Hi Wendel, My post is not about the possibility that the Ettercap code was been backdoored or not. I have only try to explain (with very few details) how is possible find breaches in well known web sites (like sourceforge) starting from the analaysis of source ode of a p(php/perl/python)bot. Nothing else. If I have more time to spent for this, I will post an explanation of my "mind map" that I used months ago for start to study this kind of bot.
Regards. On Wed, Dec 29, 2010 at 8:24 PM, Wendel Guglielmetti Henrique < [email protected]> wrote: > Hi, > > One of the claims made in the zine was that they compromised the > popular ARP-Spoofing toolkit – Ettercap, and implied that the code had > been altered several years ago. The implication was that a backdoor > was placed in the code. However, there is no evidence... > > We wrote a post about that @ SpiderLabs blog. > > > http://blog.spiderlabs.com/2010/12/anti-security-and-the-christmas-day-incident.html > > Best regards > > On Wed, Dec 29, 2010 at 12:32 PM, exploit dev <[email protected]> > wrote: > > If you are interested > > > http://extraexploit.blogspot.com/2010/12/some-considerations-on-ettercap-source.html > > > > Regards > > > > -- > > http://extraexploit.blogspot.com > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > > > -- > Wendel Guglielmetti Henrique > http://wsec.110mb.com/ - Personal HomePage > -- http://extraexploit.blogspot.com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
