Re: [Full-disclosure] THISISNOTMYEXPLOIT

From: Kingcope <kcope2@xxxxxxxxxxxxxx>
Date: Fri, 31 Jul 2009 17:58:22 +0200

Hello people,
Yes there is a warning when the PoC is compiled. But I guess that is
not a big issue.
So about what PoC am I talking about?
It seems that the moderator of bugtraq keeps blocking me because of fancy
headlines maybe. The moderator of bugtraq blocked the actual exploit but let
the following messages slip through. The PoC is on milw0rm.com and
full disclosure.
Thanks for clarifying the issue with the zones, I really have not a
100% understanding
of the DNS protocol therefore I took a guess on my named.conf file and put the
address into the PoC.

Thanks for your time,

Kingcope

2009/7/31 yersinia <yersinia.spiros@xxxxxxxxx>:

Repost for mailing problem.
On Fri, Jul 31, 2009 at 12:14 AM, yersinia <yersinia.spiros@xxxxxxxxx> wrote:

On Thu, Jul 30, 2009 at 1:24 PM, Kingcope <kcope2@xxxxxxxxxxxxxx> wrote:

Hello again,
the default setting of 127.in-addr.arpa is a bit weird

try
./bind <ip> localhost

Never mind. I have only a warning from gcc because it was necessary to include stdlib.h for malloc.

But, the important thing is that it works as aspected.

Regards

lewls

XD

kcope

2009/7/30 Kingcope <kcope2@xxxxxxxxxxxxxx>:

I own nothing.

Cheers,

kcope

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] THISISNOTMYEXPLOIT
  - From: Kingcope
- Re: [Full-disclosure] THISISNOTMYEXPLOIT
  - From: Kingcope
- Re: [Full-disclosure] THISISNOTMYEXPLOIT
  - From: yersinia
- Re: [Full-disclosure] THISISNOTMYEXPLOIT
  - From: yersinia

Prev by Date: [Full-disclosure] OpenDNSSEC Project
Next by Date: Re: [Full-disclosure] spam machine
Previous by thread: Re: [Full-disclosure] THISISNOTMYEXPLOIT
Next by thread: Re: [Full-disclosure] THISISNOTMYEXPLOIT
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] THISISNOTMYEXPLOIT
... Yes there is a warning when the PoC is compiled. ... I have some Infoblox master DNS servers with not-allowed dynamic ... updates, so I'm wondering if they are vulnerable to this attack and if ...
(Full-Disclosure)
[Full-disclosure] Firefox 2.0.0.5 flaw allows to steal the users passwords
... PoC here: http://www.heise-security.co.uk/services/browsercheck/demos/moz/pass1.shtml ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
[Full-disclosure] Firefox 2.0.0.12 IFrame overflow vulnerability
... PoC here: ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] THISISNOTMYEXPLOIT
... Yes there is a warning when the PoC is compiled. ... I have only a warning from gcc because it was necessary to include stdlib.h for malloc. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
[Full-disclosure] OpenOffice.org 2.2.0 Writer DoS vulnerability
... PoC: http://www.shinnai.altervista.org/exploits/openofficewriter.py ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)