Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: SSH-1.2.27 & RSAREF2 exploit
From: core.lists.bugtraq () CORE-SDI COM (IvŠn Arce)
Date: Wed, 15 Dec 1999 16:52:49 -0300


Wakko Ellington Warner-Warner III wrote:

On Tue, 14 Dec 1999, [iso-8859-1] Iv√°n Arce wrote:

Ok,  here is the exploit for SSH-1.2.27 compiled with RSAREF2.
It was tested against sshd running on Linux (Redhat 6.0) and OpenBSD
2.6,
from a Linux Redhat 6.0 box.

The exploit is more or less "script-kid-proof" since if it doesnt work a
bit of
debugging, coding and probably crypto skills are needed to make it work.

Why was the code even posted to the list if it's basically useless?  I
wanted to check out my own machine with a working exploit, and I'm sure
most of the people that read this list wanted to do the same.  Now we're
going to have to wait for someone to take the time to "fix" your code up
and repost it to the list in working form.  Posting broken code that
anything beyond a trivial amount of work won't fix is just a waste of
time.


the code was posted to the list because we are getting several tenths of
mails per day asking us to do so.
As far as how useless it is to you....
well it works for us, read the last part of my message carefully and you'll
understand why it 'broken' for you.
altho. it would really be helpfull if you elaborate on the matter...
not much..
just telling exactly  WHAT IS BROKEN SO IT CAN BE FIXED

i just reposted a diff as attachment since apparently my MUA wrapped
the original one.

sincerely,
 -ivan


- Alex Prestin

--

"Despite the fact that all of my information about drugs is either
anecdotal or based on biased, often wildly inaccurate propaganda, I
think I am completely qualified to label all those who use drugs as
unworthy of the full-human status that I claim just for having a
beating heart (pumping squeaky-clean blood, no less!)" - seen on /.
                      -  -  -  -36-  -  -  -
        NIC: AP5514 http://bitey.net wakko () bitey net

another explanation for why its broken for you may be found if
one analyses the signatures in both of our mails.
btw, im CC: bugtraq, since you decide to post  to
the list instead of notifying us of our brokeness first.
bad bad bad evil crackers dont notify the vendors first!


--
"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 It's nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce

==================[ CORE Seguridad de la Informacion S.A. ]=========
Iv√°n Arce
Presidente
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
email: iarce () core-sdi com
http://www.core-sdi.com
Pte. Juan D. Peron 315 Piso 4 UF 17
1038 Capital Federal
Buenos Aires, Argentina.              Tel/Fax : +(54-11) 4331-5402
Casilla de Correos 877 (1000) Correo Central
=====================================================================

--- For a personal reply use iarce () core-sdi com



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault