PaulDotCom mailing list archives
Re: selling exploits to ZDI
From: Gerardo Iglesias Galvan <iglesiasg () gmail com>
Date: Fri, 6 Apr 2012 16:05:58 -0500
The price really depends on the vendor, product and severity of the vuln, but for pre-auth RCE on a product from a big vendor (let's say e.g. IBM) you could get up to $1k. Cheers, Gerardo Iglesias On Thu, Apr 5, 2012 at 5:01 PM, Robin Wood <robin () digininja org> wrote:
I'm probably going to do the Corelan exploit development course at BruCon but I'm trying to work out the rough selling price for exploits to ZDI. I tried asking them on twitter but the best I got back was that they had paid $x over y years and told to do the maths. That doesn't really help so I was wondering if anyone here could give me a rough idea of prices. I'll be just starting out so probably finding small things in obscure apps to start with just to get used to doing things then start moving upwards if things work out. I've read all the information on the things that affect the price but I'd just like to get an idea of a base prices so I can then apply their conditions when I'm thinking of targets and what to look at. Robin _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- selling exploits to ZDI Robin Wood (Apr 05)
- Re: selling exploits to ZDI Gerardo Iglesias Galvan (Apr 06)
- Re: selling exploits to ZDI Robin Wood (Apr 06)
- Re: selling exploits to ZDI Gerardo Iglesias Galvan (Apr 06)