PaulDotCom mailing list archives
Re: selling exploits to ZDI
From: Robin Wood <robin () digininja org>
Date: Sat, 7 Apr 2012 00:13:11 +0100
On 6 April 2012 22:05, Gerardo Iglesias Galvan <iglesiasg () gmail com> wrote:
The price really depends on the vendor, product and severity of the vuln, but for pre-auth RCE on a product from a big vendor (let's say e.g. IBM) you could get up to $1k.
I don't know much about prices but I would have thought a pre-auth RCE is worth a hell of a lot more than that. Robin
Cheers, Gerardo Iglesias On Thu, Apr 5, 2012 at 5:01 PM, Robin Wood <robin () digininja org> wrote:I'm probably going to do the Corelan exploit development course at BruCon but I'm trying to work out the rough selling price for exploits to ZDI. I tried asking them on twitter but the best I got back was that they had paid $x over y years and told to do the maths. That doesn't really help so I was wondering if anyone here could give me a rough idea of prices. I'll be just starting out so probably finding small things in obscure apps to start with just to get used to doing things then start moving upwards if things work out. I've read all the information on the things that affect the price but I'd just like to get an idea of a base prices so I can then apply their conditions when I'm thinking of targets and what to look at. Robin _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- selling exploits to ZDI Robin Wood (Apr 05)
- Re: selling exploits to ZDI Gerardo Iglesias Galvan (Apr 06)
- Re: selling exploits to ZDI Robin Wood (Apr 06)
- Re: selling exploits to ZDI Gerardo Iglesias Galvan (Apr 06)