Full-Disclosure Immunity Debugger Hoax?
Friday August 10, 2007 at 8:16 am CST
Posted by David Marcus
Oh the irony: Apparently someone has taken issue with some of the things I have said about the Immunity Debugger, available from Immunity and posted about an alleged backdoor within the program to the full-disclosure mailing list! Below is a copy of beginning of the post:
From: goudatr0n
Date: Thu, 9 Aug 2007 13:58:01 -0400 (EDT)
Infosec researchers with the Greater Alliance of PHP
Programmers, headed by goudatr0n and in cooperation
with David Marcus, have discovered a backdoor in the
new Immunity Debugger.
1. PRODUCTS AFFECTED
Immunity Debugger (Immunity Security,
http://www.immunitysec.com/products-immdbg.shtml), All
Versions
2. OVERVIEW
The Immunity Debugger contains a backdoor that emails
session history, running applications and other system
information (location, IP address, machine Owner Name)
to an email address at immunitysec.com
The original post with full text and comments can be read here. Needless to say, I am not involved in any way. Let me restate that I think this to be a very powerful tool that was written for all the right reasons. My objections to it are how it can be used by all the wrong people to write more zero-day exploits, quicker and more efficiently. That puts users at risk. I know this is not the intent of the tool or Immunity.
I gotta say tho that anyone who takes the time to go through this much trouble to goof on me, I got nothing but love for!
August 14th, 2007 at 10:26 am
what is now published as immunity debugger has been around for ages as ollydbg. nothing new, just a rebranded (final?) release.
August 18th, 2007 at 8:31 am
Sounds like someone hasn’t tried it. :>
If Immunity Debugger doesn’t cut matthew’s exploit development time in half, Immunity will give him his money back! :>