FIX THIS DAMMIT!!! --------- Tyler "[TASF]Overkill" Schwend "Semper facere bonum, an a amare odium, vita mors." --- Server operator of [LCGA]Telefragged: Counter-Strike: telefragged.lynchburg.edu:27015 http://schwend-t.web.lynchburg.edu
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] > Behalf Of Erik van > den Berg > Sent: Tuesday, June 03, 2003 7:28 AM > To: [EMAIL PROTECTED] > Subject: [hlds_linux] the %n bug > > > This is a multi-part message in MIME format. > -- > [ Picked text/plain from multipart/alternative ] > why the %n bug was dangerous, and no one should even > considering > running 3.1.1.1, 3.1.1.1a, b2 or b3 ! > > ------ > /* > Halflife 3.1.1.1 - Remote exploit by > eSDee ([EMAIL PROTECTED]) > > ------------------------------------------------------- > ------------------------ > This is unpublished proprietary material of Netric Security. > > Copyright (c) 2003 Netric Security > All rights reserved. > > THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY > EXPRESS OR IMPLIED > WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE > IMPLIED WARRANTIES OF > MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. > */ > > /* > [EMAIL PROTECTED] gcc -o half half.c && ./half -t1 10.0.0.7 > Halflife 3.1.1.1 - Remote exploit by eSDee ([EMAIL PROTECTED]) > > [+] Challenge id : 2372212547 > [+] Write address: 0x08059780 > [+] Shell address: 0x405ce45c > [+] Shellcode xorred with 0x60. > Linux flopppp 2.4.18-14 #1 Wed Sep 4 12:13:11 EDT > 2002 i686 athlon i386 GNU/Linux > uid=0(root) gid=0(root) > groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) > > */ > > and there you have a shell on the machine running the > half life server > > > -- > - > > Met vriendelijke groet, > Erik van den Berg > > Server Administrator/Unix Security Consultant > Technische Dienst XL-Hosting > > http://www.xl-hosting.com > [EMAIL PROTECTED] > -- > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view > the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
