[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] THISISNOTMYEXPLOIT

To: Kingcope <kcope2@xxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] THISISNOTMYEXPLOIT
From: yersinia <yersinia.spiros@xxxxxxxxx>
Date: Sat, 1 Aug 2009 15:25:46 +0200

On Fri, Jul 31, 2009 at 5:58 PM, Kingcope<kcope2@xxxxxxxxxxxxxx> wrote:
> Hello people,
> Yes there is a warning when the PoC is compiled. But I guess that is
> not a big issue.

No, problem. It is only necessary to include stdlib.h because malloc
is implicitily defined (gcc complaint). Anyway,  your POC work as
aspected. Thanks. In this days it is difficult to see a true exploit
in a mailing list. The fact that bug was discovered from someone else
is not important : you have rewritten in another language, so it is
only your work.

Regards
> So about what PoC am I talking about?
> It seems that the moderator of bugtraq keeps blocking me because of fancy
> headlines maybe. The moderator of bugtraq blocked the actual exploit but let
> the following messages slip through. The PoC is on milw0rm.com and
> full disclosure.
> Thanks for clarifying the issue with the zones, I really have not a
> 100% understanding
> of the DNS protocol therefore I took a guess on my named.conf file and put the
> address into the PoC.
>
> Thanks for your time,
>
> Kingcope
>
>
> 2009/7/31 yersinia <yersinia.spiros@xxxxxxxxx>:
>> Repost for mailing problem.
>> On Fri, Jul 31, 2009 at 12:14 AM, yersinia <yersinia.spiros@xxxxxxxxx> wrote:
>>>
>>> On Thu, Jul 30, 2009 at 1:24 PM, Kingcope <kcope2@xxxxxxxxxxxxxx> wrote:
>>>>
>>>> Hello again,
>>>> the default setting of 127.in-addr.arpa is a bit weird
>>>>
>>>> try
>>>> ./bind <ip> localhost
>>>
>>> Never mind. I have only a warning from gcc because it was necessary to 
>>> include stdlib.h for malloc.
>>>
>>> But, the important thing is that it works as aspected.
>>>
>>> Regards
>>>>
>>>> lewls
>>>>
>>>> XD
>>>>
>>>> kcope
>>>>
>>>> 2009/7/30 Kingcope <kcope2@xxxxxxxxxxxxxx>:
>>>> > I own nothing.
>>>> >
>>>> > Cheers,
>>>> >
>>>> > kcope
>>>> >
>>
>>>>
>>>> _______________________________________________
>>>> Full-Disclosure - We believe in it.
>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] THISISNOTMYEXPLOIT
  - From: taha

References:
- Re: [Full-disclosure] THISISNOTMYEXPLOIT
  - From: Kingcope

Prev by Date: [Full-disclosure] [ GLSA 200908-01 ] OpenSC: Multiple vulnerabilities
Next by Date: [Full-disclosure] [ MDVSA-2009:189 ] apache-mod_auth_mysql
Previous by thread: Re: [Full-disclosure] THISISNOTMYEXPLOIT
Next by thread: Re: [Full-disclosure] THISISNOTMYEXPLOIT
Index(es):
- Date
- Thread