hollerith

Untitled

May 21st, 2020
505
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. We are ready to acquire information about the unique 0day vulnerabilities and 0day exploits.
  2.  
  3. RULES OF REPRESENTATION
  4. We constantly buy 0day and Nday vulnerabilities and exploits. We do not pay for hypothetical vulnerabilities.
  5. Please provide a brief technical description of the vulnerabilities and exploits on our form to our
  6. Your vulnerability will be analyzed and evaluated by us within 48 hours. Remuneration can be paid in cash,
  7. bank transfers or anonymous transfers using crypto conversions. We are considering an additional premium
  8. for exclusive conditions for us in the form of additional quarterly payments to researchers before disclosure
  9. of the vulnerability.
  10. Prices 0days can be higher than indicated in the table all depends on the quality of the exploits, we are
  11. ready to negotiate the price on a bilateral basis.
  12.  
  13. We also provide the service ESCROW service when both parties can not agree and do not trust each other.
  14. Agents and brokers are welcome, we pay high commissions for help in acquiring 0day vulnerabilities.
  15. We reserve the right to refuse to purchase your materials.
  16.  
  17. PURCHASE TERMS
  18. 1. You discover a vulnerability and create a functional prototype of exploits (PoC)
  19. 2. You write a short technical description of the vulnerability found and send it to us.
  20. 3. Within 48 hours we will answer you in writing our interest and prevernuyu cost we are willing to pay you.
  21. 4. If you agree, you provide us with full technical information, including a functional prototype.
  22. 5. We check the exploit you provided and pay you a reward according to the method you selected within 24 hours.
  23.  
  24. If you have any counter proposals regarding the acquisition process, you can always contact us. We can organize
  25. a personal meeting with you in practical any country in the world to personally discuss all the issues personally.
  26.  
  27. PRICE TABLE
  28.  
  29. +------------------------------------------+ +-------------------------+
  30. | INTEGRATED CIRCUITS | | SCADA PLC |
  31. |------------------------------------------| |-------------------------|
  32. |Smart Cards | $100,000+ | | Siemens | $30,000+ |
  33. |Cellular SoC (MTK, Qualcomm) | $50,000+ | | Honeywell | $20,000+ |
  34. |CPLD/FPGA | $50,000+ | | Mitsubishi | $15,000+ |
  35. |Microcontrollers | $30,000+ | | Omron | $10,000+ |
  36. +------------------------------------------+ | ABB | $10,000+ |
  37. | Schneider | $10,000+ |
  38. | Other | $5,000+ |
  39. +---------------------+ +-------------------------+
  40. | ATM |
  41. |---------------------| +------------------------------------------------------+
  42. | Wincor | $25,000+ | | NETWORK DEVICES |
  43. | NCR | $25,000+ | |------------------------------------------------------|
  44. | Diebold | $15,000+ | | Juniper | $50,000+ |
  45. | Other | $15,000+ | | Cisco | $50,000+ |
  46. +---------------------+ | Sonicwall | $50,000+ |
  47. | F5 | $50,000+ |
  48. +---------------------------+ | SIP Avaya, Asterisk, Polycom and others | $50,000+ |
  49. | SMART TV | | Riverbed | $50,000+ |
  50. |---------------------------| | HP | $10,000+ |
  51. | Samsung | $10,000+ | | Huawei | $10,000+ |
  52. | Sony | $10,000+ | | Asus | $5,000+ |
  53. | Panasonic | $10,000+ | | ZyXEL | $5,000+ |
  54. | LG | $5,000+ | | Netgear | $5,000+ |
  55. | Home Appliance | $5,000+ | | D-Link | $5,000+ |
  56. +---------------------------+ | Other | $1,000+ |
  57. +------------------------------------------------------+
  58.  
  59. +-------------------------------------+ +---------------------------------+
  60. | IPMI | | GAMING CONSOLES |
  61. |-------------------------------------| |---------------------------------|
  62. | Sun SSP | $100,000+ | | Xbox ONE X (RCE) | $75,000+ |
  63. | Dell DRAC | $100,000+ | | Playstation 4 (RCE) | $75,000+ |
  64. | HP iLO | $100,000+ | | Nintendo (RCE) | $50,000+ |
  65. | Supermicro IPMI | $100,000+ | +---------------------------------+
  66. | Cisco CIMC | $50,000+ |
  67. | VNC, Teamviewer, Radmin | $50,000+ |
  68. | Other | $20,000+ |
  69. +-------------------------------------+
  70. +---------------------------+
  71. | PERIPHERAL DEVICES |
  72. +---------------------------------------------------+ |---------------------------|
  73. | MOBILE DEVICES | | Scanners (RCE | $30,000+ |
  74. |---------------------------------------------------+ | Printers (RCE) | $30,000+ |
  75. | Apple iOS (LCE,RJB) | $2,500,000+ | | CCTV (RCE) | $10,000+ |
  76. | Android (RJB) | $2,500,000+ | +---------------------------+
  77. | SMS/MMS (RCE+LPE) (Any Mobile OS) | $2,500,000+ |
  78. | WiFi (RCE+LPE) (Any Mobile OS) | $100,000+ |
  79. | Bluetooth (RCE+LPE) (Any Mobile OS) | $50,000+ |
  80. | Sandbox Escape (Any Mobile OS) | $30,000+ |
  81. | WatchOS (LCE,RJB) | $100,000+ |
  82. +---------------------------------------------------+
  83.  
  84. +-----------------------------------------+ +------------------------------------+
  85. | OPERATING SYSTEMS | | DATABASE SOFTWARE |
  86. |-----------------------------------------| |------------------------------------|
  87. | Windows Server (RCE, SE) | $500,000+ | | MS SQL Server (RCE) | $200,000+ |
  88. | Windows 7/8.1/10 (LPE, SE) | $150,000+ | | Oracale Database (RCE) | $200,000+ |
  89. | MacOS (LPE, SE) | $50,000+ | | MongoDB (RCE) | $150,000+ |
  90. | Linux Desktop/Server (LPE) | $50,000+ | | MySQL (RCE) | $150,000+ |
  91. | Virtual Machine Escape | $150,000+ | | MS Access (RCE) | $20,000+ |
  92. +-----------------------------------------+ +------------------------------------+
  93.  
  94. +-------------------------------------------------+
  95. | PRODUCTIVITY APPS | +----------------------------------------+
  96. |-------------------------------------------------+ | MESSENGERS |
  97. | MS Office Word, Excel, PP (RCE) | $250,000+ | +----------------------------------------|
  98. | Adobe PDF Reader all (RCE, SE) | $250,000+ | | Telegram (RCE) | $1,000,000+ |
  99. | Adobe Flash Player (RCE, SE) | $150,000+ | | WhatsApp (RCE) | $1,000,000+ |
  100. | Microsoft Silverlight(RCE, SE) | $100,000+ | | Facebook Messenger (RCE) | $250,000+ |
  101. | Antivirus (RCE, LPE) | $30,000+ | | WeChat (RCE) | $250,000+ |
  102. +-------------------------------------------------+ | Viber (RCE) | $150,000+ |
  103. | Imo (RCE) | $150,000+ |
  104. | Line (RCE) | $150,000+ |
  105. +----------------------------------------+
  106.  
  107. +---------------------------------------+ +--------------------------------------------+
  108. | WEB SERVERS | | WEB BROWSERS |
  109. |---------------------------------------| |--------------------------------------------|
  110. | Microsoft IIS (RCE) | $250,000+ | | Google Chrome all OS (RCE, SE) | $300,000+ |
  111. | MS Exchange Server (RCE) | $300,000+ | | Microsoft Edge (RCE, SE) | $300,000+ |
  112. | Nginx (RCE) | $300,000+ | | TOR Browser (RCE, SE) | $300,000+ |
  113. | Appache Server (RCE) | $300,000+ | | Apple Safari OS X (RCE, SE) | $250,000+ |
  114. | Open SSL (RCE) | $250,000+ | | Mozilla Firefox (RCE, SE) | $150,000+ |
  115. | Lotus Domino (RCE) | $100,000+ | +--------------------------------------------+
  116. | JBoss (RCE) | $100,000+ |
  117. | Appache Tomcat (RCE) | $50,000+ |
  118. +---------------------------------------+
  119. +----------------------------------+
  120. +----------------------------------------------+ | BUGTRACKERS |
  121. | EMC | |----------------------------------|
  122. |----------------------------------------------| | Redmine | $30,000+ |
  123. | Microsoft SharePoint | $250,000+ | | Atlassian JIRA | $30,000+ |
  124. | IBM Fil-eNet | $150,000+ | | Bugzilla | $10,000+ |
  125. | Oracle WebCenter | $150,000+ | | Jenkins | $10,000+ |
  126. | OpenText Content Suite Platform | $50,000+ | | Atlassian Confluence | $10,000+ |
  127. +----------------------------------------------+ +----------------------------------+
  128.  
  129. +----------------------------+ +-----------------------------+
  130. | FTP | | CMS |
  131. |----------------------------| |-----------------------------|
  132. | Filezilla (RCE) | $30,000+ | | Wordpress (RCE) | $100,000+ |
  133. | Titan (RCE) | $20,000+ | | 1C Bitrix (RCE) | $100,000+ |
  134. | Serv-U (RCE) | $20,000+ | | Joomla (RCE) | $80,000+ |
  135. | net2ftp (RCE) | $20,000+ | | Wix (RCE) | $25,000+ |
  136. +----------------------------+ | Drupal (RCE) | $25,000+ |
  137. +-----------------------------+
  138.  
  139. +--------------------------------------+
  140. | FORUMS |
  141. |--------------------------------------| +----------------------------------------------+
  142. | IP.Board (RCE) | $50,000+ | | PLM and EPR |
  143. | VBulletin (RCE) | $50,000+ | |----------------------------------------------|
  144. | Lithium communities (RCE) | $50,000+ | | SAP | $100,000+ |
  145. | Mybb (RCE) | $25,000+ | | Siemens Teamcenter | $100,000+ |
  146. | PHPbb (RCE) | $25,000+ | | Oracle ERP | $100,000+ |
  147. | IP.Suite (RCE) | $25,000+ | | Oracle Agile PLM | $100,000+ |
  148. | XenForo | $20,000+ | | SPTC Windchill PLM | $50,000+ |
  149. | Woltlab BB (RCE) | $20,000+ | | MentorGraphics HyperLynx SI PLM | $50,000+ |
  150. +--------------------------------------+ | Enovia PLM | $30,000+ |
  151. +----------------------------------------------+
  152.  
  153. +------------------------------------------+
  154. | MAIL SERVERS | +-------------------------------+
  155. |------------------------------------------| | HOSTING PANELS |
  156. | Microsoft Outlook OWA (RCE) | $200,000+ | |-------------------------------|
  157. | Sendmail (RCE) | $120,000+ | | cPanel (RCE) | $75,000+ |
  158. | IBM Lotus Domino (RCE) | $100,000+ | | Plesk (RCE) | $75,000+ |
  159. | Horde (RCE) | $50,000+ | | Direct Admin (RCE) | $25,000+ |
  160. | Roundcube (RCE) | $50,000+ | | Other (RCE) | $10,000+ |
  161. | Squirellmail (RCE) | $50,000+ | +-------------------------------+
  162. | Other mail servers (RCE) | $25,000+ |
  163. +------------------------------------------+
  164.  
  165. LPE - Local Privilege Escalation
  166. RCE - Remote Code Execution
  167. SE - Sandbox Escape
  168. RJB - Remote Jailbreak
  169. LCE - Local Code Execution (physical access to device)
  170.  
  171. In addition to vulnerabilities, we are interested in obtaining various research results, such as:
  172. - Deanonimization of TOR network resources
  173. - Bypassing ASLR, DEP, UAC and other security mechanisms
  174. - Attack vectors for remote code execution on devices via GSM, Bluetooth and WiFi
  175. - Vulnerabilities on mobile chipsets
  176. - Innovative detour of antiviruses
  177. - Other research results and technical information.
  178.  
  179.  
  180.  
  181. EXPLOIT TECHNICAL INFORMATION
  182. All questions should have the most detailed answers from this depends on
  183. what price we will offer you for your 0day exploit.
  184. 1. Item name : _____________________________________________________________________
  185. 2. Asking Price and availability of exclusive acquisition : ________________________
  186. 3. Affected OS: ________________________
  187. 4. Vulnerable Target application versions and reliability. If 32 bit only, is 64 bit vulnerable?
  188. List complete point release range. ________________________________________________
  189. 5. Tested, functional against target application versions, list complete point release range.
  190. Explain ________________________________________________
  191. 6. Does this exploit affect the current target version?
  192. [ ] Yes
  193. [ ] No
  194. 7. Privilege Level Gained
  195. [ ] As logged in user (Select Integrity level below for Windows)
  196. [ ] Web Browser's default (IE - Low, Others - Med)
  197. [ ] Low
  198. [ ] Medium
  199. [ ] High
  200. [ ] Root, Admin or System
  201. [ ] Ring 0/Kernel
  202. [ ] Other
  203. 8. Minimum Privilege Level Required For Successful PE
  204. [ ] As logged in user (Select Integrity level below for Windows)
  205. [ ] Low
  206. [ ] Medium
  207. [ ] High
  208. [ ] N/A
  209. [ ] Other ________________________
  210. 9. Exploit Type (select all that apply)
  211. [ ] Remote code execution
  212. [ ] Privilege escalation
  213. [ ] Font based
  214. [ ] Sandbox escape
  215. [ ] Information disclosure (peek)
  216. [ ] Code signing bypass
  217. [ ] Persistency
  218. [ ] Other ________________________
  219. 10. Delivery Method
  220. [ ] Via web page
  221. [ ] Via file
  222. [ ] Via network protocol
  223. [ ] Local privilege escalation
  224. [ ] Other (please specify) ________________________
  225. 11. Bug Class
  226. [ ] memory corruption
  227. [ ] design/logic flaw (auth-bypass / update issues)
  228. [ ] input validation flaw (XSS/XSRF/SQLi/command injection, etc.)
  229. [ ] misconfiguration
  230. [ ] information disclosure
  231. [ ] cryptographic bug
  232. [ ] denial of service
  233. 12. Number of bugs exploited in the item: ________________________
  234. 13. Exploitation Parameters
  235. [ ] Bypasses ASLR
  236. [ ] Bypasses DEP / W ^ X
  237. [ ] Bypasses Application Sandbox
  238. [ ] Bypasses SMEP/PXN
  239. [ ] Bypasses EMET Version 5.52±
  240. [ ] Bypasses CFG (Win 8.1)
  241. [ ] N/A
  242. 14. Is ROP employed?
  243. [ ] No
  244. [ ] Yes (but without fixed addresses)
  245. - Number of chains included?
  246. ________________________
  247. - Is the ROP set complete?
  248. ________________________
  249. - What module does ROP occur from?
  250. ________________________
  251. 15. Does this item alert the target user?
  252. Explain ______________________________________________
  253. 16. How long does exploitation take, in seconds?
  254. 17. Does this item require any specific user interactions?
  255. 18. Any associated caveats or environmental factors? For example - does the exploit determine
  256. remote OS/App versioning,and is that required? Any browser injection method requirements?
  257. For files, what is the access mode required for success?
  258. 19. Does it require additional work to be compatible with arbitrary payloads?
  259. [ ] Yes
  260. [ ] No
  261. 20. Is this a finished item you have in your possession that is ready for delivery immediately?
  262. [ ] Yes
  263. [ ] No
  264. [ ] 1-5 days
  265. [ ] 6-10 days
  266. [ ] More: _______________________________
  267. 21. Impact on framework (crashes, etc.) ____________________________________________________
  268. 22. Success rate (or number of necessary attempts) _________________________________________
  269. 23. Does this item support continuation of execution?
  270. 24. Description. Detail a list of deliverables including documentation.
  271. 25. Testing Instructions : _________________________________________________________________
  272. 26. Comments and other notes; unusual artifacts, other limitations, mitigations or other
  273. pieces of information : ________________________________________________________________
Add Comment
Please, Sign In to add comment