Does it work with "modern" solaris?
HOLY SHIT, THERE IT IS, REMOTE SUNOS GOD MODE! Solaris 0day for *everything* - WHOEVER WROTE THIS DESERVES A KNIGHTHOOD!pic.twitter.com/DXeM9EjMPm
-
-
-
potentially, it seems to only have support upto version 9. It may have been patched in a more recent version or just not have targets for it
-
I am trying to get it to work on one of the more recent variants to see if the vulnerability is still present.
-
if any of them do affect current versions,
@lazytyped,@darrenmoffat,@casperdik & I will be very interested so we can get them fixed. -
exploit code is https://github.com/x0rz/EQGRP/blob/master/Linux/bin/ebbnew_linux … - anything starting ebb* is also part of the exploit/tool
-
this also appears to be a privilege escalation bug affecting recent Solaris 10/11 https://github.com/x0rz/EQGRP/blob/master/Linux/bin/exp.tar.Z … (you may be able to test quicker)
End of conversation
New conversation -
-
-
Did you see the remote apache?
-
it is just openssl-too-open and various old Apache exploits, its not that interesting. EBBISLAND seems to be real deal attack tool for SunOS
-
Eh, it's very interesting in the sense that they developed a reliable exploit for linux on Alpha... That's a particularly niche target.
-
I think that code is public and just in there collection as a useful exploit
End of conversation
New conversation -
-
-
and exploit is on old deprecated
#Solaris 2.6/2.7/2.8/2.9 correct -- no 2.10,2.11 shown. Knighthood remains forthcoming -
there isnt any target support for 10 or 11 but the bug might still be present in those versions ;)
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
lol, I actually might have an idea who did that one ;)
-
I know who did 4 of them so far. Lol.
End of conversation
New conversation -
-
-
I knew i could count on you for pointing out the most awesome stuff from the leak
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
There's some even more interesting things in there...
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
such green text, love it. everything on the inet should be green text on black bg.
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
Please keep the coverage coming - this is great.
Thanks. Twitter will use this to make your timeline better. Undo
-
-
-
@DanielRufde why the hell would people still use sunos? What's a sane reason to keep it around ? -
The reason the hell one might run SunOS is because it has features other OSs lack. Unless you mean an old version of SunOS, 5.x with x < 10.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.