[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] New attack vector for sale, firewall bypass

To: Marshall Whittaker <marshallwhittaker@xxxxxxxxx>
Subject: Re: [Full-disclosure] New attack vector for sale, firewall bypass
From: Dan Rosenberg <dan.j.rosenberg@xxxxxxxxx>
Date: Tue, 7 Jun 2011 09:38:55 -0400

On Tue, Jun 7, 2011 at 6:19 AM, Marshall Whittaker
<marshallwhittaker@xxxxxxxxx> wrote:
> Hello,
> I am willing to sell a new attack vector I have devised.  The proof of
> concept code you will receive has the ability to arbitrarily upload files to
> a webserver (tested on Apache), running linux with the well known perl read
> pipe vulnerability in many web CGI applications.  This issue can also be
> leveraged through PHP LFI and RFI attacks, and through almost any other
> remote command execution vulnerability.

If you have a remote command execution vulnerability, couldn't you
just leverage whatever useful binaries are available on the victim
machine (perl, python, echo) to simply copy your exploit/file/etc. to
disk by printing it byte-by-byte, possibly in pieces?  Did I ruin the
surprise?

-Dan

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] New attack vector for sale, firewall bypass
  - From: Marshall Whittaker

References:
- [Full-disclosure] New attack vector for sale, firewall bypass
  - From: Marshall Whittaker

Prev by Date: Re: [Full-disclosure] New attack vector for sale, firewall bypass
Next by Date: Re: [Full-disclosure] LulzSec EXPOSED!(FAKE)
Previous by thread: Re: [Full-disclosure] New attack vector for sale, firewall bypass
Next by thread: Re: [Full-disclosure] New attack vector for sale, firewall bypass
Index(es):
- Date
- Thread