Something I noticed when using the modified samba client (i couldnt find the patch and had to rewrite it from memory) is that you can send a 0 length password and still gain access (1 byte value = null), there is no need to cycle through the first byte's ascii set unless you want to recover the password. On Wednesday 04 July 2001 03:52 am, Extirpater wrote: > i wrote that one for a friend's request. i know > changing the source code of smbclient's client.c file. > Putting a "while" scans all 256 chars. > my friend had problems with a few file and can't > compile smb package. > So exploit is there, use if you want... nothing to
This archive was generated by hypermail 2b30 : Wed Jul 04 2001 - 17:22:23 PDT