Hi!


First of all: Not sure if this is the correct forum, if it isn't I suppose a MOD could change the forum it's posted in.

Anyway: I've been playing around with a new computer I got, it's quite an old one so I decided to use it to learn myself in developing own exploits and stuff like that.

Last night I decided to try out the telnetd remote root exploit which can be found here: http://www.exploit-db.com/exploits/18280/

And I got it all working (the telnet-d that is) but the exploit gets a timeout error like this:



Code:
[*] Target address: 0x8057fed                                                                                                           
[<] Succes reading intial server request 15 bytes                                                                                        
[>] Telnet initial encryption mode and IV sent                                                                                          
[!] Timeout when receiving response


Not exactly sure that above target is the correct one, but I tried the all so that's not the problem.


Information about target system:
Code:
Linux vulntest 2.6.32-042stab045.1 #1 SMP Wed Dec 14 18:53:36 MSK 2011 i686 GNU/Linux
Debian Squeeze 6.0.3

The vuln application is being runned with xinetd under the following conf:

Code:
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{

# Please note that you need a log_type line to be able to use log_on_success
# and log_on_failure. The default is the following :
# log_type = SYSLOG daemon info

}

includedir /etc/xinetd.d

service telnet
{

         flags          = REUSE
        socket_type     = stream
        wait            = no
        user            = root
        server          = /usr/local/libexec/telnetd
        log_on_failure  += USERID
        disable         = no
}


Has anyone tried this with success? Would be cool to check out.

I'm going to install splunk and try it now :-D

Regards, stormeye