Full Disclosure mailing list archives
Re: Multiple 0-days in Dark Comet RAT
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Wed, 10 Oct 2012 14:06:06 -0700
It's InfoSec. Nothing has any meaning anymore. Or, better stated, things means whatever people want them to mean in order to forward their agenda. When we talked about full disclosure a while back, somebody said I was "jaded" as if it meant I had "clouded judgement." They were actually right though, as jaded" means "negative by way of experience." I remember when people started using metrics like "moderately critical" to describe their [what they called] 0-day XSS vulnerability for some ancient CRM package. That way they get to say they published 14,000 0-days on their marketing material. Some dude recently posted on a professional list how he routinely cracks the NTLMv2 hashes for 10,000 users in 36 hours with rainbow tables. Of course every single part of the statement is complete BS but no one (except me) even blinked. People talk about how stupid users are, but I think the people in the industry are far worse. Sent from whatever device will keep us from debating which one is better. On Oct 9, 2012, at 9:59 AM, Philip Whitehouse <philip () whiuk com> wrote:
Does 0-day have any meaning any more? It used to mean there were exploits in the wild used to cause damage before the vendor patched it not merely that a security researcher found it and disclosed it to the public before the vendor did. If a 0 day is everything found by a security team before a vendor then the term will loose all purpose and meaning because almost all work done by such researchers is finding vulns. before the vendor. End rant. Philip Whitehouse On 8 Oct 2012, at 21:33, "Hertz, Jesse" <jesse_hertz () brown edu> wrote:SQL Injection and Arbitrary File Access present in Command and Control server of DarkComet RAT for more info see: http://matasano.com/research/PEST-CONTROL.pdf _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Multiple 0-days in Dark Comet RAT Hertz, Jesse (Oct 09)
- Re: Multiple 0-days in Dark Comet RAT Philip Whitehouse (Oct 10)
- Re: Multiple 0-days in Dark Comet RAT Thor (Hammer of God) (Oct 10)
- Re: Multiple 0-days in Dark Comet RAT Pascal Ernster (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Gage Bystrom (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Julius Kivimäki (Oct 11)
- Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse (Oct 14)
- Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks (Oct 15)
- Re: Multiple 0-days in Dark Comet RAT Hertz, Jesse (Oct 17)
- Re: Multiple 0-days in Dark Comet RAT Philip Whitehouse (Oct 10)
- Re: Multiple 0-days in Dark Comet RAT Valdis . Kletnieks (Oct 18)
- <Possible follow-ups>
- Re: Multiple 0-days in Dark Comet RAT scriptjunkie (Oct 18)