[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Publishing exploit code - what is it good for

To: Joachim Schipper <j.schipper@xxxxxxxxxx>
Subject: Re: [Full-disclosure] Publishing exploit code - what is it good for
From: Erick Mechler <emechler@xxxxxxxxxxxxxx>
Date: Thu, 30 Jun 2005 10:36:57 -0700

:: Blackhats may get along with only a handful of exploits, if they're 
:: willing to try to find targets to match their collection, but a 
:: pentester should have the collection to match the target.
:: 
:: This is doubly true if we're not talking about a dedicated pentester, 
:: but about a sysadmin with a networking/security background who likes to 
:: verify that the patches did, indeed, work.

To that I say let the people producing the patches deliver the exploit code
as a POC that the patches did, indeed, work.  Releasing exploit code before
the patch is released helps nobody except the blackhats.

:: Also, exploits will be distributed, publicly or otherwise - doing it in 
:: the open means we know what happens when.

You should, as an admin, assume that once a vulnerability is released, the 
exploit has been too, whether you see it attached to the vuln announcement 
or not.

Cheers - Erick
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Publishing exploit code - what is it good for
  - From: Joachim Schipper

Prev by Date: Re: [Full-disclosure] Publishing exploit code - what is it good for
Next by Date: [Full-disclosure] Re: Publishing exploit code - what is it good for
Previous by thread: Re: [Full-disclosure] Publishing exploit code - what is it good for
Next by thread: Re: [Full-disclosure] Publishing exploit code - what is it good for
Index(es):
- Date
- Thread