Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities

From: "T Biehn" <tbiehn@xxxxxxxxx>
Date: Sat, 26 Jan 2008 20:09:55 -0500

Do you accept Western - Union 409 payments to your priest friend in nigeria?
On a more serious note, how do you reach a contractual agreement with
the purchaser before the transfer of money and code? Do you verify
identities or is this more of a sort of e-drug dealing type of thing?
How is the purchaser assured of receipt of exploit details, what sort
of buyer assurances do you provide?

Let us know on-list, perhaps we can stimulate a conversation about
appropriate methods for independent exploit brokerage!

Sincerely,

Travis
On Jan 26, 2008 6:58 PM, Gerrit-Jan Nieuwegein <gj.nieuw@xxxxxxxxx> wrote:

Hi All,

My name is Gerrit-Jan. I'm posting this message because I'm security
engineer which codes some "exploits" about 0-days vulnerabilities. Through
this mailing-list, I'm selling these codes. For the moment, I have
interesting exploits for Windows, UNIX and Linux.
Feel free to contact me by e-mail (only if you are interested).

Have nice day,

Cheers,

G.J.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities
  - From: Shyaam

References:
- [Full-disclosure] Selling codes exploiting 0-days vulnerabilities
  - From: Gerrit-Jan Nieuwegein

Prev by Date: [Full-disclosure] phpIP 4.3.2 - Numerous SQL Injection Vulnerablities
Next by Date: [Full-disclosure] Move Networks Upgrade Manager QMPUpgrade.dll Buffer Overflow
Previous by thread: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities
Next by thread: Re: [Full-disclosure] Selling codes exploiting 0-days vulnerabilities
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] [funsec] in Memory of Dude VanWinkle / Justin Plazzo
... Fun and Misc security discussion for OT posts. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] Pangolin v1.2.590 - The best SQLinjector youve ever seen
... > Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Full-Disclosure - We believe in it. ... Hosted and sponsored by Secunia - http://secunia.com/ ... Realex Payments, London, www.realexpayments.co.uk ...
(Full-Disclosure)
Re: [Full-disclosure] Remote hole in OpenBSD 4.1
... DeRaadt's claim that Intel must "be come more ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] Undisclosed breach at major US facility
... This made it impossible for me to get timely legal help. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] CyTRAP Labs - Urs+Nahums Security Checklist
... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)