Full Disclosure mailing list archives
New Hacking Zine: p62
From: b0f <b0fnet () yahoo com>
Date: Tue, 23 Sep 2003 09:01:35 -0700 (PDT)
pzc> 16. REAL authentic information regarding iDEFENSE contractor pzc> purchases. Hi would just like to touch on this. Most of the info they have on there about me is unture Yes i did get $300 from idefense and yes that is my name. My name can be found by searching google (good google skills boys). The date they have is completly wrong and i am not a member of dtors security and have never been. Any member from dtors would confirm that i didn't 'steal' nuthin from them to sell to idefense. For guessing my palpal account wouldn't be to hard since i always use this email address. I also have a good idea where they got the $300 price tag from. While i write this i must also congrat them in finding a hole in suexec. <snip from phrack 62> whereis suexec suexec: /usr/sbin/suexec /usr/share/man/man8/suexec.8.gz ls -al /usr/sbin/suexec -r-s--x--- 1 root apache 11732 May 15 06:09 /usr/sbin/suexec cat << EOF >> suexp.c /* REMOVED - sorry kids * Phrack supports Non-disclosure */ EOF make suexp cc suexp.c -o suexp ./suexp -t6 id uid=0(root) gid=0(apache) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) #h3h3h3 </snip from phrack 62> Ain't it great that there exploit gives gid=0(apache). I hope this clears this up and guys for phrack 63 anything you want to know about me just ask atleast you will get it right that way ;) Regards b0f ===== www.b0f.net __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- New Hacking Zine: p62 phrackstaff () ziplip com (Sep 22)
- Re: New Hacking Zine: p62 Cael Abal (Sep 22)
- Re: New Hacking Zine: p62 Jonathan A. Zdziarski (Sep 22)
- Re: New Hacking Zine: p62 I Rony (Sep 24)
- Re: New Hacking Zine: p62 Raj Mathur (Sep 24)
- Re: New Hacking Zine: p62 Jonathan A. Zdziarski (Sep 22)
- Re: New Hacking Zine: p62 Cael Abal (Sep 22)
- Re: New Hacking Zine: p62 3APA3A (Sep 23)
- <Possible follow-ups>
- New Hacking Zine: p62 b0f (Sep 23)
- RE: New Hacking Zine: p62 Robert Ahnemann (Sep 24)