Where can I sell a 0 day?

[bitsofdust]

I may or may not have discovered a zero day that allows remote code execution. Where can I sell this anonymously?

[1714706370]

1714706370

[1714706370]

1714706370

[1714706370]

1714706370

[1714706370]

1714706370

[peonminer]

Lmao Google anonymous

[Subud!]

hackforums?

[Kluge]

Freenode seems like the obvious answer.

[clock27]

awesome dude lol good luck with that

[danieldaniel]

Depends on which site it's for.  If it's a site with a bug bounty program, I'd buy it (and report it and make a profit).

[malevolent]

What software is it and how difficult is it to exploit this vulnerability?

[mistfpga]

I may or may not have discovered a zero day that allows remote code execution. Where can I sell this anonymously?

I can broker this for you.  I have sold 0 daze to people like iDefense and Tipping point (ms apps mainly) however I have sold linux remote code executions for in excess of $80,000 (to pen test companies) I have numerous links into companies that will be of great help to you.  I can either introduce you or act as a middleman.  I do not mind. generally I sell to three companies, all of whom I know personally.  I am based in the uk.  But these companies are not.

There are some questions that need answering before you can work out who to approach.  - if push comes to shove I would be happy to buy it for bitcoin, then sell it for usd.

Is the exploit
Things that lower the price:
Remote interaction needed (visiiting a website, clicking ok, running a spesific word doc,  or popular app addin)
Service pack or kernel version specific
If windows, it has to be on something big, like any apple app, word, bitcoin, default installed programs, web browsers, kernel exploit.
Is it a post auth exploit?
Does ASLR or DEP get in the way?
32 bit only?

I dont want to get your hopes up, but unless it is unauthenticated, no interaction bug that is for the linux kernel (general branch), windoze kernel and/or win xp- 8 compatible, ie 7,8 and 9. you are probably not looking at much more than 15,000 usd maybe less.

my PGP public key is at pgp.mit.edu id: 0x5016FB50 my email is steve at mist fpga d o t net

I sell more than 10 zero days a year, to independent pentest companies.  Please contact me if you want more advice, contact details and or help with the shellcode (weaponised are the only type pentest companies take)

I am not going to list my clients on a forum (and yes I have sold 1 bug to idefense and 2 to 3com, shoot me, I dont give a shit, if coders can earn millions for being shit at thier jobs, why cant testers sell exploits?)

EDIT: you will have to trust a company somewhere along the line, whilst they checkout the exploit which is why I have my 3 companies. a lot of others (with 'security gurus') screw me like a bitch before.  it is a  jungle out there.

[saif313]

now you could be most richest person in bitcoins world have a fun 

[TheSwede75]

Almost no reason to sell 0-days on the black market anymore if you can broker it to security firms. Risk is high and chance of being ripped off is crazy high when selling on black market. Another plus being that 0-day sold to reputable security firms can land you a 6 figure job.

[mistfpga]

Almost no reason to sell 0-days on the black market anymore if you can broker it to security firms. Risk is high and chance of being ripped off is crazy high when selling on black market. Another plus being that 0-day sold to reputable security firms can land you a 6 figure job.

Isnt that exactly what I said anyway a decent remote will land you a six figure one time paycheck... The OP wasnt trying to sell for/to the blackmarket, he is trying to get bitcons for bugs, rather than usd.  so he can remain anon - a lot of background checks are done by pentest companies.  3com and idefense are useless, more than useless and a rip off.  as my experience with another very vocal member of the security community..  there are few pros like 3APA3A around anymore. do not use them. but then I was never a scene kid.... those that can do, those that cant talkabout it.

as a tip, look at using beyond security, they are good people - contact them first with your 0-day. then there is argensis they are also trustworthy lastly try NGS, none of these companies are shady and will pay 6 figures for the right bug.

anyway, seeing as you have so much experience in this (please dont be skylined - and yes I know why you are called skylined, so no bullshitting, you still owe me a pint!!)

good luck.