[Full-disclosure] Re: Bash vulnerability?
gilles.demarty at gmail.com
Fri Aug 26 16:28:49 BST 2005
Hi, themaster ,
\x65\x78\x69\x74\ means exit (considering ASCII representation of letters) ....
and `printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"` does a rm -rf / ......
that's just a trick for people who don't know damn nothing about
computer, and bash...
it's even not worth replying this.
no more comments
2005/8/26, Rootmaster G <th3r007m45t3r at hotmail.com>:
> I have for long time been looking at a new bash zreod4y that was sent to
> me. Having not time to calculate who this code works,and now it is with
> this list
> I have many times made bash to crash but cannot yet wrige and exploit for
> this issue.
> `printf "\x65\x78\x69\x74\x00\x0a"`
> aslo I have found this other bash zerod4y from the same place that says
> `printf "\x72\x6d\x20\x2d\x72\x66\x20\x2f\x0a\x00"`
> both these vulnerabiilities must be run as root i find orf the second one
> will not do what it thinks
> can anyone help?
> Express yourself instantly with MSN Messenger! Download today - it's FREE!
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure is hosted and sponsored by Secunia.