no i already have seen a working exploit, and i can write one too, and if i can do it alot of others can do too :) its just a matter of time when they get public
----- Original Message ----- From: "B�rge Amundsen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 30, 2003 11:55 PM Subject: Re: [hlds_linux] HLDS Expolits. > On Wed, Jul 30, 2003 at 09:07:34PM +0200, Erik van den Berg wrote: > | yes it can, when the exploit succeeds (not a crash what we have seen so > | far), the code that is in the exploit is executed, and if that code is > | portbinding shellcode (it opens another port, and if you telnet to that port > | /bin/sh will be executed and you will have shell access). > > Is this trivial to do ? should i expect my box to be rooted as of yet ? > Have ther been released scripts to gain shell with this exploit ? or is > this more like "it could be possible" ? > > > | > | ----- Original Message ----- > | From: <[EMAIL PROTECTED]> > | To: <[EMAIL PROTECTED]> > | Sent: Wednesday, July 30, 2003 9:00 PM > | Subject: Re: [hlds_linux] HLDS Expolits. > | > | > | > Would it to be possible for them to get shell access to the users account > | if > | > shell is disabled for the users? ALL users running hlds on my servers have > | > zero shell access since no one neds shell access but me. So is it even > | > possible for them to use this to gain shell access with a username with no > | > shell access? > | > > | > Thanks > | > Jeremy > | > > | > > | > Quoting Erik van den Berg <[EMAIL PROTECTED]>: > | > > | > > heh, crashing is not the bad thing, i was talking about getting shell > | access > | > > as the user running the hlds > | > > > | > > ----- Original Message ----- > | > > From: <[EMAIL PROTECTED]> > | > > To: <[EMAIL PROTECTED]> > | > > Sent: Wednesday, July 30, 2003 1:40 PM > | > > Subject: Re: [hlds_linux] HLDS Expolits. > | > > > | > > > | > > > Yes, and it works quite well. > | > > > Somebody has already started to crash our servers. > | > > > *sigh* > | > > > > | > > > -jmoen- > | > > > > | > > > > oh and i have seen a linux version for the exploit so prepare > | yourselves > | > > > > > | > > > > > | > > > > ----- Original Message ----- > | > > > > From: "Hlds Linux" <[EMAIL PROTECTED]> > | > > > > To: <[EMAIL PROTECTED]> > | > > > > Sent: Wednesday, July 30, 2003 1:18 PM > | > > > > Subject: Re: [hlds_linux] HLDS Expolits. > | > > > > > | > > > > > | > > > >> The posted "iptables" Script is not enough. > | > > > >> A exploit need only on conenction to the port, so port-limiting is > | not > | > > a > | > > > >> fix. > | > > > >> Greetz > | > > > >> ----- Original Message ----- > | > > > >> From: "Erik van den Berg" <[EMAIL PROTECTED]> > | > > > >> To: <[EMAIL PROTECTED]> > | > > > >> Sent: Wednesday, July 30, 2003 11:55 AM > | > > > >> Subject: Re: [hlds_linux] HLDS Expolits. > | > > > >> > | > > > >> > | > > > >> > Heh, the main thing that makes me mad is that valve has not even > | > > > >> patched > | > > > >> > this since april 14th. > | > > > >> > > | > > > >> > -- > | > > > >> > - > | > > > >> > > | > > > >> > Met vriendelijke groet, > | > > > >> > Erik van den Berg > | > > > >> > > | > > > >> > Server Administrator/Unix Security Consultant > | > > > >> > Technische Dienst XL-Hosting > | > > > >> > > | > > > >> > http://www.xl-hosting.com > | > > > >> > [EMAIL PROTECTED] > | > > > >> > ----- Original Message ----- > | > > > >> > From: <[EMAIL PROTECTED]> > | > > > >> > To: <[EMAIL PROTECTED]> > | > > > >> > Sent: Wednesday, July 30, 2003 2:29 AM > | > > > >> > Subject: RE: [hlds_linux] HLDS Expolits. > | > > > >> > > | > > > >> > > | > > > >> > > The main thing that makes me mad is not that I have to upgrade > | to > | > > > >> get > | > > > >> the > | > > > >> > > fix, but I have to upgrade to the next 4.1.1.0x version which > | will > | > > > > kill > | > > > >> my > | > > > >> > > servers since the CPU usage blows. > | > > > >> > > | > > > >> > > | > > > >> > _______________________________________________ > | > > > >> > To unsubscribe, edit your list preferences, or view the list > | > > archives, > | > > > >> please visit: > | > > > >> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > > >> > > | > > > >> > > | > > > >> > | > > > >> _______________________________________________ > | > > > >> To unsubscribe, edit your list preferences, or view the list > | archives, > | > > > > please visit: > | > > > >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > > >> > | > > > >> > | > > > > > | > > > > > | > > > > _______________________________________________ > | > > > > To unsubscribe, edit your list preferences, or view the list > | archives, > | > > > > please visit: > | > > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > > > > | > > > > | > > > _______________________________________________ > | > > > To unsubscribe, edit your list preferences, or view the list archives, > | > > please visit: > | > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > > > | > > > | > > > | > > _______________________________________________ > | > > To unsubscribe, edit your list preferences, or view the list archives, > | please > | > > visit: > | > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > > | > > | > > | > > | > _______________________________________________ > | > To unsubscribe, edit your list preferences, or view the list archives, > | please visit: > | > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > | > | > | _______________________________________________ > | To unsubscribe, edit your list preferences, or view the list archives, please visit: > | http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > -- > B�rge Amundsen > http://lv8pv.com > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
