Re: Blind Remote Buffer Overflow

[xm () GEEKMAFIA DYNIP COM (Ex Machina)]

If you can get any binaries via anonymous FTP you can usually guess
architecture. Here's a little snapshot from objdump --all ls. (I snagged
this binary via anonymous ftp.)

[snip]

cherrycoke:~$ objdump --all ls | less

ls:     file format elf32-i386
ls
architecture: i386, flags 0x00000102:
EXEC_P, D_PAGED
start address 0x08000090

[/snip]

PS - I need a summer job in New England. :)

Ex Machina (xm () geekmafia dynip com)    http://geekmafia.dynip.com/~xm/
phone:  1-877-LPT-WHIP         icq:  3387005           aim:  ExMachina
GnuPG Keyprint:     0627 C3A8 DE25 F7FB 46BD  4870 2006 CF7F EBDA 949D

On Sun, 30 Apr 2000, Arturo Busleiman wrote:

> Date: Sun, 30 Apr 2000 20:14:24 -0300
> From: Arturo Busleiman <buanzox () USA NET>
> To: VULN-DEV () SECURITYFOCUS COM
> Subject: Re: Blind Remote Buffer Overflow
>
> On Sat, 29 Apr 2000, Mark L. Jackson wrote:
>
> > //  How does one tell the diffrence in architechture remotely, when
> > //  the OS runs
> > //  on multiple architechtures?
> > Well scanning is the first and I think easiest method. You decide what
> > type of system you want to hit and then scan IPs for a specific response
> > known to come from that system. Example Sun is known to have RPC problems.
> [snip!]
>
> well, you are right... but the question was related to the architecture,
> (sparc, x86, etc) not the operating system.
>
> *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzox () usa net
> *> Lista social de mail. Envia e-mail en blanco a lsb-subscribe () egroups com
> *> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!!