"f.johan.beisser" wrote: > i tested out a binary exploit that "supposedly" worked on OpenSSH 2.3 to > 3.0 (but not 3.0.1p1), and had it fail each time. it aparently does attack > the CRC bug in unpatched/vulnerable versions of ssh. > > the exploit is (supposedly) encrypted, stripped, and for x86 linux. the > binary has an md5 checksum of 1309689a9af6b82e11e8dfa5c6282c30. it's > ruffly 1.4 megs in size. i've only seen it as "x2". I know that the x2 binary uses a targetfile with some offsets for different sshd. The one I've seen omly contains offsets for SSH-1.2.27 and OpenSSH-2.2.0p1. If this exploit really works against OpenSSH-2.9.9 you'll need a targetfile with the offsets for OpenSSH-2.9.9. /Johan Augustsson -------------------------------------------------------------------- Johan Augustsson Phone: +46 (0)31 773 1000 Incident Response Team Fax: +46 (0)31 773 1087 Göteborg University E-mail: Johan.Augustssonat_private Sweden -------------------------------------------------------------------- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 09:02:47 PST