Re: character injecting on linux console

From: Nelson Brito (nelson@tw-award.com)
Date: Tue Oct 09 2001 - 07:50:24 PDT

  • Next message: Nelson Brito: "Re: WebSitePro format bug + (old) its path."

    : I think this issue popped up several times on BUGTRAQ few years ago...
    : This is a pretty interesting issue, because e.g. pine used to escape such
    : characters improperly (not sure if this is still any problem, I reported
    : it a while ago).
    
    I didn't remember this issue on BUGTRAQ, but I can't point it out that this
    is OLD-NEWS in the wild.
    
    About 3 years ago I realized this scenario and began my own search and
    research, and I found a excelent reference from ADM Crew.
    
    So, if you know how to use this information you can do a lot of things.
    
    If you want read the ADM Crew's original issue, take a look at:
    http://packetstorm.decepticons.org/groups/ADM/sploits/ADMesc
    
    Hope this help.
    
    Sem mais,
    --
    # Nelson Brito
    # Independent Security Consultat
    # Use: perl $0 /path/to/apache/access_log
    use Socket;while(<>){if($_=~/default.ida/){split(/-/,$_);$n=(gethostbyaddr
    (inet_aton($_[0]),PF_INET))[0];$v=$_[3]=~/\?N/?"I":"II";$HST=length($n)!=0
    ?$n:"unknow hostname";print"IP: $_[0] => HOST: $HST => CodeRed: v.$v\n";}}
    



    This archive was generated by hypermail 2b30 : Sun Dec 09 2001 - 10:19:03 PST