tag:blogger.com,1999:blog-8539880144347728238.post1721087994989737743..comments2024-01-24T04:15:08.086-05:00Comments on Carnal0wnage Blog: My Personal War Against Overuse of Memory Corruption BugsUnknownnoreply@blogger.comBlogger6125tag:blogger.com,1999:blog-8539880144347728238.post-11387195774721635462011-09-26T17:10:41.423-04:002011-09-26T17:10:41.423-04:00Scarlet, yeh somewhat :)
Theta, we usually have a...Scarlet, yeh somewhat :)<br /><br />Theta, we usually have already done a remote intrusion test and successfully proved we can breach their perimeter. Never failed at that so far, assuming proper scoping.valsmithhttps://www.blogger.com/profile/08392905099646494750noreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-28502112399350227592011-09-25T19:48:07.238-04:002011-09-25T19:48:07.238-04:00Great post. The reply I usually see to demonstrat...Great post. The reply I usually see to demonstrating such exploits is either, "yeah, but only you would do that", or, "it's internal network only, so it's ok". Have you gotten responses like this, and if so, what do you do about it?thetanoreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-19291685140628180282011-09-24T15:59:05.273-04:002011-09-24T15:59:05.273-04:00Did this post come up after our entertaining chat?...Did this post come up after our entertaining chat? :))Scarlet Pimpernelhttps://www.blogger.com/profile/03456568444522595359noreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-6797817060457350672011-09-23T09:12:06.965-04:002011-09-23T09:12:06.965-04:00I used a similar approach for all my zdi bugs. To ...I used a similar approach for all my zdi bugs. To date i've only sold a few memory based bugs, most are all logic.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-62178243621469089712011-09-23T00:43:58.173-04:002011-09-23T00:43:58.173-04:00What's interesting about the stack overflow bu...What's interesting about the stack overflow business is that is appears to be a good way to keep making money. It's got a "business model"Jesse Krembshttps://www.blogger.com/profile/11815190634358984340noreply@blogger.comtag:blogger.com,1999:blog-8539880144347728238.post-70210902938685329902011-09-22T21:07:27.857-04:002011-09-22T21:07:27.857-04:00Very interesting point of view about the state of ...Very interesting point of view about the state of the security, I share the same.pentesthttp://www.indahax.comnoreply@blogger.com