tradecraft and subversion

[full-disclosure () lists netsys com (crap producer)]

> On Tue, 27 Aug 2002, crap producer wrote:
> > You're no blackhat. You're just a programmer out of a few hundreds of 
> > thousands.
>
> Your opinion mostly mirrors that of sockz. See my response to him.

You cannot just redefine words like that. You faggots already stole term 
'hacker' by making it synonym for 'programmer'. Now you want to steal 
'blackhat' too?

> > Private stock? Why tell us then? Show off your outdated skills?
>
> I was mentioning some previous projects because it might provide some
> context on my background.

Nobody cares about your background. Everybody knows where you come from 
already: Wannabeland.

> You don't mention in this attack what skills you
> consider outdated. Note that most of the attacks I mention are still valid 
> and working.

And they've been fully documented and implemented a long time ago.

> Also, mentioning it doesn't mean revealing the details - it's
> important to understand the difference.

Much difference between pointless and more pointless.

> > > but due to the recent corporate ownership and the loss of Blue > >Boar, 
> well, screw that.
> > Your crap wouldn't make its way to *any* kind of moderated list, not
> > even vuln-dev.
>
> This mailing list is the first time I've used the alias of "aliver." I
> choose it specifically to participate in this list. Regretably, I've
> posted much more than my fair share to Bugtraq, and it _always_ made it. So 
> much for this weak attack.

Let me guess
"I confirm that this bug [also] exists on..."

> > Which explains your presence here.
>
> What pray-tell would explain your presence here, Mr. Hushmail Anonymous? To 
> bring the sword of truth crashing down on hapless posers >such as myself?  
> You have no credibility and your arguments lack >weight. In my opinion, you 
> and sockz should get together and have a >beer, if you are old enough to 
> drink that is.

No weight? I thought they were obvious, but wait, I'll explain for you.

> > You must be kidding me.
> > You really think exploits for initiator-side bugs are not being written
> > already?
>
> I never said that, I said that there was less research in this area and in 
> many cases the bugs are more plentiful. Sharpen your reading comprehension 
> skills, and you won't come across as so thoughtless next time.

We all know that, wizeass. Except we dont feel the need to "start a project" 
about writing a server for "that kind of bug".

Find the vulnerability, then write the exploit. Do not project to write the 
exploit once you've found the vulnerability. Yes, that's where lies the 
difference between a blackhat and you.

> > And why you want to exploit the bug one time in ten anyway?
>
> Again, you lack reading comprehension skills. I clearly stated that it
> would be a tactic that would cause a condition that is harder to
> troubleshoot, and thus make the victim less wary at first.

Falls with other point...

> > Why would the client crash? You're not skilled enough to write working 
> > exploits yet?
>
> Actually based on this ignorant comment, it appears conversely that _you_ 
> aren't. The nature of a buffer overfow is that it creates a >condition that 
> will cause a segmentation violation or (depending on OS >of course) another 
> fatal error. Overwriting EIP and returning to shellcode generally precludes 
> being able to predict or store the actual (legitimate) return address after 
> you've executed your own >code. Therefore, the client application will 
> nearly always hang or >crash after your exploit is complete. Try reading a 
> basic paper on stack smashing before you make another comment like this, 
> humilating >yourself.

I'm not here to school you about such attacks. However, if you were slightly 
bit skilled, you would make sure you dont have to 'predict' in order for 
your attack to successfully work. Specifically with initiator-side 
vulnerability, for which you have no ability to reinitiate a crashed 
connection, and cannot rely on the initiatior to reconnect before attacking 
again (even less 1 time in 10). That is obvious logic.

As for crash after your exploit is complete, it's another demonstration that 
you dont know shit about exploit writing, and never researched beyond this 
'basic paper' you suggest me to read.

Another difference between a blackhat and you.

> > That crap aint steganography. Its just some gayass uselessly space
> > consuming ascii armoring.
>
> You showing your ignorance again. The project is _by definition_
> steganographic in nature since the output is human readable and would
> likely be incorrectly perceived as something that it's not (a readable
> leetspeak rant).

By a 2 year old, maybe. Otherwise, pretty much everyone who would read your 
"leetspeak rant" would see that it makes no sense, and would consider the 
possibility that it transports something else.

Another proof that you dont know shit about practical steganography.

> Steganography, from Greek steganos, or "covered," and
> graphie, or "writing") is the hiding of a secret message within an
> ordinary message and the extraction of it at its destination.

That's the point you fuckhead. Your container is everything but 'ordinary'. 
Except for a 2 year-old or 40 IQ dumbass like you.

> If you were trying to build any credibility for your arguments, it's shot 
> to hell now. Learn to do a Google search before you spew this kind of 
> garbage.

Learn to be smart before coding useless crap.

> > And I thought you said your skills in crypto increased dramaticaly.
> > Hell, I can't imagine what it looked like before.
>
> Well, Mr Hushmail, why don't you _really_ show everyone how stupid I am by 
> posting a method to obtain plaintext from a file encrypted with xxt (which 
> I posted a week or so ago) and show me and everyone how weak my skills with 
> cryptographic implementation are?

Here are you cryptographic implementation skills:

/*                            [...] Some */
/* code from their publications was used */
/* for some of the encryption portions.  */
/* However it was altered to be 64 bit   */
/* architecture friendly.                */
/*                                       */
/*                      [...] The MD5    */
/* implementation here is uses a public  */
/* domain RFC1321 ripoff implementation  */
/* from:                                 */
/* L. Peter Deutsch                      */

And yet this is only what you credit them for.

> aliver
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html




_________________________________________________________________
Chat with friends online, try MSN Messenger: http://messenger.msn.com