Problem with OpenSSH exploit
Results 1 to 3 of 3

Thread: Problem with OpenSSH exploit

  1. #1
    Junior Member
    Join Date
    Nov 2004
    Posts
    11

    Problem with OpenSSH exploit

    Hi,

    I am somwhat new to the security scene, and I seem to have a problem. I installed a default install of Slackware 8, which includes OpenSSH 3.2.3 on it, amongst other services. I am trying to break into my Linux box for the first time but I am having problems. I am planning to exploit it locally (even though its a remote exploit, I think it will work). I am using the following exploit http://www.securityfocus.com/bid/5093/exploit/ (the second one, sshutup-theo.tar.gz). I followed all instructions and successfully installed the patched ssh client. When I try to run it, it tells me "bsdauth (skey) not available". I tried other variations aswell, but I realised that this patch was for openbsd, not for slackware, so there was no hope.
    This seems to be a very well known vuln, and yet I cannot find exploits for my Slackware box. Can anyone please give me some suggestions on what steps to take from here?

    Thanks, Nick

  2. #2
    Junior Member
    Join Date
    Nov 2004
    Posts
    5
    That is marked as a "proof of concept", that does not mean it will get you root. It may just show that it is exploitable.
    america, F**K YAH!

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    This seems to be a very well known vuln, and yet I cannot find exploits for my Slackware box. Can anyone please give me some suggestions on what steps to take from here?
    Use the information you got from the OpenBSD PoC and code your own.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •