What is Digg?43 Comments
- inactive, on 10/12/2007, -2/+35buried so teh 133t hax0rz dun clog my tubes
- tacojohn48, on 10/12/2007, -9/+35Great lets tell all the new script kiddies where to find 1337 toyz.
- bittie, on 10/12/2007, -4/+21i'm in ur internets stealin ur tubes
- sirloin, on 10/12/2007, -0/+13digg me down but i suppose they are more likely talking metasploit
http://www.metasploit.org/projects/Framework/exploits.html
and no i dont have a problem linking it as most likely you still wont have a clue on how to use it and if you did, you probably could find it anyway. - steven401, on 10/12/2007, -0/+11You need to be a member of the 1337 Underground Forum community to get it? o_O
- davidsmero, on 10/12/2007, -4/+14133t hax0rz stealing my megahurtz
- cyberwiz01, on 10/12/2007, -1/+10Funny a google search for "Q406 Roll Up" yields no results at the moment. This sounds made up.
- richstyles, on 10/12/2007, -1/+10If it gets on Digg, the number will be more like 90%
- itzfritz, on 10/12/2007, -1/+9and now, 3 hours later, 144
- onwardknave, on 10/12/2007, -0/+6@tacojohn48: Security-through-obscurity is worthless. You sound like you're implying otherwise... care to rethink that?
- sirloin, on 10/12/2007, -1/+6I say BS.. the only meantion of this package anywhere is this article
I scan the secuirty sites daily(both good and evil).. and have never seen this
a bud of mine does pen testing and he has never heard of this crap. - j37hr0, on 10/12/2007, -0/+3It's a copy of a press release. Spam. See the last paragraph. Exploit Prevention Labs launched a line of exploit detection tools -- LinkScanner Lite and LinkScanner Pro -- in November. The former is free, while the latter is priced at $19.99 for a one-year subscription.
- riah, on 10/12/2007, -0/+4You whore!
- mancat, on 10/12/2007, -0/+3Are you serious? Did you just time-warp out of the kiddie scene circa 1998?
- neuroticus, on 10/12/2007, -1/+4"Great lets tell all the new script kiddies where to find 1337 toyz."
Oh Oh, even better, let's keep simple hack scripts a secret so they aren't fixed quickly! I'm not a "script kiddie", and I don't have the knowledge or desire to do any hacking, but I am _glad_ some people do. Holes only get fixed when people exploit them. I'd rather have a clueless teen poking around just to upload 'goatse', then have a professional thief doing real damage. - sirloin, on 10/12/2007, -0/+3In other news showing the viral nature of the net
1 news story accounts for 100% of the links on all search engines about a so called exploit package called q406
amazing how many sites picked up the story - ViceVirtue, on 10/12/2007, -0/+2It's not unlikely that this is true, it does, however sound like metasploit as someone already pointed out.
Otherwise, I wonder how they gathered this statistic. Even if this pack exists, who's to say that it's not just a bundle of pre-existing exploits? - worthawholebean, on 10/12/2007, -0/+2Q406 Roll-up is just a name for a package of fourth quarter 2006 exploits. Read the name.
- rauz, on 10/12/2007, -1/+3I hear ya. Calling something a dupe is one thing but that's too obvious, even has the same title.
- lithiumsystems, on 10/12/2007, -0/+2Like several people said, they're probably talking about The Metasploit Project. I would like to see where they got their numbers to come up with this statistic, probably their ass.
- jpma, on 10/12/2007, -0/+2is it me or are they just trying to sell something??
i am yet to hear of a serious attack that could be fenced with a 19.99 app... (no, open source not included) - rdivilbiss, on 10/12/2007, -0/+1Full Disclosure is the only responsible action. http://www.schneier.com/blog/archives/2007/01/debating_full_d.html
- cheekybastard, on 10/12/2007, -0/+1WTF is a "Q406 Roll-up"? The only references to it are from the press release/white paper quoted in Information Week, which are all dated Jan. 23. IW was gamed by Exploit Prevention Labs' marketing department. Sales inquiries from PHBs must be going through the roof.
Q406 Roll-up - that must be leet speak for: fourth quarter 2006 sales are down and Idon'*****
FUD - Sirusdv, on 10/12/2007, -1/+2Never heard of this, and I get around, I call BS on this.
- ringo380, on 10/12/2007, -0/+1You're naive if you think this story won't whet the appetite of a couple thousand (at least) wanna-be hackers who probably weren't even aware that hacking "kits" existed.
- Duston, on 10/12/2007, -0/+1Sounds like a web server side attack kit. Let's you hijack computers as user view your popup/porn/warze site. I haven't seen this one though
- Qazzian, on 10/12/2007, -0/+1It's more useful for us security concious people.
Try running the hacks on your own dev systems before going live. See if you can fix the holes before someone else finds them. - wonkavsn, on 10/12/2007, -1/+2Netbus?
- TheOv3rminD, on 10/12/2007, -0/+1help i cant send teh internets!
- wonkavsn, on 10/12/2007, -0/+1Shut up or I'll open your cd drive.. but first.. I would like to send you this executable picture of myself...im a gurl
- iBoxSecurity, on 10/12/2007, -0/+1Metasploit is good for a) scriptkiddies b) hackers board on a sunday afternoon and dont wanna do much work and c) when i want to gain acess to random computers on the college network when i only have a couple of minutes haha
But yeah seriously the stats from the article dont sound very good!
----------------------------------------------------------------------------------------------------
http://ibox-security.net/blog
http://seanprice.net/blog - unlimitedorb, on 10/12/2007, -0/+1If they are referring to Metasploit then it's highly likely...otherwise, NO.
- sirloin, on 10/12/2007, -1/+1http://www.explabs.com/ss/threatCenter.asp
these are the peopel claiming this
funning it isnt on any other security site on the net. - spillevink, on 10/12/2007, -0/+0Is it just me that finds it fishy that they can't really say what's in the package?
"Oh, it's heavily encrypted.. but we're pretty sure it's *this* in it."
And isn't there any chance the exploits contained in this "package" where released on their own, which means that the exploits themselves would account for 71%.. and not the package. - MrMacMan, on 10/12/2007, -1/+1Yes because your really in danger when the story gets posted... Not when people were actually hacking tons of computers over December with this kit.
You are always in danger from hackers, not just when people post a story about them. - inactive, on 10/12/2007, -1/+1It *is* made up. Every security company comes up with its own names. Never noticed that, say, Symantec will give a different name to a virus than another company does? Same with companies when they name these.
"Q406 Roll-up" is this company's name for the hacking kit in question. It is very unlikely that it would be the name that the hacking kit is known by to those who use it. Searching for the kit by their name is pointless. - steven401, on 10/12/2007, -5/+4It's all about the title, that title didn't have a % sign in, this one does.
- St0rmz, on 10/12/2007, -2/+0google intentionally blocked it check yahoo it shows a bunch of articles on the news about it
@sirloin they have tutorials just search.... im sure that still wont help most of u - Namco, on 10/12/2007, -3/+1bury
- miguel077, on 10/12/2007, -3/+1Wanabees.
- ringo380, on 10/12/2007, -7/+2I buried it, because I really don't want this getting any more attention that it already has, and the people that have the ability to do anything about it most definitely already know all about it.
- scooterbaga, on 10/12/2007, -13/+4Where can I get it. It needs to work on a mac.
/jk - Kev585, on 10/12/2007, -18/+7http://www.digg.com/security/One_Hacker_Kit_Accounts_For_71_Of_Attacks
© Digg Inc. 2009
— Content created and posted by Digg users is