Vulnerability Development mailing list archives
Re: SSHD Vuln Exploit X2
From: Brandon <brandon () picomm net>
Date: Fri, 01 Feb 2002 14:02:34 -0600
The 2.99 stuff is incorrect.. what is that protocol? It seems a lot of kids are quick to write "targets" files for this.Oh well, answering your question, the reason why it wasn't written for older versions is because the CRC32 bug did not exist in those older versions. It was introduced in an attack detector in (I think) 1.2.25, if not, then definately 1.2.26. Try not running these variants, they may be backdoored, as source may have leaked and been modified. ELF virii are nasty.
At 12:22 PM 2/1/2002 -0500, Deb DeWolfe wrote:
The exploit x2 seemd very usefull when it came out a while back after somebody in tesco leaked it, since then i have seen x3 and x4 clients some have been backdoored versions and some are actually worth using such as x4, the target lists vary alot i have seen targets for ( 2) quick - SSH-1.5-OpenSSH-1.2 ( 3) quick - SSH-1.5-OpenSSH-1.2.2 ( 4) quick - SSH-1.5-1.2.25 ( 5) quick - SSH-1.5-1.2.26 ( 6) quick - SSH-1.5-1.2.27 ( 7) quick - SSH-1.5-1.2.30 ( 8) quick - SSH-1.5-1.2.31 ( 9) quick - SSH-1.99-OpenSSH_2.2.0p1 (10) quick - SSH-2.99-OpenSSH_2.2.0p1 (12) xlong - SSH-1.5-OpenSSH-1.2 (13) xlong - SSH-1.5-OpenSSH-1.2.2 (14) xlong - SSH-1.5-1.2.25 (15) xlong - SSH-1.5-1.2.26 (16) xlong - SSH-1.5-1.2.27 (17) xlong - SSH-1.5-1.2.30 (18) xlong - SSH-1.5-1.2.31 (19) xlong - SSH-1.99-OpenSSH_2.2.0p1 (20) xlong - SSH-2.99-OpenSSH_2.2.0p1 i was wondering why has nobody written targets for some of the older sshs like 1.5-1.2.17 or 2.20 or 2.22 there old but should still work any ideas or any newer target lists such as 2.32 2.33 ? i have seen up to 29 i have herd there are as many as 99 im not sure though
Current thread:
- SSHD Vuln Exploit X2 Deb DeWolfe (Feb 01)
- Re: SSHD Vuln Exploit X2 Markus Friedl (Feb 01)
- Re: SSHD Vuln Exploit X2 Brandon (Feb 01)