First of all: Not sure if this is the correct forum, if it isn't I suppose a MOD could change the forum it's posted in.
Anyway: I've been playing around with a new computer I got, it's quite an old one so I decided to use it to learn myself in developing own exploits and stuff like that.
Last night I decided to try out the telnetd remote root exploit which can be found here: http://www.exploit-db.com/exploits/18280/
And I got it all working (the telnet-d that is) but the exploit gets a timeout error like this:
[*] Target address: 0x8057fed
[<] Succes reading intial server request 15 bytes
[>] Telnet initial encryption mode and IV sent
[!] Timeout when receiving response
Not exactly sure that above target is the correct one, but I tried the all so that's not the problem.
Information about target system:
Linux vulntest 2.6.32-042stab045.1 #1 SMP Wed Dec 14 18:53:36 MSK 2011 i686 GNU/Linux
Debian Squeeze 6.0.3
The vuln application is being runned with xinetd under the following conf:
# Simple configuration file for xinetd
# Some defaults, and include /etc/xinetd.d/
# Please note that you need a log_type line to be able to use log_on_success
# and log_on_failure. The default is the following :
# log_type = SYSLOG daemon info
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/local/libexec/telnetd
log_on_failure += USERID
disable = no
Has anyone tried this with success? Would be cool to check out.
I'm going to install splunk and try it now :-D