Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blind Remote Buffer Overflow (fwd)

From: xm () GEEKMAFIA DYNIP COM (Ex Machina)
Date: Mon, 1 May 2000 22:17:03 -0400

Another good way to discern os and platform remotely would be to look up
the ethernet card's OUI in the IEEE database. Chances are you'll be able
to tell the hardware platform.

Ex Machina (xm () geekmafia dynip com)    http://geekmafia.dynip.com/~xm/
phone:  1-877-LPT-WHIP         icq:  3387005           aim:  ExMachina
GnuPG Keyprint:     0627 C3A8 DE25 F7FB 46BD  4870 2006 CF7F EBDA 949D

On Mon, 1 May 2000, Arturo Busleiman wrote:


Date: Mon, 1 May 2000 15:29:16 -0300
From: Arturo Busleiman <buanzox () USA NET>
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Blind Remote Buffer Overflow (fwd)

Dear Matthew <mpotter () atpco com>, the email I'm forwading was sent to me
only, and it wasn't CC'ed to vuln-dev. So here it is.

---------- Forwarded message ----------
Date: Mon, 01 May 2000 00:59:15 -0400
From: "Matthew R. Potter" <mpotter () atpco com>
To: Arturo Busleiman <buanzox () usa net>
Subject: Re: Blind Remote Buffer Overflow

At 12:31 AM 5/1/00 -0300, you wrote:

On Sun, 30 Apr 2000, Matthew R. Potter wrote:


I'm not talking with a shell ;) I'm talking about telling the diffrence
between say, netbsd on
sparx,x86, and alpha platforms. when you dont have shell. and to make it
harder.. lets say telnet dosent display that nice littel banner:
*BSD(sparc)
I guess I should have made my question clearer. I'm aware of how
fingerprinting tcp/ip/ works, etc..

well, now I perfectly understand your question.
I can't tell you, but I imagine that the tcp/ip fingerprint for, let's
say, freebsd for sparc DOES SURELY have differences between it's x86
counterpart... I imagine :)


Maybe in preformance?

For some OS'es it's just not worth it. I mean Solaris 2.X only Runs on 2
platforms, sparc and x86, excluding the 2.5.1 release which also runs on
PPC. It's just easy to assume people are running the common ones. SPARC,
x86, Alpha, those are the most common hardware platforms on the net, I
would think.
Previous By Date Next
Previous By Thread Next

Current thread: