Hi XD, Am 19. Januar 2012 15:27 schrieb xD 0x41 <[email protected]>: > Oh and btw, that coding style, just aint you dude... you know, > everyone has theyre own fingerprint, i find it really hard to think > that, you just made this mistakes in cksum area,wich was area wich > actually does the exploiting :P , so why release crap ? why not make
I release it because it worked for me INSIDE TWO VM's, I had no clue about the checksum error. I didnt cripple it. It worked in my tests because I bet the vmware did adjust the checksums to be correct. Why release that crap? Because I wanted to be the first to release an exploit for it for fame and glory and it was coded in a hurry, I was thinking it actually works (I am doing more tests now on real hardware so I can be sure) > it half decent, and as i said, it was not even your coding style so im > finding this really hard to believe it wwas yours, maybe was modified > , from many many similars, but, i guess thats normal... you tend to It is modified code from other coders as stated in the header. > use perl, and bash alot, within your bash, is the .c, and that is your > style... like zx2c has, like dan rosenberg and JO, all kep the same > style, because it is habit for any coder.. you dont just change styles > this fast, or did you get some realllly good ebooks coz, show me where > you found so i can catch up to it :P) I didnt change my coding style, it was just done in a hurry so Dan or Jon wouldnt beat me on that BWHAHAHA. > Love you long time pal, but, find this one abit shitty, and, i do like > everything in past, your codes going back to you know when, but this > is bs, and if you were gonna rls it, you shulda fucked with the > numbers maybe, but, let it fkn run, it was made as poc for lan test > right, so why cripple it, thats just silly... thats why i attack it, > and, i dont really care a shit who coded it, but, i doubt it was > anyone in that code. You can attack it its your opinion and thats totally fine. I didnt cripple the code actually. > have a good day and, no offence over this but, it just shits me when > people, who know better, go out of theyre way and release publically, > shit wich is fucked up and, in this case, would waste a persons time, > and, you even put tested on, and, now, how would it be tested with > that cksum, please explain that then, your saying you dont have time > but stop bullshit man, you crippled it, just fkn admit it, it could > NOT work setup, without the damn cksum, as it was part of sento! how > could this, be any use, even with the settings back to old, without my > edit.... you show me one fucking real test, i mean, compile the code, > infront of people, then go make your fYT vids, seriously, I have told > Jon Oberheldie this, and others, str8 up, if you release crippled > shit, your as shit as what you cripple mate. You forget about all the codes I rlsed before. As I said this was done in a hurry. You had a look at roaring beast ? How can you tell me I send crippled codes out? Buddy I m human too and do mistakes. > thats just my point of view and really, this is d0s, wich, i dont care > for..im saying, you dont see AB release some fucked up exploit every AB? whos that ? > 2months, and makeSURE it dont work , you dont see anyone release shit > like this anymore with such blatant errors, its just shitty, luckily i > nano'd it, yea, i like nano ok, or i would have wasted time wtf ? come on.. nano.. this is getting silly > kcope...its just that simple, and no offences atall, i was able to > spot this, but, do not sit there, telling me and everyone else, that > it was working, tested... coz, we both know that was NOT the same code > released, you cannot deny the code.... simple. > you screwed this one up. go back to exploiting :P itsd better and your > better at it! :P As I said I tested it with two VMS in a testbed and both Ubuntu and OpenSUSE crashed instantly. > I like your shit, but, i realllllly prefer, when kxcope, is thinking > of b0f and new methods etc, like i know the one from 2009 did, and > found the biggest remote hole ever,and you even released this , and > people can hate you and whatever but there is no denying it, your damn > skilled, so im just saying, i dont like crippled work, nowdays, and > when it is released with a mark of approval, from someone i trust. Its 2011 and I found a bug in FreeBSD ftpd. Which is better than ProFTPD coz it rocks, have you ever seen a bug in FreeBSD ftpd since ~10 years ? > this is private, and, stays here but, this is why i attacked you dude, > and, nothing bad about it, it stays here, and, thats it... i wont say > shit, i have said what i wanted, your a nice guy, i like you, so, > thats all, i just dont want to see you ending up like them other fags, > they have 0 respect UG... you do atleast have that... fuck fd lists > respect... but still, you just had to leave out that line 'tested' ;) I like the public scene more than the dark one. > ok, sorry for any confusion etc but, thats all i think and, i want you > to know exactly what i think, and know i am not being mean atall... > and apologise for even puttingthat retort onto fd..i should have just OMG how the ***** you have time to write me so long lines ? > pmd you, but i loose sight of your nickname sometimes...anyhow... i > hope your not offended but, i did not try to offend you atall, i just > found it really weird that yopu released that and, it was shitty > lol... lan d0s :P i mean, we could have lan PARTY now, we could all > get drunk and crunk but, not lan-d0s :P HEHE, I want to see the CCC Hackerspace got hit by that. > hehe, tcare man, i fucking find you one of my inspirations and why i > get up everyday, is to greet the people, who have some repspect in > them, i will makesure also the post goes only for regged members or > sumthin also, just to make it abit harder i guess for ppl to look > at...fkit.. i should not have even bothered saying shit but, i love > packets :P I have respect of you too. But next time please dont rls my FreeBSD locals on pastebin. > i just do, and, i added the other codes, so anyone could modify the > other codes, or port it to windows... and, nothing more... it is only > a frag adding app, and shows basic socket use... nothing more... so, > it was basically, an adon, to your tool, it would be nice to do a test > with fragging.. anyhow, i might do that myself...see howfar this bug > can be pushed... take care man, i hope your cool , take it easy and > speak to you soon > drew Ok good, so your code works actually? Over the internet ............ This is an exercise for the interested reader. Regards, Kingcope > > On 20 January 2012 00:28, HI-TECH . > <[email protected]> wrote: >> Hello xD, >> sorry I don't understand a word you are talking about. >> To put everything together about what you were ranting would take too >> much time for me. >> Did I offend you in any way ? >> It's just a PoC for people to test their systems nothing else... >> I cannot check each every system if it works, I just checked two boxes >> and thats enough for me. >> >> Regards, >> >> Kc >> >> Am 19. Januar 2012 04:56 schrieb xD 0x41 <[email protected]>: >>> Now, heres the one wich works, without in_chksum bug ;) >>> >>> http://pastebin.com/x1ShKAUT >>> >>> now, sorry but, had to try it remotely, sheesh, and, you dont >>> cripple, code of old bugs and, half of this code is from an old bug >>> anyhow, so why the heck not leave it... i guess now your starting to >>> look like Jon Oberheldie the king of fucked up cripples... lol... >>> ewnjoy folks. this version, may even work! omg isnt this amazing!! >>> XD says to FD a BIG FUCKS YOU ,well cept kcope and few other decent >>> guys like me :P ,and nme, and tropic and well, #Haxnet :) >>> now go fucking shoot yourselves away with your newbie working >>> undeadattack.. dont know why someone did not inform me they would >>> cripple it, and maybe forward a copy to me but, now this file, goes >>> where the rest go, to the shame files... >>> >>> >>> >>> >>> >>> On 18 January 2012 08:11, HI-TECH . >>> <[email protected]> wrote: >>>> Demonstration of the Exploit: >>>> http://www.youtube.com/watch?v=78nAxh70yZE (thanks ClsHack) >>>> >>>> see attached content >>>> >>>> /Kingcope >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
