November 5th, 2007, 08:44 AM
You said it stood for point of concept in an earlier post - make your mind up dood.
That is what it stands for
Not really oofki, like I said:
the point of the term people can release code to exploit software and claim it to be for educational purposes only
PoC has nothing to do with the code being for educational purposes, malicious purposes or downright illegal purposes. The clue is in the words Proof of Concept
if you don't understand the acronym, then don't use it or involve yourself in conversations about it
Loosely speaking if you are proving a concept it means you are tyring to do something that no one has done before, as otherwise the concept would have already been proven. Therefore if I release a program that preforms a VNC dictionary attack I am not proving any concept (other than if my code works but that is using PoC in a different context), as someone has already proven this concept a long time ago.
In very general terms - If I find a flaw that can be exploited in VNC that no one else knows about or has discovered before, that I have could have a PoC exploit. If I then code an app that exploits this bug then I will have released a PoC attack - if 5 years later someone releases a program that does they same thing for educational purposes, then this is not a PoC attack as I would have already proven the concept 5 years previously.
So my original point which went over your head and does not even seem relevant anymore, was that the OP can't release a PoC attack that preforms a dictionary attack against VNC.
Last edited by Nokia; November 5th, 2007 at 08:48 AM.
By acdspit00 in forum Operating Systems
Last Post: March 15th, 2006, 03:53 PM
By tampabay420 in forum Newbie Security Questions
Last Post: January 31st, 2003, 06:59 PM