Bugtraq mailing list archives
[IPS] PUTTY SSH-Client Exploit
From: Daniel Alcántara de la Hoz <seguridad () iproyectos net>
Date: Sat, 28 Dec 2002 15:51:46 -0000
----------------------------------------------------------- I-PROYECTOS Division Seguridad (Security Research) ----------------------------------------------------------- 2003 seguridad () iproyectos net Proof of concept code / Exploit ----------------------------------------------------------- In December 16, 2002 Rapid 7.Inc released a security alert about vulnerabilities in ssh2 implementations from multiple vendors. We have used the concept to code this exploit/proof of concept. It's a fake server to exploit the putty client. To test it you need to change the url in the shellcode; that file will be downloaded and run on exploitation. This is intented for educational/testing purposes. ----------------------------------------------------------- Developed by: Rand ( jcamilleri () ono com ) Dani ( dani () iproyectos net )
Attachment:
IP-putty.c
Description:
Current thread:
- [IPS] PUTTY SSH-Client Exploit Daniel Alcántara de la Hoz (Dec 28)