Re: Telnetd exploit for solaris

From: Stanley G. Bubrouski (stanat_private)
Date: Thu Sep 06 2001 - 18:35:20 PDT

Next message: Gert-Jan Hagenaars: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"

Previous message: Josh Crane: "Re: Telnetd exploit for solaris"
In reply to: sween: "Re: Telnetd exploit for solaris"
Next in thread: Kaneda Akira: "Re: Telnetd exploit for solaris"
Next in thread: Robert A. Seace: "Re: Telnetd exploit for solaris"
Reply: Kaneda Akira: "Re: Telnetd exploit for solaris"
Reply: Cory McIntire: "Re: Telnetd exploit for solaris"
Reply: H D Moore: "Re: Telnetd exploit for solaris"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 6 Sep 2001, sween wrote:

> 
> On Wed, 5 Sep 2001, fintler wrote:
> > Now why would you possible want something like that...if you were an
> 
> sooooo you can drive an industry and root somebody's solaris machine and
> prove to SOMEONE's company that this computer security bullshit isn't just
> a fad and that are not wasting 60K a year for a "security" expert to hover
> over security focus mailing lists and apply patches to expensive operating
> systems that were shipped broken in the first place.
> 
> this industry needs an old fashioned ass whoopin.
> 
> You owe script kiddies... BIG TIME.
> 

The computer and software industries owe script kiddies NOTHING.  Script
kiddies bring down sites, wreak havoc on networks, use compromised as
platforms for attack and all without knowing how what they are using works
or what harm they are doing.

The people owed thanks are the people who find and report vulnerabilites,
who attempt to offer fixes and workarounds, and yes people who write and
publish proof of concept code and tools.

But there is a huge difference between supplying a proof of concept and
using one to gain unauthorized access to companies system.

> GET OFF MY LIST.
> 

This is list is to discuss vulnerabilities, not promote script kiddies as
the great fucking guardian angels of corporate America.  Get real.

> > 
> > --- Labkonto <ppht-15at_private> wrote:
> > > Anyone here that developed an exploit
> > > for the Telnetd buffer overflow on solaris,
> > > or know where to get one?
> > > 
> > > 
> > > // pp
> > > 
> > 
> 

No, but when I do I'll post it here.

> admin, you'd just patch your
> > box and forget it. I can only assume you're trying to get into someone elses box, what makes you
> > think I'm going to give you a script so you can get someone fired from their job because you felt
> > like being an 3r3ct skr1pt k1ddi3.
> > 

Give him whatever he asks for.  I want to see him behind bars if he plans
to use it to gain unauthorized access to people's systems (not that I'm
saying he is)

> > -fintler <fintlerat_private>
> > 
> > __________________________________________________
> > Do You Yahoo!?
> > Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger
> > http://im.yahoo.com
> > 
> > 
> 
> 
> --
> 
> sween
> -script kiddie-
> 

Are you for real?  I feel like I'm reading something written by a chimp
from a tv sitcom.  Anyone else got any input on script kiddies being a
positive thing?

> 
> 

Stan

--
Stan Bubrouski                                       stanat_private
23 Westmoreland Road, Hingham, MA 02043        Cell:   (617) 835-3284

Next message: Gert-Jan Hagenaars: "Re: CodeGreen beta release (idq-patcher/antiCodeRed/etc.)"
Previous message: Josh Crane: "Re: Telnetd exploit for solaris"
In reply to: sween: "Re: Telnetd exploit for solaris"
Next in thread: Kaneda Akira: "Re: Telnetd exploit for solaris"
Next in thread: Robert A. Seace: "Re: Telnetd exploit for solaris"
Reply: Kaneda Akira: "Re: Telnetd exploit for solaris"
Reply: Cory McIntire: "Re: Telnetd exploit for solaris"
Reply: H D Moore: "Re: Telnetd exploit for solaris"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 23:13:05 PDT