Re: [Snort-sigs] kadmind exploit rules

[anakata <anakata () anakata hack se>]

> > and the IRC channels are all trading a file called herakles.c and a
> > binary called kerberous.
> If these are available, I would love to have a copy to verify the
> signatures.  We do not possess a copy of these at this time.

 * herakles - kadmind (atleast kerberos4 <=4-1.2 and heimdal <=0.5) x86 remote exploit
 * - discovered and coded Oct. 2002 by anakata <anakata () hack se>
 *****************************************************************************
 * THIS IS UNPUBLISHED PROPRIETARY SOURCE CODE OF Anakata Labs.
 * YOU ARE NOT ALLOWED TO USE OR REDISTRIBUTE THIS MATERIAL, ANY MATERIAL
 * DERIVED FROM THIS MATERIAL, OR ANY MATERIAL RESULTING FROM THE COMPILATION,
 * ASSEMBLY, ETC. OF THIS MATERIAL WITHOUT THE PRIOR WRITTEN CONSENT OF THE
 * AUTHOR(S).
 * Violation of the above constitutes a violation of Swedish and international
 * copyright and intellectual property laws.
 *****************************************************************************
^^^ Yes, that DOES apply to YOU.

--- anakata <anakata () hack se>, Corpus Hypercubus
http://www.anakata.hack.se, IRC: {ef,irc,dal,slash}net, regular of #hack.se/efnet
Cogito, ergo infestus sum. [I think, therefore I am dangerous.]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html