This is a MIME encoded message. --=_a72578003709bb3ae01d2c23962a64f9 Content-Type: text/plain Content-Transfer-Encoding: 7bit 0ddly, I didn't get a copy of the original message in my inbox - but I have a few things to say about this thread. First off, if you are getting your exploits at public distribution sites such as: http://packetstormsecurity.nl/exploits20.shtml http://www.k-otik.com/exploits/ http://www.securiteam.com/exploits/ etc.. then you are already *several* steps behind the curve. Climbing up the chain, you will see release points such as exploit authors/groups websites. Higher still, you have private exploit distribution networks such as trading in IRC channels and private mailing lists (I run a private 0day mailing list myself, less technical than 0daydigest but more action). In these cases the way you get involved is if you contribute something - you need to offer something new. Beyond the aforementioned, you pretty much just have the exploit developers themselves. My recommendation is learn to find your own bugs and write your own code. Though, it's interesting - there are now commercial grade exploits being offered for sale from companies! $995 http://www.immunitysec.com/CANVAS/ $15000 http://www.coresecurity.com/products/coreimpact/index.php These packages are similar but include different exploits and framework so it would be hard to compare the two. Expect this short list (2) to grow to dozens in the coming years, including opensource/free versions I'm sure (but I hope not). jqp --- Frank Boldewin <frank.boldewinat_private> wrote: > canvas has some 0day exploits and i think it is worth a buy, > but another good product is core impact. > they made a good product full of reliable exploits, for the > latest bugs in major daemons. it's not very cheap, but worthy > for that what u might searching for. > > cheers, > frank > --=_a72578003709bb3ae01d2c23962a64f9-- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Mon Jul 21 2003 - 21:02:27 PDT