Nanog traceroute format string exploit.

From: SpaceWalker (spacewalkerat_private)
Date: Sun Jul 21 2002 - 05:09:24 PDT

Next message: Robert Buckley: "RE: Bind recursive queries quota."

Previous message: Crispin Cowan: "WireX Immunix Adversary, DefCon"
Next in thread: SpaceWalker: "Nanog traceroute format string exploit."
Reply: Ryan Mansager: "Re: Nanog traceroute format string exploit."
Reply: Ryan Mansager: "Re: Nanog traceroute format string exploit."
Reply: Olaf Kirch: "Re: Nanog traceroute format string exploit."
Reply: Olaf Kirch: "Re: Nanog traceroute format string exploit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
As the vulnerability has been published some weeks ago, and no working exploit has been released (the perl exploit was joke) I decided to release my private exploit.
I do it only because 
-This exploit will never be used to haxor something because I never saw this traceroute used by default
-This exploit find offsets "by the proper way" and doesn't place the target adresses in the format string. (and is interresting to study for beginners).

Have phun, please don't haxor with it.
SpaceWalker

application/octet-stream attachment: tracerouteexp.tgz

Next message: Robert Buckley: "RE: Bind recursive queries quota."
Previous message: Crispin Cowan: "WireX Immunix Adversary, DefCon"
Next in thread: SpaceWalker: "Nanog traceroute format string exploit."
Reply: Ryan Mansager: "Re: Nanog traceroute format string exploit."
Reply: Ryan Mansager: "Re: Nanog traceroute format string exploit."
Reply: Olaf Kirch: "Re: Nanog traceroute format string exploit."
Reply: Olaf Kirch: "Re: Nanog traceroute format string exploit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Jul 21 2002 - 08:44:14 PDT