[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] New open source Security Framework
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] New open source Security Framework
- From: PsychoBilly <zpamh0l3@xxxxxxxxx>
- Date: Thu, 06 Oct 2011 11:26:44 +0200
Boludoooo!
no jodes con un Porteño fino!
Aya se callen or desaparecen .
[[ Juan Sacco ]] @ [[ 06/10/2011 02:16
]]--------------------------------------------------
> Hey.. I already gave you an answer about this.
>
> AGAIN. For the last time.
> I respect the author's name of all the exploits added to Exploit Pack, like
> you suggest in a terrible and way.. Insulting and posting like 10 mail to the
> this list. I will add a " # Thank you [AUTHOR NAME ] for let us use your
> public script " in the
> top of all new exploit added to Exploit Pack Framework.
>
> ** Also, I created a mailing list to discuss this kind of things, report bugs
> and much more ( But sorry, NO INSULTING is allowed there ) **
>
> As other people told you stop doing chatting here. This is not a forum.
>
> JSacco
>
> On Wed, Oct 5, 2011 at 8:57 PM, xD 0x41 <secn3t@xxxxxxxxx
> <mailto:secn3t@xxxxxxxxx>> wrote:
>
> <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A">
> Free Float FTP Server USER Command Remote Buffer Overflow Exploit
> when parsing the command 'USR', which leads to a stack based overflow.
> Also Free Float FTP Server allow remote anonymous login by default
> exploiting these issues could allow an attacker to compromise the
> application, access or modify data.
> </Information>
>
>
> erm, sorry this dont count, it should be IN the code, not, after running
> it :P
> thats bs mate, and i wont agree with your crap, until you see my point
> really. It is, something you write, compared to running thwe GUI..
>
>
> xd
>
>
>
> On 6 October 2011 10:47, Juan Sacco <juansacco@xxxxxxxxx
> <mailto:juansacco@xxxxxxxxx>> wrote:
>
> Hey,
> Its really a shame that you didn't even take like 2 minutes to watch
> the source code of Exploit Pack before create an opinion.
> This can't be a copy of CANVAS. Canvas is made on Python. Exploit
> Pack JAVA. See the diference? Also, please take a look at the interface
> design, both are really different. Show me where Exploit Pack is similar to
> Canvas! I think you spent
> too much time looking for Waldo :-D
>
> We respect the exploit author and that is why I add them at the first
> line of the XML file
> You should run the program before creating this crappy post with your
> nonsense opinions ( Harassing the free work of others, you wrote lke 5 - 6
> insulting posts in like.. 2 minutes?.. Dude go find a girl, come on )
>
> Take a look if you want:
>
> <?xml version="1.0" encoding="UTF-8"?>
> <Module>
>
> <Exploit NameXML="Free Float FTP Server"
> CodeName="FreeFloatFTPServer.py" Platform="windows" Service="ftp"
> Type="remote" RemotePort="21" LocalPort="" ShellcodeAvailable="R"
> ShellPort="4444" SpecialArgs="">
> </Exploit>
>
> <Information Author="Blake" Date="August 23 2011" Vulnerability="N/A">
> Free Float FTP Server USER Command Remote Buffer Overflow Exploit
> when parsing the command 'USR', which leads to a stack based
> overflow. Also Free Float FTP Server allow remote anonymous login by default
> exploiting these issues could allow an attacker to compromise the
> application, access or modify data.
> </Information>
>
> JSacco
>
> On Wed, Oct 5, 2011 at 8:16 PM, xD 0x41 <secn3t@xxxxxxxxx
> <mailto:secn3t@xxxxxxxxx>> wrote:
>
> Heya jeff,
> The author is clearly not smart.
> He is copying other codes, this is a plain rip off of
> canvas...hehe... and same with his insect pro... he stole metasplit for tht
> one, then he wants repect, when we see him removing simplly one line wich
> would atleast say a ty and, show
> [ppl who writes, is maybe sometimes stabler than other authors,
> it would be better to have this in, not out.. he should be able to see thats
> how it works with exploit code/pocs in general... sometimes, if i see php
> code from one person, i
> will tend to look, but if it was from an unknown person, i prolly
> wouldnt.
> But this (open sauce) project, i will download and waste 5minutes
> on.
> Then illm go back to Backbox and BT5 and things wich work :)
> hehe
> (this guy is really mad about his app... and i mean, dang mad
> angry! I will buy some tissues and send to him, that is my donation for his
> app)
> :))
> xd
>
>
> On 6 October 2011 08:59, Jeffrey Walton <noloader@xxxxxxxxx
> <mailto:noloader@xxxxxxxxx>> wrote:
>
> On Wed, Oct 5, 2011 at 5:32 AM, root <root_@xxxxxxxxxxxxxxx
> <mailto:root_@xxxxxxxxxxxxxxx>> wrote:
> > - * @author Stefan Zeiger (szeiger@xxxxxxxxxxxx
> <mailto:szeiger@xxxxxxxxxxxx>)
> > - print " Written by Blake "
> > - <Information Author="Blake" Date="August 23 2011"
> Vulnerability="N/A">
> >
> > +#Exploit Pack - Security Framework for Exploit Developers
> > +#Copyright 2011 Juan Sacco http://exploitpack.com
> > +#
> > +#This program is free software: you can redistribute it
> and/or modify
> > it under the terms of the
> > +#GNU General Public License as published by the Free
> Software
> > Foundation, either version 3
> > +#or any later version.
> > +#
> > +#This program is distributed in the hope that it will be
> useful, but
> > WITHOUT ANY WARRANTY;
> > +#without even the implied warranty of MERCHANTABILITY or
> FITNESS FOR A
> > PARTICULAR
> > +#PURPOSE. See the GNU General Public License for more
> details.
> > +#
> > +#You should have received a copy of the GNU General Public
> License
> > along with this program.
> > +#If not, see http://www.gnu.org/licenses/
> GPL V3 - they had to encumber it to set it free?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
> --
> _________________________________________________
> Insecurity Research - Security auditing and testing software
> Web: http://www.insecurityresearch.com
> Insect Pro 2.5 was released stay tunned
>
>
>
>
>
>
> --
> _________________________________________________
> Insecurity Research - Security auditing and testing software
> Web: http://www.insecurityresearch.com
> Insect Pro 2.5 was released stay tunned
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/