CSR: Exploitation Challenge

• Previous message: Marco Ivaldi: "Re: Exploit development in Per"
• Next in thread: supers0nic_at_redwhitearmy.com: "Re: CSR: Exploitation Challenge"
• Maybe reply: supers0nic_at_redwhitearmy.com: "Re: CSR: Exploitation Challenge"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 07 Jul 2005 20:30:11 +1000
To: Vuln-dev <vuln-dev@securityfocus.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

***Exploitation Challenge***

Covertsystems Research is seeking submissions for the successful
exploitation of a 2.6.x kernel based standard TCP/IP server...

http://www.covertsystems.org/challenges/csr-inject_v1.tgz

The server is a typical TCP/IP server with a vulnerable strcpy()
function... a standard buffer overflow... However, it will be
assumed that a random address based stack is in effect and a
return-to-libc technique is sought... shell access will be the
requirement to attain, either as (root || user id)... though
root id shall be given preference to the challenge...

Successful submissions are to be sent privately to:
steve@covertsystems.org

Of which successful and confirmable results that fill the basic
requirements of the challenge may be posted to the vuln-dev
mailing list... or any other noteworthy submissions...

Regards,

        Steven Hill aka: SolarIce

- --

 ---=[ Covertsystems Research ]=------------------------------//
 = www.covertsystems.org -
 = Exploitation Research & Development -
 = Specializing in UNIX/Linux Systems -
 --------------------------------------------=[ SolarIce ]=---//

 --The more one reads & learns, the less the other person knows.

The information in this email is confidential and may be legally
privileged. It is intended solely for the addressee. Access to
this email by anyone else is unauthorized. If you are not the
intended recipient, any disclosure, copying, distribution or any
action taken or omitted to be taken in reliance on it is
expressly prohibited and may be unlawful.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCzQQzOUBnGgmaNvcRAnQzAJ9GxNDYRm2PVGmvXVXqnqf7dpPddwCgqIvQ
jRfBc6AmWlR0/pyk5q3jOxI=
=lbUw
-----END PGP SIGNATURE-----

• Previous message: Marco Ivaldi: "Re: Exploit development in Per"
• Next in thread: supers0nic_at_redwhitearmy.com: "Re: CSR: Exploitation Challenge"
• Maybe reply: supers0nic_at_redwhitearmy.com: "Re: CSR: Exploitation Challenge"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]