mailing list archives
Re: BoS: bind() Security Problems
From: avalon () coombs anu edu au (Darren Reed)
Date: Mon, 5 Feb 1996 21:18:09 +1100
In some mail from invalid opcode, sie said:
Yes, but if you do this:
netcat -lvv -s 188.8.131.52 -p 2049 -e exploit.sh&
tee crap | netcat 184.108.40.206 2049
and than you can capture it all to the file: crap, and redirect it to the
A couple of things. First, I answered the comments about IRC, not NFS.
My comments were not at all relevant to NFS (maybe I should have
deleted more text).
Second, you can prevent the above from working (see CERT Advisories on
NFS security problems) so that all that really does happen is you stop
the NFS packets reaching their real destination. This latter bit is,
as the original poster mentioned, not able to be prevented easily on
most operating systems, commercially available today.
On Thu, 1 Feb 1996, Darren Reed wrote:
In some mail from Bernd Lehle, sie said:
w00p% nc -v -v -u -s 220.127.116.11 -p 2049
listening on [18.104.22.168] 2049 ...
To take a look at irc packets: nc -v -v -l -s Your.IP.Adress -p 6667
This won't get you messages between already connected clients and servers.
Yes, you might be able to make clients connect, at first, to you and not
a real server, but it is going to be obvious to the client: the connection
won't complete as netcat won't generate the server replies which many
clients now look for to indicate the confirmation of a connection.