vega:/home2/xfer$ id
uid=703(xfer) gid=100(users) groups=100(users)
vega:/home2/xfer$ uname -a
/* Red Hat :P */
Linux vega.but.pl 2.4.12-ac5+dpt_i2o #1 SMP Tue Oct 23 15:16:17 CEST 2001
i686 unknown
vega:/home2/xfer$ vi `perl -e 'print "x" x 9000'`
Vim: Double signal, exiting
Segmentation fault
/* I had to reset my tty after causing sigsegv */
vega:/home2/xfer$ export DUPA=`perl -e' print "x" x 9000'`
vega:/home2/xfer$ gdb `which vi`
GNU gdb 4.17.0.11 with Linux support
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-redhat-linux"...
(no debugging symbols found)...
(gdb) r $DUPA
Starting program: /bin/vi $DUPA
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
chunk_alloc (ar_ptr=0x403bf580, nb=9024) at malloc.c:2723
malloc.c:2723: No such file or directory.
(gdb) info reg
eax: 0x80fecc0 135261376
ecx: 0x403bf580 1077671296
edx: 0x78785538 2021152056
ebx: 0x403c11b4 1077678516
esp: 0xbfffb3c0 -1073761344
ebp: 0xbfffb40c -1073761268
esi: 0x80fc980 135252352
edi: 0x78785539 2021152057
eip: 0x4032ed89 1077079433
(gdb)
This is output from vi vulnerablity (malloc) but one time i caused sigsegv
but in strcat() function... Couldn't send output of it because my damn
console scrolled a bit...
Greets...
#$@#$@@%%%#&# [xfer][Hubert Pasternak] @#@!$#@!$^#$
$% [E-Mail: xferat_private][Mobile: +48609928174] $#
##$% [ EP BUT Ltd. Network Security Specialist] #$@
This archive was generated by hypermail 2b30 : Mon Nov 12 2001 - 23:05:04 PST