Full Disclosure mailing list archives
Re: Winnie The Pooh Hacking Squadron Presents:0day 31337 vulnerability in indent 2.2.9
From: "Kurt Seifried" <listuser () seifried org>
Date: Fri, 26 Dec 2003 14:30:02 -0700
indent is really fucking leet tool that improves appearance of C source code. It was designed to help people reading sources written by damn stupid and unskilled programmers like You Dong-Hun or Theo the Radt. It is really helpful nowadays because of that whores who think they are coders. UnfortunatellyYes it is. But there's no privilege elevations available. So what good will this do? Raymond.
Someone sends you hacker code. It's an unreadable mess (there's a surprise). You run it through indent. You get owned. Here's a hint: when playing with code from attackers check the shell code, Makefiles, etc. Do not do this as a privileged user, ideally do this with a throwaway account, or better yet from within VMWare. STandard rules of safe/secure computing apply. Kurt Seifried, kurt () seifried org A15B BEE5 B391 B9AD B0EF AEB0 AD63 0B4E AD56 E574 http://seifried.org/security/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Winnie The Pooh Hacking Squadron Presents: 0day 31337 vulnerability in indent 2.2.9 Winnie The Pooh Hacking Squadron (Dec 26)
- Re: Winnie The Pooh Hacking Squadron Presents: 0day 31337 vulnerability in indent 2.2.9 Raymond Morsman (Dec 26)
- Re: Winnie The Pooh Hacking Squadron Presents:0day 31337 vulnerability in indent 2.2.9 Kurt Seifried (Dec 26)
- <Possible follow-ups>
- Re: Winnie The Pooh Hacking Squadron Presents: 0day 31337 vulnerability in indent 2.2.9 Winnie The Pooh Hacking Squadron (Dec 26)
- RE: Winnie The Pooh Hacking Squadron Presents: 0day 31337 vulnerability in indent 2.2.9 kindergarten (Dec 31)
- Re: Winnie The Pooh Hacking Squadron Presents: 0day 31337 vulnerability in indent 2.2.9 Raymond Morsman (Dec 26)