OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Blind Remote Buffer Overflow
From: Ex Machina (xmGEEKMAFIA.DYNIP.COM)
Date: Sun Apr 30 2000 - 20:35:59 CDT

If you can get any binaries via anonymous FTP you can usually guess
architecture. Here's a little snapshot from objdump --all ls. (I snagged
this binary via anonymous ftp.)

[snip]

cherrycoke:~$ objdump --all ls | less

ls: file format elf32-i386
ls
architecture: i386, flags 0x00000102:
EXEC_P, D_PAGED
start address 0x08000090

[/snip]

PS - I need a summer job in New England. :)

Ex Machina (xmgeekmafia.dynip.com) http://geekmafia.dynip.com/~xm/
phone: 1-877-LPT-WHIP icq: 3387005 aim: ExMachina
GnuPG Keyprint: 0627 C3A8 DE25 F7FB 46BD 4870 2006 CF7F EBDA 949D

On Sun, 30 Apr 2000, Arturo Busleiman wrote:

> Date: Sun, 30 Apr 2000 20:14:24 -0300
> From: Arturo Busleiman <buanzoxUSA.NET>
> To: VULN-DEVSECURITYFOCUS.COM
> Subject: Re: Blind Remote Buffer Overflow
>
> On Sat, 29 Apr 2000, Mark L. Jackson wrote:
>
> > // How does one tell the diffrence in architechture remotely, when
> > // the OS runs
> > // on multiple architechtures?
> > Well scanning is the first and I think easiest method. You decide what
> > type of system you want to hit and then scan IPs for a specific response
> > known to come from that system. Example Sun is known to have RPC problems.
> [snip!]
>
> well, you are right... but the question was related to the architecture,
> (sparc, x86, etc) not the operating system.
>
> *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzoxusa.net
> *> Lista social de mail. Envia e-mail en blanco a lsb-subscribeegroups.com
> *> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!!
>