Full Disclosure mailing list archives
Re: Automated ssh scanning
From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 26 Aug 2004 18:59:03 -0500 (CDT)
Howdy Gary,
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yo All! On Thu, 26 Aug 2004, Deigo Dude wrote:Maybe running this test again, and this time ...No need to run the test again. - From the .history I duplicated this: wget www.bo2k-rulez.net/a Then did this to see the strings in the binary: strings a | less This string looked ineresting: Kernel seems not to be vulnerable A google on that string yields the exloit: http://www.k-otik.com/exploits/12.05.hatorihanzo.c.php A simple exploit for the well known do_brk bug in the Linux kernel...
Cool, I was incrrect in assuning this was a fully patched system and the compromise likely being an application sploit it appears. Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Automated ssh scanning, (continued)
- RE: Automated ssh scanning Todd Towles (Aug 26)
- Re: Automated ssh scanning KF_lists (Aug 26)
- Re: Automated ssh scanning Richard Verwayen (Aug 26)
- Re: Automated ssh scanning Valdis . Kletnieks (Aug 26)
- RE: Automated ssh scanning Ron DuFresne (Aug 26)
- Re: Automated ssh scanning Deigo Dude (Aug 26)
- Re: Automated ssh scanning KF_lists (Aug 26)
- RE: Automated ssh scanning Todd Towles (Aug 26)
- Re: Automated ssh scanning Tremaine (Aug 26)
- Re: Automated ssh scanning Deigo Dude (Aug 26)
- Re: Automated ssh scanning Gary E. Miller (Aug 26)
- Re: Automated ssh scanning Ron DuFresne (Aug 26)
- Re: Automated ssh scanning VeNoMouS (Aug 26)
- Re: Automated ssh scanning Tremaine (Aug 27)
- Re: Automated ssh scanning Tremaine (Aug 26)
- Re: Automated ssh scanning Ng Pheng Siong (Aug 26)
- RE: Automated ssh scanning Todd Towles (Aug 26)
- Malware can silently open holes in SP2 Firewall jklemenc (Aug 26)