lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <6.2.1.2.0.20060519200248.03773a60@172.16.1.10>
Date: Fri, 19 May 2006 20:03:00 +0530
From: Sanjay Rawat <sanjayr@...oto.com>
To: Tauqeer Ahmad <ahmadtauqeer@...oo.com>, bugtraq@...urityfocus.com
Subject: Re: POC exploit for freeFTPd 1.0.10


Hello Ahmad:
I am wondering why you have not given option for Windows 2000 SP4 
Professional in your python code. Is there any technical difficulty?
I think one can include the following snippet in your code after line # 95
---------------------------------------
elif value == '4:
                 eip = "\x29\x4c\xE1\x77"  # 77E14c29 JMP ESP IN USER32.DLL 
(windows 2000 Prof. SP4)
-------------------------------------

Please correct me if I am missing something. As of now, I could not test 
this addition though.

regards
-Sanjay

At 09:48 PM 5/17/2006, Tauqeer Ahmad wrote:
>Hi,
>
>The exploit that i publish for freeSSHd 1.0.9 will
>work against freeFTPd 1.0.10 as well. Upgrade to the
>lattest version of freeFTPd.
>
>http://www.securityfocus.com/data/vulnerabilities/exploits/2680392359-ssh.py
>
>Disclaimer:
>
>All the information and exploit in this mail and the
>previous are provided for the educational purpose
>only. Please do not i repeat do not run this exploit
>against any system without prior permission.
>
>Regards,
>
>Tauqeer Ahmad
>0x-Scientist-x0
>
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam?  Yahoo! Mail has the best spam protection around
>http://mail.yahoo.com

Sanjay Rawat
Senior Software Engineer
INTOTO Software (India) Private Limited
Uma Plaza, Above HSBC Bank, Nagarjuna Hills
PunjaGutta,Hyderabad 500082 | India
Office: + 91 40 23358927/28 Extn 422
Website : www.intoto.com
   Homepage: http://sanjay-rawat.tripod.com






Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ