[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-Disclosure] RE: Isecom.org ideahamster.org and the hackerhighschool.org
From:       robert () dyadsecurity ! com
Date:       2004-11-30 23:24:22
Message-ID: 20041130232422.GA4318 () znvyfrei ! dyadsecurity ! com
[Download RAW message or body]

Pedro Andujar (crg@digitalsec.net)@Tue, 30 Nov 2004 06:45:16 -0800:
> Pen-tester like hacking:
> 1) read bugtraq.
> 2) get the las published exploit.
> 3) do some changes (1 or 2 lines ... or change credits of the xpl
> is enough).
> 4) ./exploit host

While this may be CEH compliant.. it is not OSSTMM compliant :).

Also it's a total fabrication of what you actually did.  You actually exploited a PHP problem \
in the forums.  Some of your humor would be funny and even appreciated if you had enough Ethics \
to be honest.  I guess you can't even qualify as a CEH.  Oh well, maybe you could study up and \
pass the CISSP.

> tar xvzf freebsdlocal0day-donotdistributed-suppliedby-divineint.tgz
> make freebsdlocal0day-donotdistributed-suppliedby-divineint
> uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), 5(operator), 20(staff), \
> 31(guest)

Hehe .. wouldn't it be fun if we all could just make believe that things really happened?  It \
certainly would be a lot easier that way.

Pedro, you know, with all of that desire with the right mentoring, you may even become useful \
someday.  Until you can learn to be honest about your findings however, I suggest staying out \
of the lime light.

Robert

-- 
Robert E. Lee
CTO, Dyad Security, Inc.
W - http://www.dyadsecurity.com
E - robert@dyadsecurity.com
M - (949) 394-2033

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


[prev in list] [next in list] [prev in thread] [next in thread]