Re: [Full-disclosure] i've found an exploit, but i want to make it do something before i report it

evilrabbi Sat, 08 Jul 2006 19:33:25 -0700

Here are some pretty generic things.. Bind shell, connect back shell. have it download a file an execute it. Those are just a few ideas...

On 7/7/06, ima cow <[EMAIL PROTECTED]> wrote:

i understand that this is "full disclosure", but before i actually spill the beans on the exact nature of the exploit i've found, i'd like to make it actually do something.
for now, know that it affects a popular plugin for a popular messaging program.
i'm at the stage where i can run any command on the remote user's computer (just like start > run...), or have them request remote assistance.
other than showing them goatse, what can i do with this?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

--
-- h0 h0 h0 --
www.nopsled.net

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] i've found an exploit, but i want to make it do something before i report it

Reply via email to