Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: XFree86 font.alias exploit hangup....
From: Marco Ivaldi (raptor0xdeadbeef.info)
Date: Sat Feb 28 2004 - 10:40:37 CST
On Fri, 27 Feb 2004 lazyserver.gwsh.gda.pl wrote:
> On Sun, Feb 22, 2004 at 10:51:18AM -0000, Dev wrote:
> > My problem is that once i launch the exploit the X display appears momentarily & the keyboard locks up * so now i can only access the box from the network & on a different shell.
> > Offsets etc are all fine & an STRACE yields the following log which does indicate that the exploit was successful & execve'd /bin//sh. But I am confised about the last few lines of the strace log.
> > Plz tell me as to whether my root shell has exited because of some error in the last few calls?
> it looks like X closes STDIN or it's unavaiable because text console is disabled
> so you can't directly use execve. Text console
> is broken because X i interupted during startup.
> try this shellcode it chmods 777 /bin/chmod you can change code below dzic:
> to start a bindshell or try to exec /bin/sh with a delay (to let sighendler do its job)
> maybe sighandler will make STDIN/STDOUT usefull again
> The trick is to force SIGSEGV on X to call its cleanup handlers.
You may also want to try my stdin re-open shellcode, available at:
Antifork Research, Inc. http://0xdeadbeef.info/
3B05 C9C5 A2DE C3D7 4233 0394 EF85 2008 DBFD B707