PDA

View Full Version : Finding Exploits



Moonbat
11-04-2007, 11:33 AM
Okay, well, my Fight Disney idea isn't really working out, but I'm still trying to spread it around. So, I was thinking about something else, something that'll actually have some impact.

Maybe we ('we' meaning active members) can get together and do some exploit hunting on CMSes via SourceForge. We just download some, FTP to a random free host, and search the code for vulnerablilties (SQL injection, LFI, RFI). We can then submit any finds to milw0rm. It's a good way to get ourselves 'on the map' so to speak in the computer security world. Even if we don't become well known exploit-finders like GoLd_M or rgod, it'll still be a nice addiition to our e-resumes. Also, we can use the exploits we submit to advertise anything, like a site.

I dunno, I just thought it'd be fun. So, anybody wanna join me? It'll be mighty lonely and boring to do this by myself.:o

Troll
11-04-2007, 01:07 PM
I'm interested if:


the other active members are interested, and
i have the time

Moonbat
11-04-2007, 02:15 PM
It's something for fun really, any time you have free time. I hope we can get more people interested.

Ezekiel
11-04-2007, 06:28 PM
I'd be willing to join you, but the reason the Fight Disney idea hasn't got far yet is probably because I've neglected it for a while and things kind of stalled. This is due to immense workload (freelancing and homework), going out, being lazy, and having too much stuff to do right now.

I'm working on life-stuff right now (and this'll only get worse in the week), but I'll try to get off my arse and complete the freelance work I'm supposed to be working on, complete the numerous homeworks I owe teachers, get a stable job, and end my addiction.

Once this is complete, I can go back to constructive stuff like hacking the internet.

My attendance of this forum and other e-things will be patchy (at best) at times, just so you know.

Moonbat
11-04-2007, 06:55 PM
Real life > e-life

So go ahead, do whatcha gotta. :D

@ Troll - Do you have MSN Messenger?

Ezekiel
11-06-2007, 06:19 PM
Well, I got a job and am still at school due to occasionally handing in crappy last-minute assignments.

One freelance project and about * unofficial e-jobs are still waiting to be completed. Meh; they can wait.

In the mean time, we all need to arrange an MSN-meet to discuss this idea further.

Moonbat
11-06-2007, 07:36 PM
If you keep holding off your freelance projects, you'll probably get bad ratings and reviews from the people. But hey, it's your life. :D

People interested so far...
Mike*5*
Moonbat
Troll

Ah yes, the NetTools Trio. I was hoping Daniel and/or SyntaX would be interested as well. :(

Just for anyone who doesn't know, this is open to anyone with knowledge of what exploits are, how finding them works, what RFI and SQL injection is, with a basic knowledge of PHP, and with a somewhat advanced knowledge of computers in general. That looks like alot, but it's actually very little. So if your interested sign up.

Oh, P.S., having MSN Messenger is a must, because it's a central method of communication.

Ezekiel
11-06-2007, 08:18 PM
If you keep holding off your freelance projects, you'll probably get bad ratings and reviews from the people. But hey, it's your life. :D

Nah, want to know the key to successful freelancing?

Perfect your techno-bullshitting technique.

If you're lagging behind a little on a project, take a couple screenshots of a small part of the project (the bit you've done) and explain everything in detail, and your plans for the whole thing (commenting that you've done a lot more than indicated by the image).

This way, they think you've completed more than you actually have, and have been brainwashed (and bored) by techno-speak. Thus, they think you're a genius who's working 24/7 on their project to make it perfect, rather than wasting time on a forum at *:**AM when having a full day of stuff to do tomorrow. [Yes, that's me.]

It helps to also know what you're doing as well.



People interested so far...
Mike*5*
Moonbat
Troll

Ah yes, the NetTools Trio. I was hoping Daniel and/or SyntaX would be interested as well. :(

Didn't Daniel say he was interested? I seem to remember him saying he was...

Actually, you might want to PM those guys you mentioned in case they didn't catch this thread.


Oh, P.S., having MSN Messenger is a must, because it's a central method of communication.

This time, maybe we'll have something to accomplish rather than trying to start group-convos with Saudis out of immense boredom and talking about... Stuff you talk about when you're immensely bored.

Moonbat
11-06-2007, 08:36 PM
Yeah... um... never discussing that again, at least not in the near future...

BTW, if you're reading this, get on "t*h em-es-en"

P.S - Troll you nofclbri, open up your PMs again so I can send some stuff to you.

Ezekiel
11-07-2007, 01:10 PM
BTW, if you're reading this, get on "t*h em-es-en"

Unfortunately, GAIM/Pidgin is currently failing at MSN connections (giving a shitty ambiguous error message), so I'll be offline until this is fixed.

Ezekiel
11-07-2007, 05:41 PM
Problem resolved; I don't know how or why. It's time to get on MSN, mofos.

School doesn't start for me tomorrow until about **:*0AM tomorrow, so I can stay up as long as my brain can handle. I'm going to beat the timezone difference today/tomorrow!