Fwd: Gonzor / Themiddler / PEScrambler

[NSweaney at tulsacash.com (Nathan Sweaney)]

I can see the wisdom in asking permission, but what if there's no
response, or there's no one left to ask?  It seems to me that the site
would be more useful with a policy of hosting unless asked not to.
Afterall the whole thing started with a discussion of how to find
utilities that no longer seem to have a home.  
 
i also wonder about legality issues.  if the site hosts the tools and
someone decides that it's illegal, what's the plan.  also, what if
someone insists that their tool not be hosted, but there's no where else
to get it.  Or if they insist on only hosting the most recent version
even if there are legitimate reasons why security professionals may want
to use older versions.  
 
seems like there are a lot of questions that could come up eventually.  
 
 
________________________________

From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Arch Angel
Sent: Thursday, December 18, 2008 11:55 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] Fwd: Gonzor / Themiddler / PEScrambler


Asking permission would go without saying, we would have to request
permission to archive / central repository for these tools.

As for the Germany thing, ya I just heard about that.  Fairly power law
and recourse for such action!

I also agree a Wiki type setup would be needed, thats why I was thinking
a media style Wiki like plone or other solution:

http://plone.org/




2008/12/18 Nils <nils at hemmann.de>


        hm, I'm not sure If we shoulder too much with this.
        You need to talk to each and everyone to get permission to host
their software.
         
        ....but anyway I'm happy to give a helping hand. We'd need a
Wiki page for each tool, too and I could provide some input for quite
some tools.
        I'm from Germany and hosting such a thingy over here is against
the law (Anti Hacker blablabla...)  but helping you overseas isn't   ;-)
         
        Nils

________________________________

        From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Rob Fuller
        Sent: Thursday, December 18, 2008 4:06 PM 

        To: PaulDotCom Security Weekly Mailing List
        Subject: Re: [Pauldotcom] Fwd: Gonzor / Themiddler / PEScrambler
        

        Just purchased SecToolsList.com if ya'll are interested in going
under that name.
        
        
        2008/12/18 Arch Angel <arch3angel at gmail.com>
        

                I was thinking we come up with a whole new domain we can
build off of, something reflective of the culture and the community.
                
                Any suggestions?
                
                
                2008/12/18 Matt Hillman <cybereagle at gmail.com> 


                        well i dunno if its relevant enough but i'm
happy to provide a creatively thought up subdomain of hackerslegion.com
                        
                        
                        2008/12/18 Arch Angel <arch3angel at gmail.com> 


                                If anyone has the time to help me begin
this project of creating a central point and website for all these
goodies let me know.  I can provide space, bandwidth, and if we come up
with a domain name that we all like I'll throw in the cost of the domain
name.  Once we have the domain name I can have the access setup in a
matter of minutes.
                                
                                P.s. We cant use "larryisgod.org" its
not fair to the other monkeys in the zoo :-)
                                
                                
                                2008/12/17 Nathan Sweaney
<NSweaney at tulsacash.com>
                                

                                if I remember correctly, the Gonzor
payload was basically just a well-written batch file that called several
utilities from http://www.nirsoft.net/. 
                                 
                                so if you've already got a usable
exploit just use the meterpreter & copy the utilities over that you want
to use.
                                 
                                in fact you could probably create
meterpreter scripts that would do each of the things you want more
efficiently.

________________________________

                                From:
pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Noah
                                Sent: Wednesday, December 17, 2008 5:35
PM 

                                To: 'PaulDotCom Security Weekly Mailing
List'
                                
                                Subject: Re: [Pauldotcom] Fwd: Gonzor /
Themiddler / PEScrambler
                                
                                

                                Hi, 

                                 

                                While we're still talking about the
Gonzor payload, has anyone had any luck with - or seen something similar
to Gonzor for metasploit? The saved password dumping that the Gonzor
payload does would be exceptionally handy in a pentest as a metasploit
payload. 

                                 

                                - Noah


        
_______________________________________________
                                Pauldotcom mailing list
                                Pauldotcom at mail.pauldotcom.com
        
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
                                Main Web Site: http://pauldotcom.com
                                



        
_______________________________________________
                                Pauldotcom mailing list
                                Pauldotcom at mail.pauldotcom.com
        
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
                                Main Web Site: http://pauldotcom.com
                                



                        _______________________________________________
                        Pauldotcom mailing list
                        Pauldotcom at mail.pauldotcom.com
        
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
                        Main Web Site: http://pauldotcom.com
                        



                _______________________________________________
                Pauldotcom mailing list
                Pauldotcom at mail.pauldotcom.com
        
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
                Main Web Site: http://pauldotcom.com
                



        _______________________________________________
        Pauldotcom mailing list
        Pauldotcom at mail.pauldotcom.com
        http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
        Main Web Site: http://pauldotcom.com
        


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081218/d4fa4c6a/attachment.htm