Full Disclosure mailing list archives
Re: ProFTPD-1.2.9rc2 remote root exploit
From: "upb" <upb () email ee>
Date: Sat, 25 Oct 2003 02:58:31 +0300
umm, when u code fake exploits, atleast code them so they _would_ work ;D
string = (char *) malloc(strlen(buffer)+20); .. if(s = send(fd, string, sizeof(string), 0) < 0)
sizeof(string) == 4 which would only send some love to the ftpd ;) ----- Original Message ----- From: <qobaiashi () gmx net> To: "Jean-Kevin Grosnakeur" <fufeur () hotmail com> Cc: <full-disclosure () lists netsys com> Sent: Friday, October 24, 2003 5:47 PM Subject: Re: [Full-disclosure] ProFTPD-1.2.9rc2 remote root exploit
Ladies and gentlemen, here's the source code of the exploit for the
latest
release of ProFTPD. This is a Zero-Day private exploit, please DON'T REDISTRIBUTE. I will not take responsibility for any damages which could result from the usage of this exploit, use it at your own risk.--------------------------------------------------------------------------/* Example of use: # gcc exploit.c -o exploit # ./exploit 192.168.1.1 21 Connected on 192.168.1.1:21 Exploitation in progress... Exploitation string sent. Trying to connect, please wait... Linux michelle 2.4.20 #1 SMP Fri Mar 14 14:10:36 EST 2003 i686 unknown unknown GNU/Linux uid=0(root) gid=0(root) groupes=0(root) */lol! good nite and sleep() well -q -- NEU FÜR ALLE - GMX MediaCenter - für Fotos, Musik, Dateien... Fotoalbum, File Sharing, MMS, Multimedia-Gruß, GMX FotoService Jetzt kostenlos anmelden unter http://www.gmx.net +++ GMX - die erste Adresse für Mail, Message, More! +++ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- ProFTPD-1.2.9rc2 remote root exploit Jean-Kevin Grosnakeur (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Valdis . Kletnieks (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Andreas Gietl (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Robert Jaroszuk (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Andreas Gietl (Oct 24)
- Re[2]: ProFTPD-1.2.9rc2 remote root exploit Wine (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Lorenzo Hernandez Garcia-Hierro (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Robert Jaroszuk (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Simon Kirby (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit qobaiashi (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit upb (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Jedi/Sector One (Oct 24)
- Re: ProFTPD-1.2.9rc2 localhost delete kang (Oct 24)
- Re: ProFTPD-1.2.9rc2 localhost delete dilema (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Cael Abal (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Rob Lewis (Oct 24)
- <Possible follow-ups>
- ProFTPD-1.2.9rc2 remote root exploit Jean-Kevin Grosnakeur (Oct 24)
- RE: ProFTPD-1.2.9rc2 remote root exploit GARCIA Lionel (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Philipp Buehler (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Larry W. Cashdollar (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit zero (Oct 24)
- Re: ProFTPD-1.2.9rc2 remote root exploit Philipp Buehler (Oct 24)