On 10/12/07, Roman Medina-Heigl Hernandez wrote: > Andy Davis escribió: > > Personally I think these techniques are pretty cool we're really pleased > > with the results of the research - I think it may be clearer to everyone > > when we release the higher resolution videos that are easier to watch. > > I think it may be clearer to everyone if you release some kind of paper > describing (and including) the shellcodes. Also a fully commented > lpd-cisco-remote-shell exploit would help since it would *demonstrate* the > whole exploitation process :-) No offense, videos are nice but at last they > are pure marketing, they *demonstrate* nothing. Perhaps better would be a working exploit based on a vulnerability at least a couple of years old, so as to minimize the chance of someone actually getting hurt by it, while still disclosing the important information.
