RE: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques

["Holtz,Robert" <Robert.Holtz () edwardjones com>]

You can debug the IOS kernel via the commands mentioned in this thread.

The following link goes into a bit more detail:

http://64.233.167.104/search?q=cache:mab7YNkMv6QJ:www.nthelp.com/cisco_u
ndoc.htm+gdb+kernel+cisco&hl=en&ct=clnk&cd=15&gl=us




 
 If you are not the intended recipient of this message (including attachments), or if you have received this message in 
error, immediately notify us and delete it and any attachments.  If you no longer wish to receive e-mail from Edward 
Jones, please send this request to messages () edwardjones com.  You must include the e-mail address that you wish not 
to receive e-mail communications.  For important additional information related to this e-mail, visit 
www.edwardjones.com/US_email_disclosure
 
-----Original Message-----
 

From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of MiKa () mailinator org
Sent: Tuesday, November 13, 2007 8:24 AM
To: vuln-dev () securityfocus com
Subject: Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques

Not quite sure what to think about this, is this a hoax?


No details are given, the captures of the "hack" show clearly a router
command "gdb kernel" which (according to cisco's IOS command lookup tool
on cisco.com) doesn't exist and which my own IOS device doesn't
recognize.

So let's not hype this too much as long we don't get better details,
regard it a some proof of concept for a well set up test environment...