Full Disclosure mailing list archives
Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques
From: "Rodrigo Rubira Branco (BSDaemon)" <rodrigo () kernelhacking com>
Date: Wed, 10 Oct 2007 11:12:50 -0000
Hey Luiz, The Gaus´s (cisco) point is the videos just showed a shellcode being executed, not a vulnerability being exploited. If you has a vulnerability, so you can use the shellcode other than in a debugger or physically attached to the device. Anyway, it´s time to ask where is the shellcodes? I want to see that. cya, Rodrigo (BSDaemon). -- http://www.kernelhacking.com/rodrigo Kernel Hacking: If i really know, i can hack GPG KeyID: 1FCEDEA1 --------- Mensagem Original -------- De: Luiz Eduardo <le () atelophobia net> Para: Rodrigo Rubira Branco BSDaemon <rodrigo () kernelhacking com> Cópia: Andy Davis <andy.davis () irmplc com>, @fjaunet.com.br <full-disclosure () lists grok org uk> Assunto: Re: [Full-disclosure] IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Data: 10/10/07 10:42
Oi Rodrigo, by this statement on Gaus' email I would say it's not possible. But I
will let the smart people comment.
> &gt; - Having physical access to the device abraço le On Oct 10, 2007, at 3:36 AM, Rodrigo Rubira Branco (BSDaemon) wrote: > Hey Andy, > > For sure the shellcodes can be used in a local attack, but I want > to see you > using a connect back shellcode locally in an IOS system ;) that´s
> why I said
> explicitly remote. > > cya, > > > Rodrigo (BSDaemon). > > -- > http://www.kernelhacking.com/rodrigo > > Kernel Hacking: If i really know, i can hack > > GPG KeyID: 1FCEDEA1
________________________________________________ Message sent using UebiMiau 2.7.2 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Rodrigo Rubira Branco (BSDaemon) (Oct 10)
- Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Andy Davis (Oct 10)
- <Possible follow-ups>
- Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Rodrigo Rubira Branco (BSDaemon) (Oct 10)
- Re: IRM Demonstrates Multiple Cisco IOS Exploitation Techniques Rodrigo Rubira Branco (BSDaemon) (Oct 10)