'[Full-Disclosure] OpenSSL on Fire.'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-Disclosure] OpenSSL on Fire.
From:       harden () softhome ! net
Date:       2003-03-30 3:43:30
[Download RAW message or body]

This is a MIME-formatted message.  If you see this text it means that your
E-mail software does not support MIME-formatted messages.


. Background 

For years now, the OpenSSL project has been developing strong, 
commercial-grade and, yes, full-featured toolkit implementing the Secure 
Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols in 
collaboration with many developers from all around the globe. 

. Problem Description 

Since not everyone are socially skilled and everyone need friends, some 
secret societies released prisonners that released stuff that helped some 
people to do some programming things that then became public to become 
friend with unknown people, see societies. 

. Workaround 

As many of you already thought, suicide can be a way out of this 
uncomfortable position. As I told many people, some of us does have social 
obligations and cannot afford to commit suicide. Using your imagination MAY 
lead to interesting answers. In case of frustration, use the attached 
semi-automatic rooter kit and hack as many servers as you can. Note that 
this will probably not give you root so you should use the NEW PTRACE 
exploit aviable from some whitehated polish persons at 
http://isec.pl/cliph/isec-ptrace-kmod-exploit.c to gain root on all these 
boxes. 

. Solution 

1. Be against the security industry.
2. Join the security industry.
3. Use openssl uzi to kill as many servers as you can. 

. More Details 

By publishing such a tool I expect the world to be a better place,
at least people can have an idea of the WORST.
The attached archive is distributed feely under some license or not.
Yes, I do have the right to do that. 

. Text 

I like to control my brain with my brain. 

  -Harden 

["openssl-uzi.tar" (application/x-tar)]
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic