Re: ssh 1.2.27 exploit

From: Beto (core.lists.bugtraq@CORE-SDI.COM)
Date: Thu Dec 16 1999 - 11:21:43 PST

Next message: Robert Horvick: "Re: NT WinLogon VM contains plaintext password visible in admin m"

Previous message: Rob Jones: "Re: Reinventing the wheel (aka "Decoding Netscape Mail passwords")"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Daniel Jacobowitz wrote:
> 
> You also didn't include exploit_key:
> 

That's right, not a big issue, just create a public/private key pairs
using ssh_keygen and rename the private key to exploit_key. Put the key
in the current directory you are running the exploit, and remember to
set the correct file permisions (and owner).

Also, there's another thing you have to make to compile the exploit.
After running configure, edit the Makefile and add -DSSH_EXPLOIT to the
CFLAGS.

-- 

==============================[ CORE Seguridad de la Informacion S.A.
]=======
Alberto Soliño                                  WWW      
:www.core-sdi.com
Consultor                                       Email    
:asolino@core-sdi.com
Pte. Juan D. Peron 315 4p UF 17                 TE        :
+54-11-4331-5409
CP 1038 Capital Federal                         FAX       :
+54-11-4331-5402
Buenos Aires, Argentina
==============================================================================

--- For a personal reply use asolino@core-sdi.com

Next message: Robert Horvick: "Re: NT WinLogon VM contains plaintext password visible in admin m"
Previous message: Rob Jones: "Re: Reinventing the wheel (aka "Decoding Netscape Mail passwords")"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:21:50 PDT