module
Poptop Negative Read Overflow
| Disclosed | Created |
|---|---|
| 2003-04-09 | 2018-05-30 |
Disclosed
2003-04-09
Created
2018-05-30
Description
This is an exploit for the Poptop negative read overflow. This will
work against versions prior to 1.1.3-b3 and 1.1.3-20030409, but I
currently do not have a good way to detect Poptop versions.
The server will by default only allow 4 concurrent manager processes
(what we run our code in), so you could have a max of 4 shells at once.
Using the current method of exploitation, our socket will be closed
before we have the ability to run code, preventing the use of Findsock.
work against versions prior to 1.1.3-b3 and 1.1.3-20030409, but I
currently do not have a good way to detect Poptop versions.
The server will by default only allow 4 concurrent manager processes
(what we run our code in), so you could have a max of 4 shells at once.
Using the current method of exploitation, our socket will be closed
before we have the ability to run code, preventing the use of Findsock.
Author
spoonm spoonm@no$email.com
Platform
Linux
Architectures
x86
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.