Just another example of xd's penchant for posting really old exploits coded by others:
http://valhalla.allalla.com/2013/08/exploit-samba-2-2-bruteforcer-root-exploit-x86/
Dont quote me on this, but, i KNOW 99% there is a few bugs
within samba 2.2.* still, and, glancing over some codes today
oprettymuch confirm it for windows, and, i decided, why include an
exploit, when the best attack (linux) wise, is to bruteforce the leading
bit, and subsequently, overwrite the evil c0de left by its devs..and,
it is alwatys at prettymuch same place…so hey, whynot..if cant brute
this then, you can use a different attack…wich, i cannnot release YET,
but, will as soon as i get the o.k from the authors who, seem to wish it
pvt… i aready did have a version, but, not ‘the’ new version…so, will
sit on it and just say one thing, there iS bugs in smb 1 and smb2
trans() area, wich is, moreso for win32 but, still there for many
linux…so, enjoy..
HaqNET
Yes, well, all this shows is xd's lack of progress more than
anything else, as he's still trying to exploit samba 2.2.*, when the
stable version of samba (at the time of this post) is 4.09.
Furthermore, xd seems unaware of modern exploit prevention methods such as ASLR and NX stack. Xd thinks that the address of the nopsled will always be static, and disregards the fact that returning to an address in a nopsled is a technique which will fail on almost all modern operating systems.
Especially laughable is how xd tries to save face by claiming that if the obsolete exploit fails, he has a private version of the exploit which he somehow cannot release (nevermind that the vulnerability is public and disclosed in 2003).
No comments:
Post a Comment