In the debate about publishing n-day PoCs, I’m not reading anyone debating what the value of n should be for fully working PoCs. I’ve personally published vuln details when patch was released, techniques in abstract, but waited over a year for working exploits. Seemed best to me.
-
-
To be clear, the point I'm making is that nday is small potatoes for opportunistic attacks, so actions that hugely benefit other important areas at the cost of barely moving the needle for this area seems rational.
-
I mean, there are tons of relative comparisons in there to unpack. How beneficial is it for metasploit to have a reliable BlueKeep exploit soon after patch release? That's another twitter thread. FWIW, I love reading p0 blog posts on the techniques more than reading the PoC code.
- 4 more replies
New conversation -
-
-
In a surprise to no one who has ever worked with me, I have a little/lot OCD :). I can absolutely agree that malware is more prevalent than exploitation, but I can't get myself to put a number to it.
-
I see, understood. See other reply, I clarified why it matters.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
