[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] project unicorn exploitable index
- To: coderman@xxxxxxxxx
- Subject: Re: [FD] project unicorn exploitable index
- From: wola4@xxxxxxxxxxxxx
- Date: Tue, 13 May 2014 05:08:24 -0400
Ok some details :
If I should go for a paying model, it might be a REST/JSON API access, 0.5 btc
per month is my first idea.
It's back online for the day. The crawler is running at 3-20/hosts per hour,
basic http auth disclosure is easily findable. PHPSESSID would work on last
added hosts (last page, natural insert order for now).
Planning :
Short-term
- Timestamping
- Housekeeping
- Heartbleed ticker for more data on open hosts
Project distributed exploiting, long term :
- Finishing leaf instances images (nodes connecting to master(s) for
exploits/scan queuing/reporting) bootable in any supervisor
- Securing the communication bus
- Open exploits plugin system on clearnet so people can extend (github,
whatever)
Question now ...
I can't see this going clearnet right ? Any insights on how ... legal it would
be ?
I truely think, securing people will only be done by kicking them in the nuts
... Sorry if you're in there, blame your provider.
On Fri, May 9, 2014 at 6:12 AM, <wola4@xxxxxxxxxxxxx> wrote:
> ...
> Dropping this here, ...
> http://unicorntufgvuhbi.onion/
miss it already...
(~_~;)
best regards,
(if/when resumed, what about X.XXXBTC for db export?)
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/