Bugtraq mailing list archives

Re: ssh 1.2.27 exploit

From: core.lists.bugtraq () CORE-SDI COM (Beto)
Date: Thu, 16 Dec 1999 16:21:43 -0300


Daniel Jacobowitz wrote:


You also didn't include exploit_key:


That's right, not a big issue, just create a public/private key pairs
using ssh_keygen and rename the private key to exploit_key. Put the key
in the current directory you are running the exploit, and remember to
set the correct file permisions (and owner).

Also, there's another thing you have to make to compile the exploit.
After running configure, edit the Makefile and add -DSSH_EXPLOIT to the
CFLAGS.


-- 

==============================[ CORE Seguridad de la Informacion S.A.
]=======
Alberto SoliÃ±o                                  WWW      
:www.core-sdi.com
Consultor                                       Email    
:asolino () core-sdi com
Pte. Juan D. Peron 315 4p UF 17                 TE        :
+54-11-4331-5409
CP 1038 Capital Federal                         FAX       :
+54-11-4331-5402
Buenos Aires, Argentina
==============================================================================

--- For a personal reply use asolino () core-sdi com

Current thread:

Re: ssh 1.2.27 exploit Iván Arce (Dec 15)
- <Possible follow-ups>
- Re: ssh 1.2.27 exploit Beto (Dec 16)