[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

FreeBSD ftpd Remote Root Exploit

[ 0Day-ID-33735 ]
Full title
FreeBSD ftpd Remote Root Exploit [ Highlight ]
Highlight - is paid service, that can help to get more visitors to your material.

Price: 10
Date add
Category
Platform
Verified
Price
 
0.014 BTC

 
1 000 USD
Risk
[
Security Risk Critical
]
Rel. releases
Description
needs user account inside a chroot.


'''
example reverse shells:

[root@r00tbox /]# uname -a;id;
uname -a;id;
FreeBSD r00tbox 10.0-RELEASE FreeBSD 10.0-RELEASE #0 r260789: Thu Jan 16 22:34:59 UTC 2014 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel)
[root@r00tbox /]#

# uname -a;id;
FreeBSD r00tbox 10.3-RELEASE FreeBSD 10.3-RELEASE #0 r297264: Fri Mar 25 03:51:29 UTC 2016 [email protected]:/usr/obj/usr/src/sys/GENERIC i386
uid=0(root) gid=0(wheel) groups=0(wheel)

# uname -a;id;
FreeBSD r00tbox 10.3-RELEASE FreeBSD 10.3-RELEASE #0 r297264: Fri Mar 25 02:10:02 UTC 2016 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel)

# uname -a;id;
FreeBSD r00tbox 9.3-RELEASE FreeBSD 9.3-RELEASE #0 r268512: Thu Jul 10 23:44:39 UTC 2014 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel)

#uname -a;id;
FreeBSD r00tbox 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep 26 22:50:31 UTC 2013 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel)

Ncat: Connection from 192.168.178.46:50444.
sh: can't access tty; job control turned off
# uname -a;id;
FreeBSD r00tbox 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan 3 07:46:30 UTC 2012 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel)
#

sh: can't access tty; job control turned off
# uname -a;id;
FreeBSD xxx.hostname 7.3-RELEASE FreeBSD 7.3-RELEASE #0: Sun Mar 21 05:25:24 UTC 2010 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel),1001(test2)

sh: can't access tty; job control turned off
# uname -a;
FreeBSD r00tbox.fritz.box 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan 1 08:58:24 UTC 2009 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64

sh: can't access tty; job control turned off
# uname -a;id;
FreeBSD r00tbox.fritz.box 6.4-RELEASE FreeBSD 6.4-RELEASE #0: Wed Nov 26 08:21:48 UTC 2008 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64
uid=0(root) gid=0(wheel) groups=0(wheel),1001(test2)
#

# uname -a;
FreeBSD r00tbox.fritz.box 6.4-RELEASE FreeBSD 6.4-RELEASE #0: Wed Nov 26 11:43:51 UTC 2008 [email protected]:/usr/obj/usr/src/sys/GENERIC i386
# id
uid=0(root) gid=0(wheel) groups=0(wheel),1001(test2)

# uname -a;id;
FreeBSD r00tbox.fritz.box 6.3-RELEASE FreeBSD 6.3-RELEASE #0: Wed Jan 16 04:18:52 UTC 2008 [email protected]:/usr/obj/usr/src/sys/GENERIC i386
uid=0(root) gid=0(wheel) groups=0(wheel),1003(test2)
Usage info
latest FreeBSD version wasn't tested but should be vulnerable.
Other Information
Abuses
0
Comments
0
Views
25 941
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks! Please, beware of scammers!
Please login or register to buy exploit.
OR
Buy incognito
0
0
Learn more about    GOLD:
0day.today Gold is the currency of 0day.today project and is denoted on this site as such image: . It used for paying for the services, buying exploits, earning money, etc
We accept:
BitCoin (BTC)
You can pay us via BTC
LiteCoin (LTC)
You can pay us via LTC
Ethereum (ETH)
You can pay us via ETH

Author
BL
29
Exploits
5
Readers
0
[ Comments: 0 ]
Terms of use of comments:
  • Users are forbidden to exchange personal contact details
  • Haggle on other sites\projects is forbidden
  • Reselling is forbidden
Punishment: permanent block of user account with all Gold.

Login or register to leave comments