--- Begin Message ---
- To: nissuacfeneyrol@free.fr
- Subject: [Exploits] SSH Remote Root password Cracking Tool, Qt 3.x bmp Exploit ...
- From: K-OTik Security Survey <alertes@k-otik.com>
- Date: 22 Aug 2004 16:09:30 -0000
- Message-id: <20040822160930.6488.qmail@k-otik.com>
----------------------------------------------------------------------
K-OTiK Security / Exploits
----------------------------------------------------------------------
2002-2004 K-OTiK.COM © Threat and Security Survey 24h/24 and 7j/7
Backend/XML/RSS - http://www.k-otik.com/rss
----------------------------------------------------------------------
22.08.2004 : Qt 3.x bmp image parsing local buffer overflow Exploit
-----------
* [localhost] netstat -ant | grep 7000
* [localhost] gcc -Wall haqt.c
* [localhost] ./a.out 0x80be9f8 8
* [localhost] ./qvv suckit.bmp
* [localhost] netstat -ant | grep 7000
* tcp 0 0 0.0.0.0:7000 0.0.0.0:* LISTEN
* [n00b localho outernet] ./a.out
* Usage: ./a.out < retaddr > [ align ]
*
http://www.k-otik.com/exploits/08222004.haqt.c.php
-------------------------
22.08.2004 : SSH Remote Root password Brute Force Cracking Utility
-----------
* the first brutessh was only for users guest & test
* brutessh2 is a brute for sshd port wich atempts to login as root
* trying more than 2000 passwords for it.
* users guest , test , nobody and admin with no passwords are included.
This exploit is circulating in the wild. So protect your passwords.
http://www.k-otik.com/exploits/08202004.brutessh2.c.php
----------------------------------------------------------------------
----------------------------------------------------------------------
--- End Message ---