> curious how you plan to inject code if the only way to get the seg. fault > is to enter a bare '~'? Kinda limits what you can get on the stack, no? Actually you can do this: CWD ~/fffffffffffffffffffffff.. (etc) I could fit about 390 bytes after the ~/ when I tried it against Solaris 7. also works with MKD RMD Try it, you'll like it.
- SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! Johnny Cyberpunk
- Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! Bertold Kolics
- Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! Crist Clark
- Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! Jasper Jans
- Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! ghandi
- Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! Konrad Rieck
- Re: SUN SOLARIS 5.6/5.7 FTP Globbing Exploit ! Warning3
