With the sniffer, Fluffy Bunny captured logon IDs and passwords for other sites, then installed Trojan horses at each new site. Exodus declined to comment on Fluffy Bunny's claims. Fluffy said that he did not write his own exploits, he merely took advantage of known bugs with existing exploit code.. . .
With the sniffer, Fluffy Bunny captured logon IDs and passwords for other sites, then installed Trojan horses at each new site. Exodus declined to comment on Fluffy Bunny's claims. Fluffy said that he did not write his own exploits, he merely took advantage of known bugs with existing exploit code.

The cracker said he works as a contractor in the field of security, and perhaps it is the ease of cracking so many sites using nothing but published exploits that makes him support the "anti-disclosure movement."

Asked if he considered himself a White Hat or Black Hat, he replied that the term "grayhat" might be better, adding that "no one can be truly a whitehat". It should be noted that the IRC interview was arranged by following contact instructions left in the Themes.org defacement, but that doesn't rule out the possibility of a Fluffy Bunny imposter.

The link for this article located at Securityfocus is no longer available.