Re: Solaris mailtool exploit

[Toby DiPasquale <anany () ece villanova edu>]

Guys,

        This script did not work for me. I am running Solaris 8 on a Blade
100. I got the following messages when trying to run this exploit.

%gcc mailt00l.c
ld: warning: symbol `nop' has differing types:
        (file /tmp/.anany/cc1u5gXu.o type=OBJT; file /usr/lib/libc.so
type=FUNC);
        /tmp/.anany/cc1u5gXu.o definition taken
%./a.out
Archi: Sun Sparc
Using address: 0xffbef460
Now running: /usr/openwin/bin/mailtool
mailtool: Could not initialize Tool Talk: TT_ERR_PTYPE (1045): Undefined
process type
Segmentation fault
%uname -a
SunOS xxx.xxx.xxx 5.8 Generic_108528-06 sun4u sparc SUNW,Sun-Blade-100

0100001101000010010000110100011101110101
Tobias DiPasquale
-Solaris Systems Administrator-
Villanova University ECE Dept. (www.ece.vill.edu)
-Applications Engineering Consultant-
CyberSoft, Inc. (www.cybersoft.com)
mailto: anany () ece vill edu
0100001101000010010000110100011101110101

On Mon, 2 Jul 2001, kernel51 () libertysurf fr wrote:

> Hello,
>
> Here is a Solaris 8 (x86 and sparc) exploit I've coded
> lately, out of an advisory dealing with a bug in the
> mailtool utility (see the header of the attached .c file,
> it says everything). As far as I know, such an exploit
> has not been released so far.
> Cheers :)
>
> 51
>
> --------------
> Profitez de l'offre spéciale Liberty Surf !
> 50 h / 95 F TTC par mois tout compris pendant 3 mois
> http://register.libertysurf.fr/subscribe_fr/signup.php3