[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Automated ssh scanning
- To: Deigo Dude <deigodude@xxxxxxx>
- Subject: Re: [Full-Disclosure] Automated ssh scanning
- From: "Gary E. Miller" <gem@xxxxxxxxxx>
- Date: Thu, 26 Aug 2004 13:17:53 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yo All!
On Thu, 26 Aug 2004, Deigo Dude wrote:
> Maybe running this test again, and this time ...
No need to run the test again.
- From the .history I duplicated this:
wget www.bo2k-rulez.net/a
Then did this to see the strings in the binary:
strings a | less
This string looked ineresting:
Kernel seems not to be vulnerable
A google on that string yields the exloit:
http://www.k-otik.com/exploits/12.05.hatorihanzo.c.php
A simple exploit for the well known do_brk bug in the Linux kernel...
RGDS
GARY
- ---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701
gem@xxxxxxxxxx Tel:+1(541)382-8588 Fax: +1(541)382-8676
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFBLkV08KZibdeR3qURArHuAKCoB+1Tgz/HmW8oxsrhQXCyvSsFdQCeOCo1
HxOTENngG5Uan2kR0uC7El4=
=Ddpd
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html