View Issue Details

IDProjectCategoryView StatusLast Update
0006310Kali Linux[All Projects] General Bugpublic2020-07-22 09:28
ReporterOverRide0x Assigned To 
PriorityurgentSeveritycrashReproducibilityalways
Status newResolutionopen 
Product Version2020.1 
Target VersionFixed in Version 
Summary0006310: can inject shell shock throw vulnerable app to close the session and login again
Descriptionwhile working on vulnerable challenge , and by accident make my kali crash and the exit session and login again
Steps To Reproduceyou will only need to start the fuzzer.py script with python

look into the source and change the app dir for the vuln app called leak

after run it my kali output file called core you will see it also in the uploaded files


Activities

OverRide0x

2020-04-06 21:18

reporter  

core (1,830,912 bytes)
fuzz.py (509 bytes)
leak (9,112 bytes)
ELF>�@@�@8	@@@@@@��88@8@@@�
�
 ``X� ((`(`��TT@T@DDP�tdL	L	@L	@DDQ�tdR�td``��/lib64/ld-linux-x86-64.so.2GNU GNU�#�_A���p/����rs%j
 �
)�fUa9�"=K)] C/�`�`6�`libc.so.6exitsignalputsstdinprintffgetsstdoutstderralarmsetvbuf__libc_start_main__gmon_start__GLIBC_2.2.5ui	l�`�`
�`�`` `(`0`8`@`H`P`	H��H�
 H��t�H����5
 �%
 @�%
 h����%�	 h�����%�	 h����%�	 h����%�	 h����%�	 h����%�	 h����%�	 h�p����%b	 f�1�I��^H��H���PTI�	@H��@H��/@�w����fD�o`UH-h`H��H��v�H��t]�h`��f�]�@f.��h`UH��h`H��H��H��H��?H�H�t�H��t]�h`��]�fD�=Q	 uUH���n���]�>	 ��@� `H�?u��H��t�UH���]�z���UH��H���}��	@�e��������UH�徖@�����@�^���H�� ���H�����H�� ���H���b���H�� ���H���D����]�UH��H��@��t���H�E�H�ƿ	@������0	@����F	@����H� H�E��H��������ÐAWAVA��AUATL�%n UH�-n SI��I��L)�H��H������H��t 1��L��L��D��A��H��H9�u�H��[]A\A]A^A_Ðf.���H��H���Bye!Oops, I'm leaking! %p
Pwn me ¯\_(ツ)_/¯ > ;@�����T���\J����i�������D�������\zRx��*zRx�$ ����FJw�?;*3$"D����A�C
d����zA�C
u���`A�C
[D�(���eB�B�E �B(�H0�H8�M@r8A0A(B BBB�P���p@P@�@
	@``���o�@@�@
x`�@�@`	���o�@���o�ox@(`@&@6@F@V@f@v@�@GCC: (Ubuntu 5.4.0-6ubuntu1~16.04.5) 5.4.0 201606098@T@t@�@�@@x@�@	�@
@�@@
�@�@	@	@L	@�	@`` `(`�``X`�`� `�@@.P@D�`S`zp@�`�����
@� `��`�(`�`�L	@	`	@/ K�`� X`_q�`�h`)	@���@z����X`� ``(	@7�@e��`��@*G�@Oh`[/@``u ��h`� ��@��`crtstuff.c__JCR_LIST__deregister_tm_clones__do_global_dtors_auxcompleted.7585__do_global_dtors_aux_fini_array_entryframe_dummy__frame_dummy_init_array_entrybabyrop.c__FRAME_END____JCR_END____init_array_end_DYNAMIC__init_array_start__GNU_EH_FRAME_HDR_GLOBAL_OFFSET_TABLE___libc_csu_fini_ITM_deregisterTMCloneTablestdout@@GLIBC_2.2.5puts@@GLIBC_2.2.5stdin@@GLIBC_2.2.5_edataprintf@@GLIBC_2.2.5__initalarm@@GLIBC_2.2.5__libc_start_main@@GLIBC_2.2.5fgets@@GLIBC_2.2.5__data_startsignal@@GLIBC_2.2.5__gmon_start____dso_handle_IO_stdin_used__libc_csu_inithandler__bss_startmainsetvbuf@@GLIBC_2.2.5_Jv_RegisterClassesexit@@GLIBC_2.2.5__TMC_END___ITM_registerTMCloneTablestderr@@GLIBC_2.2.5.symtab.strtab.shstrtab.interp.note.ABI-tag.note.gnu.build-id.gnu.hash.dynsym.dynstr.gnu.version.gnu.version_r.rela.dyn.rela.plt.init.plt.got.text.fini.rodata.eh_frame_hdr.eh_frame.init_array.fini_array.jcr.dynamic.got.plt.data.bss.comment8@8#T@T 1t@t$D���o�@�0N�@�8V@x^���ox@xk���o�@� z�@�`�B@���@��@���@���@�b�	@		�	@	9�L	@L	D��	@�	4�`�`� ` �(`(���`��`X�X`X��`h0 0h4��P/	��
leak (9,112 bytes)

Issue History

Date Modified Username Field Change
2020-04-20 13:41 OverRide0x New Issue
2020-04-20 13:41 OverRide0x Issue generated from: 0006262