On Fri, 21 Jun 2002 15:11:02 +0800 "yasho " <[EMAIL PROTECTED]> wrote:
> Az sym typ i ne razbiram - shto nqkoi ne zeme da mi obiasni kakyv mi e > problema kato izlezne klienta sys SEGFAULT i zatvoria connection-a ? a? Ili > moje bi vie polzvat 64-bit Unixi ili Winboze ili Netware ?-- Problema e, che ne zasjaga _samo_ 64bit Unices ili Windows, vupreki tvurdeniata na ISS, dokolkoto moze da se vjarva na GOBBLES (sledva header ot tehnia exploit za OpenBSD) /* * exploit.c * OPENBSD/X86 APACHE REMOTE EXPLOIT!!!!!!! * * ROBUST, RELIABLE, USER-FRIENDLY MOTHERFUCKING 0DAY WAREZ! * * BLING! BLING! --- BRUTE FORCE CAPABILITIES --- BLING! BLING! * * ". . . and Doug Sniff said it was a hole in Epic." * * --- * Disarm you with a smile * And leave you like they left me here * To wither in denial * The bitterness of one who's left alone * --- * * Remote OpenBSD/Apache exploit for the "chunking" vulnerability. Kudos to * the OpenBSD developers (Theo, DugSong, jnathan, *@#!w00w00, ...) and * their crappy memcpy implementation that makes this 32-bit impossibility * very easy to accomplish. This vulnerability was recently rediscovered by a slew * of researchers. * * The "experts" have already concurred that this bug... * - Can not be exploited on 32-bit *nix variants * - Is only exploitable on win32 platforms * - Is only exploitable on certain 64-bit systems * * However, contrary to what ISS would have you believe, we have * successfully exploited this hole on the following operating systems: * * Sun Solaris 6-8 (sparc/x86) * FreeBSD 4.3-4.5 (x86) * OpenBSD 2.6-3.1 (x86) * Linux (GNU) 2.4 (x86) * Razumno e da si podgotven i da ochakvash naj-loshoto, ako ne se sluchi - zdrave da e. Take care Boris Jordanov (borj) <[EMAIL PROTECTED]> ICQ 10751645 PGP-key-fingerprint:------------------------------ CB23 8B52 5FBC F36A 1B61 F1ED 2831 E52D AAFF 7B08 -------------------------------------------------- Public-key:--------------------------------------- http://borj.freeshell.org/borj.asc -------------------------------------------------- To err is human... to really foul up requires the root password.
msg11394/pgp00000.pgp
Description: PGP signature
