Vulnerability Development mailing list archives
CSR: Exploitation Challenge
From: Steven Hill <steve () covertsystems org>
Date: Thu, 07 Jul 2005 20:30:11 +1000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ***Exploitation Challenge*** Covertsystems Research is seeking submissions for the successful exploitation of a 2.6.x kernel based standard TCP/IP server... http://www.covertsystems.org/challenges/csr-inject_v1.tgz The server is a typical TCP/IP server with a vulnerable strcpy() function... a standard buffer overflow... However, it will be assumed that a random address based stack is in effect and a return-to-libc technique is sought... shell access will be the requirement to attain, either as (root || user id)... though root id shall be given preference to the challenge... Successful submissions are to be sent privately to: steve () covertsystems org Of which successful and confirmable results that fill the basic requirements of the challenge may be posted to the vuln-dev mailing list... or any other noteworthy submissions... Regards, Steven Hill aka: SolarIce - -- ---=[ Covertsystems Research ]=------------------------------// = www.covertsystems.org - = Exploitation Research & Development - = Specializing in UNIX/Linux Systems - --------------------------------------------=[ SolarIce ]=---// --The more one reads & learns, the less the other person knows. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it is expressly prohibited and may be unlawful. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCzQQzOUBnGgmaNvcRAnQzAJ9GxNDYRm2PVGmvXVXqnqf7dpPddwCgqIvQ jRfBc6AmWlR0/pyk5q3jOxI= =lbUw -----END PGP SIGNATURE-----
Current thread:
- CSR: Exploitation Challenge Steven Hill (Jul 07)
- <Possible follow-ups>
- Re: CSR: Exploitation Challenge supers0nic (Jul 22)