[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] samba exploit - remote root colonel 0day

To: kd@xxxxxxxxxxx
Subject: Re: [Full-disclosure] samba exploit - remote root colonel 0day
From: Julius Kivimäki <julius.kivimaki@xxxxxxxxx>
Date: Mon, 24 Sep 2012 18:04:12 +0300

{*} samba 3.x remote root by <blasty@xxxxxxxxxxxxxxxx> {*}
Give some credit to the guy who actually made this.
2012/9/24 <kd@xxxxxxxxxxx>

>
> Massive 0day hide all your printers.
>
> http://pastebin.com/AwpsBWVQ
>
>
>    1. # finding targets 4 31337z:
>    2. # gdb /usr/sbin/smbd `ps auwx | grep smbd | grep -v grep | head -n1
>    | awk '{ print $2 }'` <<< `echo -e "print system"` | grep '$1'
>    3. #    -> to get system_libc_addr, enter this value in the
>    'system_libc_offset' value of the target_finder, run, sit back, wait for
>    shell
>
> by kd aka r4c1st of *eax*
>
>
> Sent using Hushmail
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] samba exploit - remote root colonel 0day
  - From: Benji

References:
- [Full-disclosure] samba exploit - remote root colonel 0day
  - From: kd

Prev by Date: [Full-disclosure] [SE-2012-01] Critical security issue affecting Java SE 5/6/7
Next by Date: Re: [Full-disclosure] samba exploit - remote root colonel 0day
Previous by thread: Re: [Full-disclosure] samba exploit - remote root colonel 0day
Next by thread: Re: [Full-disclosure] samba exploit - remote root colonel 0day
Index(es):
- Date
- Thread