Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: No shell => secure?
From: npguy <npguy () websurfer com np>
Date: Fri, 9 Jul 2004 21:14:07 +0545

On Friday 09 July 2004 08:19 am, hax wrote:
2)  That'd stop a lot of skript kiddies, I guess, but it'd be pretty
trivial to just rework the shellcode to call some other command
instead of /bin/sh.

if this is single target. attacker can guess your setting and keeping
executing any commands it could possible target to execute more attack
what about wget from shellcode.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]