Re: [Full-disclosure] samba exploit - remote root colonel 0day
Massive 0day hide all your printers. http://pastebin.com/AwpsBWVQ I now see that the code on pastebin is identical to http://www.securityfocus.com/bid/52973/exploit so is known fixed since Samba 3.6.4 . Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] samba exploit - remote root colonel 0day
{*} samba 3.x remote root by bla...@fail0verflow.com {*}
Give some credit to the guy who actually made this.
2012/9/24 k...@hushmail.me
Massive 0day hide all your printers.
http://pastebin.com/AwpsBWVQ
1. # finding targets 4 31337z:
2. # gdb /usr/sbin/smbd `ps auwx | grep smbd | grep -v grep | head -n1
| awk '{ print $2 }'` `echo -e print system` | grep '$1'
3. #- to get system_libc_addr, enter this value in the
'system_libc_offset' value of the target_finder, run, sit back, wait for
shell
by kd aka r4c1st of *eax*
Sent using Hushmail
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] samba exploit - remote root colonel 0day
Dear genius
I believe the point was to not give credit
lot of love,
captain obvious
On Mon, Sep 24, 2012 at 4:04 PM, Julius Kivimäki
julius.kivim...@gmail.com wrote:
{*} samba 3.x remote root by bla...@fail0verflow.com {*}
Give some credit to the guy who actually made this.
2012/9/24 k...@hushmail.me
Massive 0day hide all your printers.
http://pastebin.com/AwpsBWVQ
# finding targets 4 31337z:
# gdb /usr/sbin/smbd `ps auwx | grep smbd | grep -v grep | head -n1 | awk
'{ print $2 }'` `echo -e print system` | grep '$1'
#- to get system_libc_addr, enter this value in the
'system_libc_offset' value of the target_finder, run, sit back, wait for
shell
by kd aka r4c1st of eax
Sent using Hushmail
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] samba exploit - remote root colonel 0day
Massive 0day hide all your printers.
http://pastebin.com/AwpsBWVQ
*# finding targets 4 31337z:*# gdb /usr/sbin/smbd `ps auwx | grep
smbd | grep -v grep | head -n1 | awk '{ print $2 }'` ___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] samba exploit - remote root colonel 0day
Dear KD, Massive 0day hide all your printers. http://pastebin.com/AwpsBWVQ That webpage says: ... targets = ... samba_3.6.3-debian6 ... (and older), and CVE-2012-1182 was fixed in 3.6.4 in April. Does this issue affect current Samba 3.6.8? Thanks, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
