one that gains a shell ----- Original Message ----- From: "B�rge Amundsen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 12:10 AM Subject: Re: [hlds_linux] HLDS Expolits.
> On Thu, Jul 31, 2003 at 12:03:48AM +0200, Erik van den Berg wrote: > | no i already have seen a working exploit, > > You have seen a working exploit that gain a shell ? or just the exploit > for freezing, crashing ? > > | and i can write one too, and if i > | can do it alot of others can do too :) > | its just a matter of time when they get public > | > | ----- Original Message ----- > | From: "B�rge Amundsen" <[EMAIL PROTECTED]> > | To: <[EMAIL PROTECTED]> > | Sent: Wednesday, July 30, 2003 11:55 PM > | Subject: Re: [hlds_linux] HLDS Expolits. > | > | > | > On Wed, Jul 30, 2003 at 09:07:34PM +0200, Erik van den Berg wrote: > | > | yes it can, when the exploit succeeds (not a crash what we have seen so > | > | far), the code that is in the exploit is executed, and if that code is > | > | portbinding shellcode (it opens another port, and if you telnet to that > | port > | > | /bin/sh will be executed and you will have shell access). > | > > | > Is this trivial to do ? should i expect my box to be rooted as of yet ? > | > Have ther been released scripts to gain shell with this exploit ? or is > | > this more like "it could be possible" ? > | > > | > > | > | > | > | ----- Original Message ----- > | > | From: <[EMAIL PROTECTED]> > | > | To: <[EMAIL PROTECTED]> > | > | Sent: Wednesday, July 30, 2003 9:00 PM > | > | Subject: Re: [hlds_linux] HLDS Expolits. > | > | > | > | > | > | > Would it to be possible for them to get shell access to the users > | account > | > | if > | > | > shell is disabled for the users? ALL users running hlds on my servers > | have > | > | > zero shell access since no one neds shell access but me. So is it even > | > | > possible for them to use this to gain shell access with a username > | with no > | > | > shell access? > | > | > > | > | > Thanks > | > | > Jeremy > | > | > > | > | > > | > | > Quoting Erik van den Berg <[EMAIL PROTECTED]>: > | > | > > | > | > > heh, crashing is not the bad thing, i was talking about getting > | shell > | > | access > | > | > > as the user running the hlds > | > | > > > | > | > > ----- Original Message ----- > | > | > > From: <[EMAIL PROTECTED]> > | > | > > To: <[EMAIL PROTECTED]> > | > | > > Sent: Wednesday, July 30, 2003 1:40 PM > | > | > > Subject: Re: [hlds_linux] HLDS Expolits. > | > | > > > | > | > > > | > | > > > Yes, and it works quite well. > | > | > > > Somebody has already started to crash our servers. > | > | > > > *sigh* > | > | > > > > | > | > > > -jmoen- > | > | > > > > | > | > > > > oh and i have seen a linux version for the exploit so prepare > | > | yourselves > | > | > > > > > | > | > > > > > | > | > > > > ----- Original Message ----- > | > | > > > > From: "Hlds Linux" <[EMAIL PROTECTED]> > | > | > > > > To: <[EMAIL PROTECTED]> > | > | > > > > Sent: Wednesday, July 30, 2003 1:18 PM > | > | > > > > Subject: Re: [hlds_linux] HLDS Expolits. > | > | > > > > > | > | > > > > > | > | > > > >> The posted "iptables" Script is not enough. > | > | > > > >> A exploit need only on conenction to the port, so port-limiting > | is > | > | not > | > | > > a > | > | > > > >> fix. > | > | > > > >> Greetz > | > | > > > >> ----- Original Message ----- > | > | > > > >> From: "Erik van den Berg" <[EMAIL PROTECTED]> > | > | > > > >> To: <[EMAIL PROTECTED]> > | > | > > > >> Sent: Wednesday, July 30, 2003 11:55 AM > | > | > > > >> Subject: Re: [hlds_linux] HLDS Expolits. > | > | > > > >> > | > | > > > >> > | > | > > > >> > Heh, the main thing that makes me mad is that valve has not > | even > | > | > > > >> patched > | > | > > > >> > this since april 14th. > | > | > > > >> > > | > | > > > >> > -- > | > | > > > >> > - > | > | > > > >> > > | > | > > > >> > Met vriendelijke groet, > | > | > > > >> > Erik van den Berg > | > | > > > >> > > | > | > > > >> > Server Administrator/Unix Security Consultant > | > | > > > >> > Technische Dienst XL-Hosting > | > | > > > >> > > | > | > > > >> > http://www.xl-hosting.com > | > | > > > >> > [EMAIL PROTECTED] > | > | > > > >> > ----- Original Message ----- > | > | > > > >> > From: <[EMAIL PROTECTED]> > | > | > > > >> > To: <[EMAIL PROTECTED]> > | > | > > > >> > Sent: Wednesday, July 30, 2003 2:29 AM > | > | > > > >> > Subject: RE: [hlds_linux] HLDS Expolits. > | > | > > > >> > > | > | > > > >> > > | > | > > > >> > > The main thing that makes me mad is not that I have to > | upgrade > | > | to > | > | > > > >> get > | > | > > > >> the > | > | > > > >> > > fix, but I have to upgrade to the next 4.1.1.0x version > | which > | > | will > | > | > > > > kill > | > | > > > >> my > | > | > > > >> > > servers since the CPU usage blows. > | > | > > > >> > > | > | > > > >> > > | > | > > > >> > _______________________________________________ > | > | > > > >> > To unsubscribe, edit your list preferences, or view the list > | > | > > archives, > | > | > > > >> please visit: > | > | > > > >> > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > | > > > >> > > | > | > > > >> > > | > | > > > >> > | > | > > > >> _______________________________________________ > | > | > > > >> To unsubscribe, edit your list preferences, or view the list > | > | archives, > | > | > > > > please visit: > | > | > > > >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > | > > > >> > | > | > > > >> > | > | > > > > > | > | > > > > > | > | > > > > _______________________________________________ > | > | > > > > To unsubscribe, edit your list preferences, or view the list > | > | archives, > | > | > > > > please visit: > | > | > > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > | > > > > > | > | > > > > | > | > > > _______________________________________________ > | > | > > > To unsubscribe, edit your list preferences, or view the list > | archives, > | > | > > please visit: > | > | > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > | > > > > | > | > > > | > | > > > | > | > > _______________________________________________ > | > | > > To unsubscribe, edit your list preferences, or view the list > | archives, > | > | please > | > | > > visit: > | > | > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > | > > > | > | > > | > | > > | > | > > | > | > _______________________________________________ > | > | > To unsubscribe, edit your list preferences, or view the list archives, > | > | please visit: > | > | > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > | > > | > | > | > | > | > | _______________________________________________ > | > | To unsubscribe, edit your list preferences, or view the list archives, > | please visit: > | > | http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > | > -- > | > B�rge Amundsen > | > http://lv8pv.com > | > > | > _______________________________________________ > | > To unsubscribe, edit your list preferences, or view the list archives, > | please visit: > | > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > | > > | > | > | _______________________________________________ > | To unsubscribe, edit your list preferences, or view the list archives, please visit: > | http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > -- > B�rge Amundsen > http://lv8pv.com > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
