-
November 14th, 2004, 04:10 PM
#1
Junior Member
Problem with OpenSSH exploit
Hi,
I am somwhat new to the security scene, and I seem to have a problem. I installed a default install of Slackware 8, which includes OpenSSH 3.2.3 on it, amongst other services. I am trying to break into my Linux box for the first time but I am having problems. I am planning to exploit it locally (even though its a remote exploit, I think it will work). I am using the following exploit http://www.securityfocus.com/bid/5093/exploit/ (the second one, sshutup-theo.tar.gz). I followed all instructions and successfully installed the patched ssh client. When I try to run it, it tells me "bsdauth (skey) not available". I tried other variations aswell, but I realised that this patch was for openbsd, not for slackware, so there was no hope.
This seems to be a very well known vuln, and yet I cannot find exploits for my Slackware box. Can anyone please give me some suggestions on what steps to take from here?
Thanks, Nick
-
November 15th, 2004, 07:47 AM
#2
Junior Member
That is marked as a "proof of concept", that does not mean it will get you root. It may just show that it is exploitable.
-
November 15th, 2004, 02:22 PM
#3
This seems to be a very well known vuln, and yet I cannot find exploits for my Slackware box. Can anyone please give me some suggestions on what steps to take from here?
Use the information you got from the OpenBSD PoC and code your own.
Oliver's Law:
Experience is something you don't get until just after you need it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|