Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

CSR: challenge update...

From: Steven Hill <steve () covertsystems org>
Date: Sat, 23 Jul 2005 23:49:39 +1000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



***Exploitation Challenge***


Submissions for the CSR challenge have trickled in, one by one.

With some submissions containing a satisfactory exploit that meet
the demands for successful exploitation of csr-inject_v1.tgz ...

It appears that a random address based stack still makes it
difficult to exploit a particular application... though, brute
forcing seems to be a possible solution...

Presented here is the most viable exploit so far gathered by
CSR during this current challenge... the author "Maverick"
takes credit for this released exploit...

To help preserve file formatting, please wget the exploit from:

http://www.covertsystems.org/challenges/exp41.c

Regards,
        Steven Hill aka: SolarIce


- --

 ---=[ Covertsystems Research ]=------------------------------//
 = www.covertsystems.org                                      -
 = Exploitation Research & Development                        -
 = Specializing in UNIX/Linux Systems                         -
 --------------------------------------------=[ SolarIce ]=---//

 --The more one reads & learns, the less the other person knows.

The information in this email is confidential and may be legally
privileged.  It is intended solely for the addressee.  Access to
this email by  anyone else is unauthorized.  If you  are not the
intended recipient, any disclosure, copying, distribution or any
action  taken  or  omitted  to  be  taken  in  reliance on it is
expressly prohibited and may be unlawful.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC4kryOUBnGgmaNvcRAmFrAJ9DEiWldV0H1qAhYGZ/TTu/fb1tnQCfapWS
JPVFQn9Co5RuE//7I1KbApc=
=A5J9
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: