Full Disclosure mailing list archives
Re: @(#)Mordred Security Notice - exporing the hacking websites
From: Sir Mordred <mordred () s-mail com>
Date: Tue, 06 May 2003 00:25:39 +0000
Hi,
While this is amusing, I'm hoping you tell them befor eyou post these?
Actually no. There are several reasons for this: 1) I failed to contact with some of them, so decided to share the common behavior for all of them (i.e. dont tell) 2) This is a REAL world examples - that means you can see that the are present, they should show the state of web app security ( you probably read enough pdf's on web app security, on sql injection ... etc... ) If it has been fixed, who can tell that i am telling the truth about the vulnerabilities? Again, reading this notice and the notices which will be released in the near future, you may think - damn, these guys gonna teaching me security? even teaching web application security? wait, what? they are releasing web app assesment tools and doing web app assesment for the money? ... Hmm, they should run these elite tools of their websites!
If you legally post this type of information knowing others will be abusing it you >might find
yourself in some legal
trouble down the road.
Well, i know that. But what is better? Let me freely to post such kind of information or see it on a full-disclosure from some unkown subscriber/haxor? Or don't know that someone already using these vulnerabilities for months and owning website? Also i hope that the community will not use this information for harm, only for fun maybe :-)... Best regards, // Sir Mordred ________________________________________________________________________ This letter has been delivered unencrypted. We'd like to remind you that the full protection of e-mail correspondence is provided by S-mail encryption mechanisms if only both, Sender and Recipient use S-mail. Register at S-mail.com: http://www.s-mail.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- @(#)Mordred Security Notice - exporing the hacking websites Sir Mordred (May 05)
- <Possible follow-ups>
- Re: @(#)Mordred Security Notice - exporing the hacking websites Sir Mordred (May 05)
- Re: @(#)Mordred Security Notice - exporing the hacking websites morning_wood (May 05)
- Re: @(#)Mordred Security Notice - exporing the hacking websites Shawn McMahon (May 06)
- Re: @(#)Mordred Security Notice - exporing the hacking websites morning_wood (May 06)
- Re[2]: @(#)Mordred Security Notice - exporing the hacking websites e-smile (May 06)
- Re: @(#)Mordred Security Notice - exporing the hacking websites morning_wood (May 05)
- RE: @(#)Mordred Security Notice - exporing the hacking websites Schmehl, Paul L (May 06)
- RE: @(#)Mordred Security Notice - exporing the hacking websites petard (May 07)
- RE: @(#)Mordred Security Notice - exporing the hacking websites Schmehl, Paul L (May 07)