Re: [Full-Disclosure] re: Global HIGH Security Risk

• Previous message: Melvyn Sopacua: "RE: [Full-Disclosure] Global HIGH Security Risk"
• In reply to: ^Shadown^: "[Full-Disclosure] re: Global HIGH Security Risk"
• Next in thread: Jonathan Rickman: "Re: [Full-Disclosure] re: Global HIGH Security Risk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "David Howe" <DaveHowe@cmn.sharp-uk.co.uk>
To: "Email List: Full Disclosure" <full-disclosure@lists.netsys.com>
Date: Tue, 4 Feb 2003 13:04:39 -0000

> What I did first was just to code an exploit for the vulnerable
> daemon and added a simple command sequence to write
> down to the server an uuencoded file using vi editor,
<snip the rest>
Erm - hate to tell you this, but this is how it is *normally* done. you
exploit a service using a 'sploit that requires only the open
internet-facing port (a buffer overflow is the usual vector) and throw
whatever you want down the link in whatever format it supports - often
you don't need uuencode if the channel is 8 bit clean (and almost all
are)
exploit code usually reads "kill main server if it still exists, open
new server on same port, receive future connnects from my IP address as
being filename, followed by length, followed by data; run any
executables and return the output to me as a reply to the download"
If you have found a previously unknown exploitable bug in a server
though - that is worth reporting.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

• Next message: Jonathan Rickman: "Re: [Full-Disclosure] re: Global HIGH Security Risk"
• Previous message: Melvyn Sopacua: "RE: [Full-Disclosure] Global HIGH Security Risk"
• In reply to: ^Shadown^: "[Full-Disclosure] re: Global HIGH Security Risk"
• Next in thread: Jonathan Rickman: "Re: [Full-Disclosure] re: Global HIGH Security Risk"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: she accepted the gift!!!!! ... elk, and whose partner is a whoopie-wench with a substandard twat, wrote ... >> I have a bit of a problem with the command sequence in BV it may only ... >> the server monkey first off. ... is but a dream within a dream. ... (alt.os.windows-xp) Re: she accepted the gift!!!!! ... >> seals, and whose partner is a lobby-lizzie with a puffy cock pocket, ... >>> I have a bit of a problem with the command sequence in BV it may ... >>> speak to the server monkey first off. ... > to authenticate again although that may not be entirely true. ... (alt.os.windows-xp) Re: she accepted the gift!!!!! ... seals, and whose partner is a lobby-lizzie with a puffy cock pocket, ... > I have a bit of a problem with the command sequence in BV it may only ... > the server monkey first off. ... (alt.os.windows-xp)