Full Disclosure mailing list archives
Re: No shell => secure?
From: npguy <npguy () websurfer com np>
Date: Fri, 9 Jul 2004 21:14:07 +0545
On Friday 09 July 2004 08:19 am, hax wrote:
2) That'd stop a lot of skript kiddies, I guess, but it'd be pretty trivial to just rework the shellcode to call some other command instead of /bin/sh.
if this is single target. attacker can guess your setting and keeping executing any commands it could possible target to execute more attack what about wget from shellcode. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- No shell => secure? Matthias Benkmann (Jul 08)
- Re: No shell => secure? hax (Jul 08)
- Re: No shell => secure? npguy (Jul 09)
- Re: No shell => secure? Kevin Ponds (Jul 09)
- Re: No shell => secure? Matthias Benkmann (Jul 09)
- Re: No shell => secure? Ron DuFresne (Jul 09)
- Re: No shell => secure? Barry Fitzgerald (Jul 09)
- Re: No shell => secure? Vincent Archer (Jul 12)
- Re: No shell => secure? daniel uriah clemens (Jul 09)
- Re: No shell => secure? npguy (Jul 09)
- Re: No shell => secure? hax (Jul 08)
- Re: No shell => secure? Nick FitzGerald (Jul 09)
- Re: No shell => secure? Ron DuFresne (Jul 09)
- Re: No shell => secure? Valdis . Kletnieks (Jul 09)
- Re: No shell => secure? Matthias Benkmann (Jul 09)