Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Automated ssh scanning

From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 26 Aug 2004 18:59:03 -0500 (CDT)

Howdy Gary,


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yo All!

On Thu, 26 Aug 2004, Deigo Dude wrote:


Maybe running this test again, and this time ...


No need to run the test again.

- From the .history I duplicated this:

 wget www.bo2k-rulez.net/a

Then did this to see the strings in the binary:

 strings a | less

This string looked ineresting:

 Kernel seems not to be vulnerable

A google on that string yields the exloit:

 http://www.k-otik.com/exploits/12.05.hatorihanzo.c.php

A simple exploit for the well known do_brk bug in the Linux kernel...



Cool, I was incrrect in assuning this was a fully patched system and the
compromise likely being an application sploit it appears.


Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: