Hello bugtraq, For this xmas i'm releasing some of the exploits i've developed in the last months. Nothing so fancy, but i believe i've deployed some new/interesting techniques, specially on the Solaris/SPARC platform. Here's the index: raptor_chown.c local on Linux 2.6.x < 2.6.7-rc3 (CAN-2004-0497) raptor_udf.c MySQL privilege escalation procedure (code by NGS) raptor_rlogin.c remote on Solaris 2.5.1, 2.6, 7, 8 (CVE-2001-0797) raptor_ldpreload.c local on Solaris 2.6, 7, 8, 9 (CAN-2003-0609) raptor_libdthelp.c local on Solaris 7, 8, 9 (CAN-2003-0834) raptor_libdthelp2.c same as above, ret-into-ld.so version raptor_passwd.c local on Solaris 8, 9 (CAN-2004-0360) All the exploits are in the attached tarball. They are also freely downloadable from my homepage, at: http://www.0xdeadbeef.info/ Merry xmas and happy hacking ;) -- Marco Ivaldi Antifork Research, Inc. http://0xdeadbeef.info/ 3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707
Attachment:
raptor_xmas04.tgz
Description: Binary data