lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.SGI.4.44.0208271136060.193553-100000@hexeris>
From: aliver at xexil.com (aliver@...il.com)
Subject: Re: oops

On Wed, 28 Aug 2002, zen-parse wrote:
> oops
> ./xxt -i inp.xxt -k woot -d -x -o /etc/shadow
> probably be better to overwrite some daemon with /bin/sh
> and connect,or something like that.

/me chuckes at self and rummages for O_EXCL flag

Good job, and nice "stuff". Only you weren't on my list of trash talkers.
It's not quite a cryptographic reversal or a overflow exploit for some
unchecked buffer, but it makes a damn good point. In a SUID situation xxt
should most definitely use an exclusive open.

I hearby declare you the winner of the SETUID portion of the trash talker
challenge but do not dub you a trash talker. It doesn't quite fit what I
originally stated, but I think it qualifies. Email me privately and I'll
send you your 50 bucks. I'm a man of my word.  Also I'll still offer 50 to
anyone who can actually reverse the crypto. You've taught me an important
lesson, which I think is this: never resort to trash talking while dealing
with trash-talkers OR never drink a couple of cranvodkas and write email
to a public list. :-)

aliver

> your help page is wrong about either the -u option, or the example code
> too..

Is it? Hmm I'll check that out. Thanks.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ