hollerith

Untitled

May 21st, 2020
487
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. We are ready to acquire information about the unique 0day vulnerabilities and 0day exploits.
  2.  
  3. RULES OF REPRESENTATION
  4. We constantly buy 0day and Nday vulnerabilities and exploits. We do not pay for hypothetical vulnerabilities.
  5. Please provide a brief technical description of the vulnerabilities and exploits on our form to our
  6. e-mail: vulnsisrock@tuta.io
  7. Your vulnerability will be analyzed and evaluated by us within 48 hours. Remuneration can be paid in cash,
  8. bank transfers or anonymous transfers using crypto conversions. We are considering an additional premium
  9. for exclusive conditions for us in the form of additional quarterly payments to researchers before disclosure
  10. of the vulnerability.
  11. Prices 0days can be higher than indicated in the table all depends on the quality of the exploits, we are
  12. ready to negotiate the price on a bilateral basis.
  13.  
  14. We also provide the service ESCROW service when both parties can not agree and do not trust each other.
  15. Agents and brokers are welcome, we pay high commissions for help in acquiring 0day vulnerabilities.
  16. We reserve the right to refuse to purchase your materials.
  17.  
  18. PURCHASE TERMS
  19. 1. You discover a vulnerability and create a functional prototype of exploits (PoC)
  20. 2. You write a short technical description of the vulnerability found and send it to us.
  21. 3. Within 48 hours we will answer you in writing our interest and prevernuyu cost we are willing to pay you.
  22. 4. If you agree, you provide us with full technical information, including a functional prototype.
  23. 5. We check the exploit you provided and pay you a reward according to the method you selected within 24 hours.
  24.  
  25. If you have any counter proposals regarding the acquisition process, you can always contact us. We can organize
  26. a personal meeting with you in practical any country in the world to personally discuss all the issues personally.
  27.  
  28. PRICE TABLE
  29.  
  30. +------------------------------------------+ +-------------------------+
  31. | INTEGRATED CIRCUITS | | SCADA PLC |
  32. |------------------------------------------| |-------------------------|
  33. |Smart Cards | $100,000+ | | Siemens | $30,000+ |
  34. |Cellular SoC (MTK, Qualcomm) | $50,000+ | | Honeywell | $20,000+ |
  35. |CPLD/FPGA | $50,000+ | | Mitsubishi | $15,000+ |
  36. |Microcontrollers | $30,000+ | | Omron | $10,000+ |
  37. +------------------------------------------+ | ABB | $10,000+ |
  38. | Schneider | $10,000+ |
  39. | Other | $5,000+ |
  40. +---------------------+ +-------------------------+
  41. | ATM |
  42. |---------------------| +------------------------------------------------------+
  43. | Wincor | $25,000+ | | NETWORK DEVICES |
  44. | NCR | $25,000+ | |------------------------------------------------------|
  45. | Diebold | $15,000+ | | Juniper | $50,000+ |
  46. | Other | $15,000+ | | Cisco | $50,000+ |
  47. +---------------------+ | Sonicwall | $50,000+ |
  48. | F5 | $50,000+ |
  49. +---------------------------+ | SIP Avaya, Asterisk, Polycom and others | $50,000+ |
  50. | SMART TV | | Riverbed | $50,000+ |
  51. |---------------------------| | HP | $10,000+ |
  52. | Samsung | $10,000+ | | Huawei | $10,000+ |
  53. | Sony | $10,000+ | | Asus | $5,000+ |
  54. | Panasonic | $10,000+ | | ZyXEL | $5,000+ |
  55. | LG | $5,000+ | | Netgear | $5,000+ |
  56. | Home Appliance | $5,000+ | | D-Link | $5,000+ |
  57. +---------------------------+ | Other | $1,000+ |
  58. +------------------------------------------------------+
  59.  
  60. +-------------------------------------+ +---------------------------------+
  61. | IPMI | | GAMING CONSOLES |
  62. |-------------------------------------| |---------------------------------|
  63. | Sun SSP | $100,000+ | | Xbox ONE X (RCE) | $75,000+ |
  64. | Dell DRAC | $100,000+ | | Playstation 4 (RCE) | $75,000+ |
  65. | HP iLO | $100,000+ | | Nintendo (RCE) | $50,000+ |
  66. | Supermicro IPMI | $100,000+ | +---------------------------------+
  67. | Cisco CIMC | $50,000+ |
  68. | VNC, Teamviewer, Radmin | $50,000+ |
  69. | Other | $20,000+ |
  70. +-------------------------------------+
  71. +---------------------------+
  72. | PERIPHERAL DEVICES |
  73. +---------------------------------------------------+ |---------------------------|
  74. | MOBILE DEVICES | | Scanners (RCE | $30,000+ |
  75. |---------------------------------------------------+ | Printers (RCE) | $30,000+ |
  76. | Apple iOS (LCE,RJB) | $2,500,000+ | | CCTV (RCE) | $10,000+ |
  77. | Android (RJB) | $2,500,000+ | +---------------------------+
  78. | SMS/MMS (RCE+LPE) (Any Mobile OS) | $2,500,000+ |
  79. | WiFi (RCE+LPE) (Any Mobile OS) | $100,000+ |
  80. | Bluetooth (RCE+LPE) (Any Mobile OS) | $50,000+ |
  81. | Sandbox Escape (Any Mobile OS) | $30,000+ |
  82. | WatchOS (LCE,RJB) | $100,000+ |
  83. +---------------------------------------------------+
  84.  
  85. +-----------------------------------------+ +------------------------------------+
  86. | OPERATING SYSTEMS | | DATABASE SOFTWARE |
  87. |-----------------------------------------| |------------------------------------|
  88. | Windows Server (RCE, SE) | $500,000+ | | MS SQL Server (RCE) | $200,000+ |
  89. | Windows 7/8.1/10 (LPE, SE) | $150,000+ | | Oracale Database (RCE) | $200,000+ |
  90. | MacOS (LPE, SE) | $50,000+ | | MongoDB (RCE) | $150,000+ |
  91. | Linux Desktop/Server (LPE) | $50,000+ | | MySQL (RCE) | $150,000+ |
  92. | Virtual Machine Escape | $150,000+ | | MS Access (RCE) | $20,000+ |
  93. +-----------------------------------------+ +------------------------------------+
  94.  
  95. +-------------------------------------------------+
  96. | PRODUCTIVITY APPS | +----------------------------------------+
  97. |-------------------------------------------------+ | MESSENGERS |
  98. | MS Office Word, Excel, PP (RCE) | $250,000+ | +----------------------------------------|
  99. | Adobe PDF Reader all (RCE, SE) | $250,000+ | | Telegram (RCE) | $1,000,000+ |
  100. | Adobe Flash Player (RCE, SE) | $150,000+ | | WhatsApp (RCE) | $1,000,000+ |
  101. | Microsoft Silverlight(RCE, SE) | $100,000+ | | Facebook Messenger (RCE) | $250,000+ |
  102. | Antivirus (RCE, LPE) | $30,000+ | | WeChat (RCE) | $250,000+ |
  103. +-------------------------------------------------+ | Viber (RCE) | $150,000+ |
  104. | Imo (RCE) | $150,000+ |
  105. | Line (RCE) | $150,000+ |
  106. +----------------------------------------+
  107.  
  108. +---------------------------------------+ +--------------------------------------------+
  109. | WEB SERVERS | | WEB BROWSERS |
  110. |---------------------------------------| |--------------------------------------------|
  111. | Microsoft IIS (RCE) | $250,000+ | | Google Chrome all OS (RCE, SE) | $300,000+ |
  112. | MS Exchange Server (RCE) | $300,000+ | | Microsoft Edge (RCE, SE) | $300,000+ |
  113. | Nginx (RCE) | $300,000+ | | TOR Browser (RCE, SE) | $300,000+ |
  114. | Appache Server (RCE) | $300,000+ | | Apple Safari OS X (RCE, SE) | $250,000+ |
  115. | Open SSL (RCE) | $250,000+ | | Mozilla Firefox (RCE, SE) | $150,000+ |
  116. | Lotus Domino (RCE) | $100,000+ | +--------------------------------------------+
  117. | JBoss (RCE) | $100,000+ |
  118. | Appache Tomcat (RCE) | $50,000+ |
  119. +---------------------------------------+
  120. +----------------------------------+
  121. +----------------------------------------------+ | BUGTRACKERS |
  122. | EMC | |----------------------------------|
  123. |----------------------------------------------| | Redmine | $30,000+ |
  124. | Microsoft SharePoint | $250,000+ | | Atlassian JIRA | $30,000+ |
  125. | IBM Fil-eNet | $150,000+ | | Bugzilla | $10,000+ |
  126. | Oracle WebCenter | $150,000+ | | Jenkins | $10,000+ |
  127. | OpenText Content Suite Platform | $50,000+ | | Atlassian Confluence | $10,000+ |
  128. +----------------------------------------------+ +----------------------------------+
  129.  
  130. +----------------------------+ +-----------------------------+
  131. | FTP | | CMS |
  132. |----------------------------| |-----------------------------|
  133. | Filezilla (RCE) | $30,000+ | | Wordpress (RCE) | $100,000+ |
  134. | Titan (RCE) | $20,000+ | | 1C Bitrix (RCE) | $100,000+ |
  135. | Serv-U (RCE) | $20,000+ | | Joomla (RCE) | $80,000+ |
  136. | net2ftp (RCE) | $20,000+ | | Wix (RCE) | $25,000+ |
  137. +----------------------------+ | Drupal (RCE) | $25,000+ |
  138. +-----------------------------+
  139.  
  140. +--------------------------------------+
  141. | FORUMS |
  142. |--------------------------------------| +----------------------------------------------+
  143. | IP.Board (RCE) | $50,000+ | | PLM and EPR |
  144. | VBulletin (RCE) | $50,000+ | |----------------------------------------------|
  145. | Lithium communities (RCE) | $50,000+ | | SAP | $100,000+ |
  146. | Mybb (RCE) | $25,000+ | | Siemens Teamcenter | $100,000+ |
  147. | PHPbb (RCE) | $25,000+ | | Oracle ERP | $100,000+ |
  148. | IP.Suite (RCE) | $25,000+ | | Oracle Agile PLM | $100,000+ |
  149. | XenForo | $20,000+ | | SPTC Windchill PLM | $50,000+ |
  150. | Woltlab BB (RCE) | $20,000+ | | MentorGraphics HyperLynx SI PLM | $50,000+ |
  151. +--------------------------------------+ | Enovia PLM | $30,000+ |
  152. +----------------------------------------------+
  153.  
  154. +------------------------------------------+
  155. | MAIL SERVERS | +-------------------------------+
  156. |------------------------------------------| | HOSTING PANELS |
  157. | Microsoft Outlook OWA (RCE) | $200,000+ | |-------------------------------|
  158. | Sendmail (RCE) | $120,000+ | | cPanel (RCE) | $75,000+ |
  159. | IBM Lotus Domino (RCE) | $100,000+ | | Plesk (RCE) | $75,000+ |
  160. | Horde (RCE) | $50,000+ | | Direct Admin (RCE) | $25,000+ |
  161. | Roundcube (RCE) | $50,000+ | | Other (RCE) | $10,000+ |
  162. | Squirellmail (RCE) | $50,000+ | +-------------------------------+
  163. | Other mail servers (RCE) | $25,000+ |
  164. +------------------------------------------+
  165.  
  166. LPE - Local Privilege Escalation
  167. RCE - Remote Code Execution
  168. SE - Sandbox Escape
  169. RJB - Remote Jailbreak
  170. LCE - Local Code Execution (physical access to device)
  171.  
  172. In addition to vulnerabilities, we are interested in obtaining various research results, such as:
  173. - Deanonimization of TOR network resources
  174. - Bypassing ASLR, DEP, UAC and other security mechanisms
  175. - Attack vectors for remote code execution on devices via GSM, Bluetooth and WiFi
  176. - Vulnerabilities on mobile chipsets
  177. - Innovative detour of antiviruses
  178. - Other research results and technical information.
  179.  
  180.  
  181.  
  182. EXPLOIT TECHNICAL INFORMATION
  183. All questions should have the most detailed answers from this depends on
  184. what price we will offer you for your 0day exploit.
  185. 1. Item name : _____________________________________________________________________
  186. 2. Asking Price and availability of exclusive acquisition : ________________________
  187. 3. Affected OS: ________________________
  188. 4. Vulnerable Target application versions and reliability. If 32 bit only, is 64 bit vulnerable?
  189. List complete point release range. ________________________________________________
  190. 5. Tested, functional against target application versions, list complete point release range.
  191. Explain ________________________________________________
  192. 6. Does this exploit affect the current target version?
  193. [ ] Yes
  194. [ ] No
  195. 7. Privilege Level Gained
  196. [ ] As logged in user (Select Integrity level below for Windows)
  197. [ ] Web Browser's default (IE - Low, Others - Med)
  198. [ ] Low
  199. [ ] Medium
  200. [ ] High
  201. [ ] Root, Admin or System
  202. [ ] Ring 0/Kernel
  203. [ ] Other
  204. 8. Minimum Privilege Level Required For Successful PE
  205. [ ] As logged in user (Select Integrity level below for Windows)
  206. [ ] Low
  207. [ ] Medium
  208. [ ] High
  209. [ ] N/A
  210. [ ] Other ________________________
  211. 9. Exploit Type (select all that apply)
  212. [ ] Remote code execution
  213. [ ] Privilege escalation
  214. [ ] Font based
  215. [ ] Sandbox escape
  216. [ ] Information disclosure (peek)
  217. [ ] Code signing bypass
  218. [ ] Persistency
  219. [ ] Other ________________________
  220. 10. Delivery Method
  221. [ ] Via web page
  222. [ ] Via file
  223. [ ] Via network protocol
  224. [ ] Local privilege escalation
  225. [ ] Other (please specify) ________________________
  226. 11. Bug Class
  227. [ ] memory corruption
  228. [ ] design/logic flaw (auth-bypass / update issues)
  229. [ ] input validation flaw (XSS/XSRF/SQLi/command injection, etc.)
  230. [ ] misconfiguration
  231. [ ] information disclosure
  232. [ ] cryptographic bug
  233. [ ] denial of service
  234. 12. Number of bugs exploited in the item: ________________________
  235. 13. Exploitation Parameters
  236. [ ] Bypasses ASLR
  237. [ ] Bypasses DEP / W ^ X
  238. [ ] Bypasses Application Sandbox
  239. [ ] Bypasses SMEP/PXN
  240. [ ] Bypasses EMET Version 5.52±
  241. [ ] Bypasses CFG (Win 8.1)
  242. [ ] N/A
  243. 14. Is ROP employed?
  244. [ ] No
  245. [ ] Yes (but without fixed addresses)
  246. - Number of chains included?
  247. ________________________
  248. - Is the ROP set complete?
  249. ________________________
  250. - What module does ROP occur from?
  251. ________________________
  252. 15. Does this item alert the target user?
  253. Explain ______________________________________________
  254. 16. How long does exploitation take, in seconds?
  255. 17. Does this item require any specific user interactions?
  256. 18. Any associated caveats or environmental factors? For example - does the exploit determine
  257. remote OS/App versioning,and is that required? Any browser injection method requirements?
  258. For files, what is the access mode required for success?
  259. 19. Does it require additional work to be compatible with arbitrary payloads?
  260. [ ] Yes
  261. [ ] No
  262. 20. Is this a finished item you have in your possession that is ready for delivery immediately?
  263. [ ] Yes
  264. [ ] No
  265. [ ] 1-5 days
  266. [ ] 6-10 days
  267. [ ] More: _______________________________
  268. 21. Impact on framework (crashes, etc.) ____________________________________________________
  269. 22. Success rate (or number of necessary attempts) _________________________________________
  270. 23. Does this item support continuation of execution?
  271. 24. Description. Detail a list of deliverables including documentation.
  272. 25. Testing Instructions : _________________________________________________________________
  273. 26. Comments and other notes; unusual artifacts, other limitations, mitigations or other
  274. pieces of information : ________________________________________________________________
Add Comment
Please, Sign In to add comment