Again, considering there was no nasty code in there, it was safe enough to run.
Give it a break dude, you ain't going to get an argument out of me lol :) On Mon, Dec 13, 2010 at 9:21 PM, Benji <m...@b3nji.com> wrote: > I know in your perfect world nothing could ever break out of a sandbox, but > this just isnt true. > > No more coco-pops for you, maybe some brain food! > > > On Mon, Dec 13, 2010 at 9:19 PM, Cal Leeming [Simplicity Media Ltd] < > cal.leem...@simplicitymedialtd.co.uk> wrote: > >> >> 1. It ran on a one-time server which gets re-generated every time its >> restarted (which is everytime a testing session has finished) >> 2. I did a *very* brief look in the code for shell code etc, and based >> on the noise already on the board, there wasn't any risk. >> 3. Even if there was dodgy shell code in there, it still would have >> posed no risk, because the sandbox is re-generated every time (see comment >> 1) >> >> No more troll feed for you! >> >> On Mon, Dec 13, 2010 at 9:16 PM, Benji <m...@b3nji.com> wrote: >> >>> wait wait wait. >>> >>> you dont have time to read header notes, but do have time to run code you >>> dont really know what it does on your system? >>> >>> can I send you some code? it's a linux 2.6.* 0day, remote root. >>> >>> >>> On Mon, Dec 13, 2010 at 9:14 PM, Cal Leeming [Simplicity Media Ltd] < >>> cal.leem...@simplicitymedialtd.co.uk> wrote: >>> >>>> Sorry Dan, I did a very quick copy and paste job, without reading the >>>> headers. I simply don't have time to read the code notes of every single >>>> exploit released. >>>> >>>> I would say that, if you are fed up with being inundated with emails, >>>> then perhaps you should mark these notes very clearly in big red >>>> writing at the top of the email like this, for those people who don't >>>> have much time to read these notes ;) >>>> >>>> On Mon, Dec 13, 2010 at 9:08 PM, <dan.j.rosenb...@gmail.com> wrote: >>>> >>>>> Please don't inundate me with e-mail because none of you bothered to >>>>> read the exploit header. >>>>> >>>>> The exploit so far has a 100% success rate on the systems it was >>>>> designed to work on. >>>>> >>>>> I don't think this is rocket science. If your distribution does not >>>>> compile Econet, then the exploit obviously won't be able to open an Econet >>>>> socket. This includes Arch Linux, Gentoo, Fedora, Red Hat, CentOS, >>>>> Slackware, and more. This doesn't mean you're not vulnerable, it just >>>>> means >>>>> this particular exploit won't work. >>>>> >>>>> If your distro doesn't export the relevant symbols (Debian), ditto >>>>> above. >>>>> >>>>> If your distro has patched the Econet vulnerabilities I used to trigger >>>>> this (Ubuntu), ditto above. >>>>> >>>>> This was done on purpose, to avoid giving a weaponized exploit to >>>>> people who shouldn't have one. >>>>> >>>>> -Dan >>>>> >>>>> >>>>> Sent from my Verizon Wireless BlackBerry >>>>> >>>>> -----Original Message----- >>>>> From: "Cal Leeming [Simplicity Media Ltd]" >>>>> <cal.leem...@simplicitymedialtd.co.uk> >>>>> Sender: full-disclosure-boun...@lists.grok.org.uk >>>>> Date: Mon, 13 Dec 2010 20:40:45 >>>>> To: Ariel Biener<ar...@post.tau.ac.il> >>>>> Cc: <leandro_li...@portari.com.br>; <fireb...@backtrack.com.br>; < >>>>> bugt...@securityfocus.com>; <full-disclosure@lists.grok.org.uk> >>>>> Subject: Re: [Full-disclosure] Linux kernel exploit >>>>> >>>>> _______________________________________________ >>>>> Full-Disclosure - We believe in it. >>>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>>> >>>> >>>> >>>> >>>> -- >>>> >>>> Cal Leeming >>>> >>>> Operational Security & Support Team >>>> >>>> *Out of Hours: *+44 (07534) 971120 | *Support Tickets: * >>>> supp...@simplicitymedialtd.co.uk >>>> *Fax: *+44 (02476) 578987 | *Email: * >>>> cal.leem...@simplicitymedialtd.co.uk >>>> *IM: *AIM / ICQ / MSN / Skype (available upon request) >>>> Simplicity Media Ltd. All rights reserved. >>>> Registered company number 7143564 >>>> >>>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>> >>> >> >> >> -- >> >> Cal Leeming >> >> Operational Security & Support Team >> >> *Out of Hours: *+44 (07534) 971120 | *Support Tickets: * >> supp...@simplicitymedialtd.co.uk >> *Fax: *+44 (02476) 578987 | *Email: *cal.leem...@simplicitymedialtd.co.uk >> >> *IM: *AIM / ICQ / MSN / Skype (available upon request) >> Simplicity Media Ltd. All rights reserved. >> Registered company number 7143564 >> >> > -- Cal Leeming Operational Security & Support Team *Out of Hours: *+44 (07534) 971120 | *Support Tickets: * supp...@simplicitymedialtd.co.uk *Fax: *+44 (02476) 578987 | *Email: *cal.leem...@simplicitymedialtd.co.uk *IM: *AIM / ICQ / MSN / Skype (available upon request) Simplicity Media Ltd. All rights reserved. Registered company number 7143564
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/