Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: (:
From: Sergio 'shadown' Alvarez <shadown () gmail com>
Date: Fri, 13 Jun 2008 11:16:44 +0200

hi silky,

It depends what the purpose of your hashes is.
Whenever I post hashes I always also post to what each hash belongs to. 
My hashes always belong to a file that triggers a vulnerability or a PoC 
exploit that I'm about to submit to a vendor, just in case the vendor 
plays dirty.
If the vendor communication goes well then there's a advisory after the 
vendor fixes the problems, otherwise I have the elements to demonstrate 
that the vendor fixes silently the problems without giving the proper 
credits to the researcher that reported the problem.
The 'see i told you so' in my opinion is an act of coward that is 
willing to take the credits of someone else without communicating 
anything to anybody, the same thing when a hash is posted and not what 
it is about, at least that's how I think about it.
Once 'sowhat' released an advisory of a vulnerability for one of the 
hashes that I've posted in the past (I've even demo it at CCC Camp 
2007),  and I've never claimed it because he found it and he was able to 
get in touch with the vendor. I wasn't able even to get an answer from 
the vendor and of course I've never sent the file to them, what I did 
was to congratulate sowhat for his finding and ask him how did he manage 
to get the right contact.
That's how I handle this hashes.
Different mindset different approach.


silky wrote:
On Fri, Jun 13, 2008 at 2:37 PM, I)ruid <druid () caughq org> wrote:
MD5:    89ec9df95c1315dcb1a668e35b051b07
SHA1:   9f351ae9a3fbbbadaf10fea91384a32ed9836d36
SHA256: 02acfbfe892a47de50273f367f98cc2b5023dec34e668ca3ffbaa42c7dcbd5eb

i'm yet to see anyone actually claim one of these posted hashes yet.

like in the "see i told you so" fashion. maybe i've missed it.

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • (: I)ruid (Jun 13)
    • Re: (: silky (Jun 13)
      • Re: (: Robert Holgstad (Jun 13)
      • Re: (: Sergio 'shadown' Alvarez (Jun 13)
    • Re: (: KJK::Hyperion (Jun 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]