[Full-Disclosure] Remote Mercury32 Imap exploit
barabas mutsonline
barbsie at gmail.com
Wed Dec 1 12:40:24 GMT 2004
JohnH,
Your l33t skillz amaze us. It's very smart of you to post a working
exploit here. More of your customers will require your help and
scriptkiddies will generate revenue for (blackhat) companies like
yours.
In fact you are right, it's very easy to find vulnerabilities...the
really hard part is to write shellcode. DAmn, I've been looking all
over the net to find some small universal portbinding shellcode, but
I'm just not smart enough.
I guess you need NSA skillz for that .
Thanks, now I can rip your shellcode and replace all those lame
calc.exe shellcodes ;-)
RESPTEC!
Barabas
-----Original Message-----
From: full-disclosure-admin at lists.netsys.com
[mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of JohnH
Sent: Tuesday, November 30, 2004 7:38 AM
To: full-disclosure at lists.netsys.com
Cc: bugtraq at securityfocus.com
Subject: [Full-Disclosure] Remote Mercury32 Imap exploit
Here you go guys. A fully working Remote Mercury32 Imap exploit. This will
work on any windows OS. 100% universal.
Only reason I am posting this is because im sick of seeing non working
exploits released and WHITEHAT.CO.IL likes to do this.
Cheers,
Johnh at secnetops.com
VIST: www.secnetops.com
<Super l33t sploit h3r3>
Full-Disclosure is hosted and sponsored by Secunia.