Metasploit mailing list archives
Metasploit Framework TMT 2007 hdDay exploit
From: rsrivastwa at yahoo.com (Rohit Srivastwa)
Date: Wed, 25 Jul 2007 21:26:59 -0700 (PDT)
Happy Bday HDM
Great way to wish Jerome
When we can get the shell code to exploit the party ;)
./Rohit
--
Through the Firewall,Out the Router,Down the T1,Across the Backbone,Bounced from Satellite ---- Nothing but the Internet
----- Original Message ----
From: Jerome Athias <jerome.athias at free.fr>
To: framework at metasploit.com
Sent: Thursday, July 26, 2007 1:37:07 AM
Subject: [framework] Metasploit Framework TMT 2007 hdDay exploit
*** JA Security Advisory ***
JA Advisory: JA20070810 (Pre-release) v1.0 Revision $4444$
*** Title: Metasploit Framework Team Birthday Beerflow Vulnerability ***
Critical: Extremely Critical (drinking bout)
Impact: Ton of alcohol
Where: From everywhere (and especially from Texas)
Solution Status: None available
Product affected: The Metasploit Team (TMT) version 2007
Vendor: The Metasploit Team
CVE reference: None yet
Disclosure timeline:
20070725: Full Disclosure
200708??: Full technical details will be released
Vendor contacted: NO (it's full disclosure with black evil in mind ;)
Description:
A vulnerability has been discovered in The Metasploit Team (TMT), which
can be exploited by malicious people to compromise a vulnerable team member.
The vulnerability is caused due to the improper call to the Birthday()
method in the HDM module of the TMT, which allows loading of arbitrary
happy birthdays.
This can be exploited to e.g. execute arbitrary pay-me-a-beer when an
user visits a malicious bar.
It could also lead to BBP (Big Birthday Party) & rock'n roll all night
long with infinite tekila loop...
The vulnerability affects the following product:
* The Metasploit Team (TMT) version 2007, HDM package
Solution:
We are not aware of any solution yet. The vendor recommends to send your
gifts by air mail to avoid mega drunk crashes.
*Provided and/or discovered by*:
Discovered by Jerome Athias and reported via MSF Labs' security
mailing-list.
*Original Advisory*:
JA: (this mail)
*Extended Solution*:
The "Extended Solution" section is available for HDM's friends only.
Request a trial and get access to the HD's Friends Area and Extended
HD's brownies.
More information should be provided next week...
/JA
____________________________________________________________________________________
Luggage? GPS? Comic books?
Check out fitting gifts for grads at Yahoo! Search
http://search.yahoo.com/search?fr=oni_on_mail&p=graduation+gifts&cs=bz
Current thread:
- Metasploit Framework TMT 2007 hdDay exploit, (continued)
- Metasploit Framework TMT 2007 hdDay exploit gz1x (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit str0ke (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit H D Moore (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Alexander Sotirov (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit gz1x (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Pranay Kanwar (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit angelic solutions (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Abhijeet Hatekar (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit ыфзкфт (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit kellicot at umich.edu (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit Marco Crippa (Jul 26)
- Metasploit Framework TMT 2007 hdDay exploit angelic solutions (Jul 26)