Re: Cisco PSIRT response on IRM Demonstrates Multiple Cisco IOS
On 10/12/07, Roman Medina-Heigl Hernandez wrote:
> Andy Davis escribi=F3:
> > Personally I think these techniques are pretty cool we're really please=
d
> > with the results of the research - I think it may be clearer to everyon=
e
> > when we release the higher resolution videos that are easier to watch.
>
> I think it may be clearer to everyone if you release some kind of paper
> describing (and including) the shellcodes. Also a fully commented
> lpd-cisco-remote-shell exploit would help since it would *demonstrate* th=
e
> whole exploitation process :-) No offense, videos are nice but at last th=
ey
> are pure marketing, they *demonstrate* nothing.
Perhaps better would be a working exploit based on a vulnerability at
least a couple of years old, so as to minimize the chance of someone
actually getting hurt by it, while still disclosing the important
information.
討論串 (同標題文章)
完整討論串 (本文為第 6 之 6 篇):