Dear Angelo,
>As far as Media hype. I'm all for it. It keeps the IT job market strong.
Yeah! Long live F.U.D! Thanks Angelo, you can count on #MSNetworks to
back you 900% on any of your whitehat expeditions(Please do not
attempt to take us up on this, for you will be laughed at).
Love,
#M
day, September 27, 2004 3:30 PM
> To: morning_wood; [EMAIL PROTECTED]
> Subject: RE: [Full-Disclosure] MS04-028 Jpeg EXPLOIT with Reverse and
> Bind shell ...
>
> Eh, It would not be that hard to write up something that could revisit
> all of the computers that hit the web server to in
EMAIL PROTECTED] On Behalf Of
Castigliola, Angelo
Sent: Monday, September 27, 2004 3:30 PM
To: morning_wood; [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] MS04-028 Jpeg EXPLOIT with Reverse and
Bind shell ...
Eh, It would not be that hard to write up something that could revisit
all of the computers
06 PM
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] MS04-028 Jpeg EXPLOIT with Reverse and
Bind shell ...
umm, no
all this has thats different is correct headers for bind or remote shell
option. and ability to set ports and return ip in the code, instead of
needing to use your own shellcode
umm, no
all this has thats different is correct headers for bind or remote shell
option.
and ability to set ports and return ip in the code, instead of needing to
use your own shellcode ( or metasploits ) note: there is no new exploit code
or vector
--- / snip /-
ne
On Saturday 25 September 2004 16:59, raza wrote:
> I just compiled this and it works well..
>
> But It screwed up the graphic..but I think it supposed to do that right
> ?
>
> I got a connect back shell when I made the poisonjpeg !!
>
> Anyone else tried this ...
>
yes and it works very well.
> I
I just compiled this and it works well..
But It screwed up the graphic..but I think it supposed to do that right
?
I got a connect back shell when I made the poisonjpeg !!
Anyone else tried this ...
I can see this ones gaana be fun...
raz
ElviS .de wrote:
> the last step before the worm
ElviS .de wrote:
the last step before the worm
http://www.k-otik.com/exploits/09252004.JpegOfDeath.c.php
Are securepoint giving away consultancy jobs for the first working
implementation this time ?
;)
___
Full-Disclosure - We believe in it.
Charter:
