also<br><br>YAY!<br><br><div class="gmail_quote">On Dec 13, 2007 10:20 PM, Fredrick Diggle <<a href="mailto:fdiggle@gmail.com">fdiggle@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
You should post this to milw0rm as it can always use quality exploit code like this. I also have some priv8 code which I would like to disclose which is the same type of vulnerability.<br><br>/*<br> * Author: Fredrick Diggle
<br> * Vuln: execve system call allows arbitrary code execution<br> * Status: VERY PRIV8<br> * DO NOT RELEASE OR FRED DIGGLE WILL EAT YOUR FAMILY<br> */<br>#include <stdlib.h><br>#include <stdio.h><br>#include <
unistd.h><br>#define INFINITY 73<br>#ifdef DIGGLEISAWESOME<br>int main(int argc, char **argv) {<br> if (argc < 2) { fprintf(stderr, "usage: %s [command to run]\n\tPRIV8 Fred Diggle 0day\n", argv[0]); return INFINITY; }
<br> execve(argv[1], &argv[1], 0);<br>}<br>#endif<br><br><br><br><div class="gmail_quote"><div><div></div><div class="Wj3C7c">On Dec 13, 2007 8:57 PM, kcope <<a href="mailto:kingcope@gmx.net" target="_blank">kingcope@gmx.net
</a>> wrote:<br></div></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div><div></div><div class="Wj3C7c">
exploiting "features"<br><br>(see attached)<br><br>- -kcope / 2007<br><font color="#888888"><br>--<br>Psssst! Schon vom neuen GMX MultiMessenger gehört?<br>Der kann`s mit allen: <a href="http://www.gmx.net/de/go/multimessenger" target="_blank">
http://www.gmx.net/de/go/multimessenger</a><br></font><br></div></div>_______________________________________________<br>Full-Disclosure - We believe in it.<br>Charter: <a href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">
http://lists.grok.org.uk/full-disclosure-charter.html</a><br>Hosted and sponsored by Secunia - <a href="http://secunia.com/" target="_blank">http://secunia.com/</a><br></blockquote></div><br>
</blockquote></div><br>