Re: character injecting on linux console

From: Nelson Brito (nelson@tw-award.com)
Date: 10/09/01 

From: "Nelson Brito" <nelson@tw-award.com>
To: "Michal Zalewski" <lcamtuf@coredump.cx>, "Doru Petrescu" <pdoru@kappa.ro>
Date: Tue, 9 Oct 2001 11:50:24 -0300

: I think this issue popped up several times on BUGTRAQ few years ago...
: This is a pretty interesting issue, because e.g. pine used to escape such
: characters improperly (not sure if this is still any problem, I reported
: it a while ago).

I didn't remember this issue on BUGTRAQ, but I can't point it out that this
is OLD-NEWS in the wild.

About 3 years ago I realized this scenario and began my own search and
research, and I found a excelent reference from ADM Crew.

So, if you know how to use this information you can do a lot of things.

If you want read the ADM Crew's original issue, take a look at:
http://packetstorm.decepticons.org/groups/ADM/sploits/ADMesc

Hope this help.

Sem mais, 

--
# Nelson Brito
# Independent Security Consultat
# Use: perl $0 /path/to/apache/access_log
use Socket;while(<>){if($_=~/default.ida/){split(/-/,$_);$n=(gethostbyaddr
(inet_aton($_[0]),PF_INET))[0];$v=$_[3]=~/\?N/?"I":"II";$HST=length($n)!=0
?$n:"unknow hostname";print"IP: $_[0] => HOST: $HST => CodeRed: v.$v\n";}}

Quantcast