[Full-disclosure] i've found an exploit, but i want to make it do something before i report it
evilrabbi
evilrabbi at gmail.com
Sun Jul 9 03:32:53 BST 2006
Here are some pretty generic things.. Bind shell, connect back shell. have
it download a file an execute it. Those are just a few ideas...
On 7/7/06, ima cow <i-am-cow at rogers.com> wrote:
>
> i understand that this is "full disclosure", but before i actually spill
> the beans on the exact nature of the exploit i've found, i'd like to make it
> actually do something.
> for now, know that it affects a popular plugin for a popular messaging
> program.
> i'm at the stage where i can run any command on the remote user's computer
> (just like start > run...), or have them request remote assistance.
> other than showing them goatse, what can i do with this?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
--
-- h0 h0 h0 --
www.nopsled.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060708/b91b8770/attachment.html
Full-Disclosure is hosted and sponsored by Secunia.