On Wednesday 18 December 2002 21:31, matt merhar wrote: > Hey RMS, > Great idea, but I think it's already been in the works in the latest > version of Dug Song's infamous dsniff. I really hope that he fixes the > several remote exploits that exist in this acclaimed pen-testing tool, > though. > wow, I never thought dsniff had remote exploitation capabilities. All this time I thought it was a sniff+parse utility.
If you meant remotely exploitable holes, well ... > Here are some recent #monkey logs I've acquired that highlight the > features that I'm discussing. > *** #monkey Session Start (11/24/02) *** <snip> .. > <dr``> Rubbish! I've got Lance Spitzner on my side. I'm sure he's > audited the source code very well. What's this I hear about dsniff being > remotely exploitable in several places throughout the CodeBase? > <dugsong> Hmmm. Alright. I'll keep quiet. > *** #monkey Session End (11/24/02) *** > On Wed, 18 Dec 2002 21:28:04 -0500 > Log sounds like a spoofed crock of shit, but whatever.. umm, last time I heard Lance doesn't code, so that further confirms my 'crock of shit' theory. cheers, x _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
