SuSE 7.2 (& others) sendmail local xploit
dimanche 26 août 2001 19:20


 Hi.

 This is the 'alsou.c' sendmail 8.11.x (x<=5) xploit with some very
slight modifications:
 - extensive documentation and example on how to get this to work on
several distros / sendmail versions 
 - working on default SuSE 7.2 (sendmail 8.11.3):
 - also included working parameters for SuSE 6.4 with *custom
compiled* sendmail 8.11.2:
 - allows to give offset in command line. Use with 'smxploit' script
(also included) in order to find correct offset. This will be
necessary in different distros / sendmail versions
- QUICK GUIDE for finding propper exploitation values (VECT, GOT and
OFFSET):
 ==> CASE A: Non-stripped binary:
 ==> CASE B: Stripped binary (this is the default on several distros):

 Please read complete alsou2.c comment lines for the whole
explanation.

 Regards,

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
    ** RoMaN SoFt / LLFB **  
       roman@madrid.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~