CSR: Exploitation Challenge

[Steven Hill <steve () covertsystems org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


***Exploitation Challenge***


Covertsystems Research is seeking submissions for the successful
exploitation of a 2.6.x kernel based standard TCP/IP server...

http://www.covertsystems.org/challenges/csr-inject_v1.tgz

The server is a typical TCP/IP server with a vulnerable strcpy()
function... a standard buffer overflow... However, it will be
assumed that a random address based stack is in effect and a
return-to-libc technique is sought... shell access will be the
requirement to attain, either as (root || user id)... though
root id shall be given preference to the challenge...

Successful submissions are to be sent privately to:
steve () covertsystems org

Of which successful and confirmable results that fill the basic
requirements of the challenge may be posted to the vuln-dev
mailing list... or any other noteworthy submissions...


Regards,

        Steven Hill aka: SolarIce

- --

 ---=[ Covertsystems Research ]=------------------------------//
 = www.covertsystems.org                                      -
 = Exploitation Research & Development                        -
 = Specializing in UNIX/Linux Systems                         -
 --------------------------------------------=[ SolarIce ]=---//

 --The more one reads & learns, the less the other person knows.

The information in this email is confidential and may be legally
privileged.  It is intended solely for the addressee.  Access to
this email by  anyone else is unauthorized.  If you  are not the
intended recipient, any disclosure, copying, distribution or any
action  taken  or  omitted  to  be  taken  in  reliance on it is
expressly prohibited and may be unlawful.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCzQQzOUBnGgmaNvcRAnQzAJ9GxNDYRm2PVGmvXVXqnqf7dpPddwCgqIvQ
jRfBc6AmWlR0/pyk5q3jOxI=
=lbUw
-----END PGP SIGNATURE-----