Yousif Yalda Doesn't Understand a "Vulnerability" He Found

April, 2008

While at Vapt-sec, Yalda posted to the pen-test mail list disclosing a new "Microsoft RDP Privilege Escalation" vulnerability he found:

A friend of mine and I found a certain vulnerability within the RDP allowing for further escalation to administrative access. Check it out here:

The 'vulnerability' was quickly debunked by Mark Owen and then more thoroughly debunked by Thor. In response, Yalda limply defends his original finding. In doing so, he opens the door for Jarrod Frates to bring up the ethical issues of Yalda's disclosure. Thor counters Yalda's claims and Yalda shows he didn't fully understand what he was doing at the time. Remember, this is during a commercial penetration test for a client, not exactly reassuring. To end the thread, Thor eviscerates Yalda and exposes his research to be inaccurate and weak.

These types of disclosures and admissions remind us of the problem with the penetration testing industry. Many people are part of it, not all are qualified.

main page ATTRITION feedback