what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Cliff Stoll

Emacs movemail Privilege Escalation

Posted Dec 4, 2018

Authored by wvu, Cliff Stoll, Markus Hess | Site metasploit.com

This Metasploit module exploits a SUID installation of the Emacs movemail utility to run a command as root by writing to 4.3BSD's /usr/lib/crontab.local. The vulnerability is documented in Cliff Stoll's book The Cuckoo's Egg.

tags | exploit, local, root

SHA-256 | 9a45ef7c2c0d7e05f3ad54afa5cf8a4f5e411cdd781a161604fbfb0258e39186

Download | Favorite | View

Morris Worm sendmail Debug Mode Shell Escape

Posted Nov 5, 2018

Authored by wvu, Robert Tappan Morris, Cliff Stoll | Site metasploit.com

This Metasploit module exploits sendmail's well-known historical debug mode to escape to a shell and execute commands in the SMTP RCPT TO command. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently only cmd/unix/reverse and cmd/unix/generic are supported.

tags | exploit, worm, shell

systems | unix

SHA-256 | 1a4e5d53d0016bdb16eb6f683c07b76aba09a90bfa3bac11eb076eeaae1e53ef

Download | Favorite | View

Morris Worm fingerd Stack Buffer Overflow

Posted Nov 5, 2018

Authored by wvu, Robert Tappan Morris, Cliff Stoll | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg.

tags | exploit, worm, overflow

SHA-256 | 5f407350c1d9280dd4c5077754d558bd32be9404ebe5f76676b4a472abb2658d

Download | Favorite | View