On 6 April 2012 22:05, Gerardo Iglesias Galvan <[email protected]> wrote: > The price really depends on the vendor, product and severity of the vuln, > but for pre-auth RCE on a product from a big vendor (let's say e.g. IBM) you > could get up to $1k.
I don't know much about prices but I would have thought a pre-auth RCE is worth a hell of a lot more than that. Robin > Cheers, > Gerardo Iglesias > > On Thu, Apr 5, 2012 at 5:01 PM, Robin Wood <[email protected]> wrote: >> >> I'm probably going to do the Corelan exploit development course at >> BruCon but I'm trying to work out the rough selling price for exploits >> to ZDI. I tried asking them on twitter but the best I got back was >> that they had paid $x over y years and told to do the maths. That >> doesn't really help so I was wondering if anyone here could give me a >> rough idea of prices. >> >> I'll be just starting out so probably finding small things in obscure >> apps to start with just to get used to doing things then start moving >> upwards if things work out. I've read all the information on the >> things that affect the price but I'd just like to get an idea of a >> base prices so I can then apply their conditions when I'm thinking of >> targets and what to look at. >> >> Robin >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
