[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [Full-Disclosure] RE: Isecom.org ideahamster.org and the hackerhighschool.org
From: robert () dyadsecurity ! com
Date: 2004-11-30 23:24:22
Message-ID: 20041130232422.GA4318 () znvyfrei ! dyadsecurity ! com
[Download RAW message or body]
Pedro Andujar (crg@digitalsec.net)@Tue, 30 Nov 2004 06:45:16 -0800:
> Pen-tester like hacking:
> 1) read bugtraq.
> 2) get the las published exploit.
> 3) do some changes (1 or 2 lines ... or change credits of the xpl
> is enough).
> 4) ./exploit host
While this may be CEH compliant.. it is not OSSTMM compliant :).
Also it's a total fabrication of what you actually did. You actually exploited a PHP problem \
in the forums. Some of your humor would be funny and even appreciated if you had enough Ethics \
to be honest. I guess you can't even qualify as a CEH. Oh well, maybe you could study up and \
pass the CISSP.
> tar xvzf freebsdlocal0day-donotdistributed-suppliedby-divineint.tgz
> make freebsdlocal0day-donotdistributed-suppliedby-divineint
> uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), \
> 31(guest)
Hehe .. wouldn't it be fun if we all could just make believe that things really happened? It \
certainly would be a lot easier that way.
Pedro, you know, with all of that desire with the right mentoring, you may even become useful \
someday. Until you can learn to be honest about your findings however, I suggest staying out \
of the lime light.
Robert
--
Robert E. Lee
CTO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert@dyadsecurity.com
M - (949) 394-2033
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic