free software: you can redistribute it and/or
> > > > > modify
> > > > > > it under the terms of the
> > > > > > +#GNU General Public License as published by the Free Software
> > > > > > Foundation, either version 3
> > > > > > +#or any later version.
> > > > > > +#
> > > > > > +#This program is distributed in the hope that it will be useful, but
> > > > > > WITHOUT ANY WARRANTY;
> > > > > > +#without even the implied warranty of MERCHANTABILITY or FITNESS FOR
> > > > > A
> > > > > > PARTICULAR
> > > > > > +#PURPOSE. See the GNU General Public License for more details.
> > > > > > +#
> > > > > > +#You should have received a copy of the GNU General Public License
> > > > > > along with this program.
> > > > > > +#If not, see http://www.gnu.org/licenses/
> > > > > GPL V3 - they had to encumber it to set it free?
> > > > >
> > > > > _______________________________________________
> > > > > Full-Disclosure - We believe in it.
> > > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > > > Hosted and sponsored by Secunia - http://secunia.com/
> > > >
> > > >
> > > > _______________________________________________
> > > > Full-Disclosure - We believe in it.
> > > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > > > Hosted and sponsored by Secunia - http://secunia.com/
> > >
> > >
> > >
> > > --
> > > _________________________________________________
> > > Insecurity Research - Security auditing and testing software
> > > Web: http://www.insecurityresearch.com
> > > Insect Pro 2.5 was released stay tunned
>
>
> --
> _________________________________________________
> Insecurity Research - Security auditing and testing software
> Web: http://www.insecurityresearch.com
> Insect Pro 2.5 was released stay tunned
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/