DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 1st July 2008
t4y4n t4y4n is offline
Port Guard
 
Join Date: May 2008
Posts: 12
Default Attention A Nwe Local Root Exploit

HI ALL
THIS LINK local root exploit IS A NEW EXPLOIT FOR OPENBSD BOXES
I SEE THE FILM >> IT WORKS

BE CAREFUL TO PERMS FOR EXECUATION
Reply With Quote
  #2   (View Single Post)  
Old 1st July 2008
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

The movie is here:
http://lul-disclosure.net/lulz/openb...the_movie.html

Not quite work safe btw...
Also, it's flash ...

Oh, and what a childish guy ...
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 1st July 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

OpenBSD 4.0? isn't that discontinued anyway? they exploited something *already* fixed by the developers in a newer release?

How lame is that? personally, I think that guy should be jailed.. and the "milworm" site shut down, as Carpetsmoker said, they're children that definitely need to be disciplined.
Reply With Quote
  #4   (View Single Post)  
Old 1st July 2008
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

Does this only work for OpenBSD 4.0? haha, even *I* can find exploits this way
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #5   (View Single Post)  
Old 1st July 2008
t4y4n t4y4n is offline
Port Guard
 
Join Date: May 2008
Posts: 12
Default

humm i think test needed :d
Reply With Quote
  #6   (View Single Post)  
Old 1st July 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

It does not work on OpenBSD 4.3, at the sysctl call OpenBSD prints "Operation not supported" to stderr.

It does display some scrolling text video, but that's not an exploit and can be done by anyone..

Test environment: QEMU with -net none option..
Reply With Quote
  #7   (View Single Post)  
Old 2nd July 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

The flash went by so fast (under gnash) that I could only get a glimpse, and what I saw of it looked eerily similar to another faked "exploit" of a machine named "theo<something>...@openbsd.org" from about a decade ago. If this is the same person, then I assume they haven't aged a day in that time.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Local transfer is slow. maurobottone OpenBSD General 1 10th January 2009 02:12 PM
vbox: possible exploit Mr-Biscuit Other BSD and UNIX/UNIX-like 9 18th October 2008 06:33 PM
local dns (dnsmasq) bsdperson FreeBSD Ports and Packages 3 3rd September 2008 06:48 AM
Generic PHP Exploit hunteronline FreeBSD Security 9 19th August 2008 09:45 PM
proxy : replace gif with local gif milo974 OpenBSD General 4 17th July 2008 06:45 AM


All times are GMT. The time now is 11:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick