On Tue, Jun 7, 2011 at 4:12 PM, Marshall Whittaker <marshallwhitta...@gmail.com> wrote: > Dan, did you come up with that on the spot or is there already a whitepaper > on it?
I haven't seen any whitepapers on this. I think it's the sort of thing that people just figure out when needed, or pull from their bag of tricks. -Dan > Anyway now that the cats out of the bag... See attached. :) No more bids > please. Dan was correct. > > On Tue, Jun 7, 2011 at 9:38 AM, Dan Rosenberg <dan.j.rosenb...@gmail.com> > wrote: >> >> On Tue, Jun 7, 2011 at 6:19 AM, Marshall Whittaker >> <marshallwhitta...@gmail.com> wrote: >> > Hello, >> > I am willing to sell a new attack vector I have devised. The proof of >> > concept code you will receive has the ability to arbitrarily upload >> > files to >> > a webserver (tested on Apache), running linux with the well known perl >> > read >> > pipe vulnerability in many web CGI applications. This issue can also be >> > leveraged through PHP LFI and RFI attacks, and through almost any other >> > remote command execution vulnerability. >> >> If you have a remote command execution vulnerability, couldn't you >> just leverage whatever useful binaries are available on the victim >> machine (perl, python, echo) to simply copy your exploit/file/etc. to >> disk by printing it byte-by-byte, possibly in pieces? Did I ruin the >> surprise? >> >> -Dan > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
