To me, an exploit script isn't *really* full disclosure until I pick it apart and see what it's doing, and *then* I understand what the real problem is. I wound up rewriting "mailrace" a couple of different [and more effective] ways as a result of this sort of study. "passwdrace" was even more interesting. Thus, a description of why the bug is a bug would be *better* in my mind, with pointers to lines in the source code that are in error, and leaving the 'sploit as an exercise. Publishing the canned script is an interesting approach, but has the disadvantages that a> any idiot can run it and b> alone, it doesn't really explain the problem. Of course, nothing prevents someone else from performing the exercise and distributing *that* as a canned 'sploit to clueless people, but that at least shifts the irresponsibility from, say, 8lgm to that someone else... _H*