Re: How to exploit gain root of OpenSSL?

El Viernes, 13 de Octubre de 2006 17:06, 09sparky@xxxxxxxxx escribió:
I am looking for a way to exploit (not dos) and gain root, if possible to
an old version of OpenSSL. Nessus results are: The remote host seems to be
running a version of OpenSSL which is older than 0.9.6k or 0.9.7c.

Does anyone have any suggestions?


If have this one:
* openssl-too-open.c - OpenSSL remote exploit
* Spawns a nobody/apache shell on Apache, root on other servers.

openssl-too-open is a remote exploit for the KEY_ARG overflow in
OpenSSL 0.9.6d and older. It will give you a remote shell with the
priviledges of the server process (nobody when used against Apache,
root against other servers).

If you're interested, contact me off the list.
Manuel Arostegui Ramirez.

Electronic Mail is not secure, may not be read every day, and should not
be used for urgent or sensitive issues.

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.