[geeks] RE: geeks digest, Vol 1 #1931 - 19 msgs

Matthew Braun mjbraun at dkcs.com
Thu Jul 25 14:05:17 CDT 2002


> Message: 2
> Date: Thu, 25 Jul 2002 13:00:10 -0400 (EDT)
> From: mattyml at daemons.net
> To: geeks at sunhelp.org
> Subject: Re: [geeks] fw
> Reply-To: geeks at sunhelp.org

<snip>

> Security through obscurity is not a solution either. I read an interesting
> article about detecting remote OSs, and injecting payloads based on this
> reconnaissance. If you can make a probable guess, and find an OS,
> determining where to stick your payload on the stack is easy.  You could
> also cycle through shellcode for 20 platforms and inject accordingly :)
>
> - Ryan

IANASK (IANA Skr1pt k1dd13) but I have to imagine that cycling would be a
really bad thing to do. Assuming a sploit of a service that lets you execute
arbitrary machnine code, what you inject will probably crash the
process/system unless it is specifically for that processor/OS. Assuming a
bitstream that translates into i86 code is being fed to the system, I
shudder to think how a PPC might barf on that...

Once you crash the box (assuming good admins), they know you're there and
then you're compromised.

===========[b l i x]============
"I live in a giant bucket"
================================



More information about the geeks mailing list