VFS: Mounted root (nfs filesystem) on device 0:11.
Freeing unused kernel memory: 72k freed
Initializing random number generator... done.
Starting network...
Fri Nov 20 17:10:37 2020
h0m3 login: root
Password:
Welcome to
______ ______ ______ ______ ______
/\ == \/\ ___\/\ __ \/\ == \/\ ___\
\ \ __<\ \ \___\ \ \/\ \ \ __<\ \___ \
\ \_\ \_\ \_____\ \_____\ \_\ \_\/\_____\
\/_/ /_/\/_____/\/_____/\/_/ /_/\/_____/ box!
$ ls -l
total 531
drwxr-xr-x 1 rc0r users 4 Jul 4 2017 blog/
drwxr-xr-x 1 rc0r users 4 Apr 22 16:18 data/
-rw-r--r-- 1 rc0r users 51718 Apr 22 13:45 bugs
-rw-r--r-- 1 rc0r users 27 Apr 22 13:54 dox
-rw-r--r-- 3 rc0r users 38 Dec 21 2016 tools
$ cat ./tools
# Fuzzing
afl-utils [git|reamde|v1.35a]
Utilities for automated crash sample processing/analysis,
easy afl-fuzz job management and corpus optimization
[Depends on: exploitable]
exploitable [git|reamde|v1.32-rc0r]
A modified version of the 'exploitable' gdb plugin by
Jonathan Foote. It adds an exploitability classification
for non-crashing targets and fixes several bugs.
$ cat ./bugs
# Bugs
CVE-2021-31598 ezxml 0.8.6 [ref]
Out-of-bounds write in ezxml_decode() leading to heap corruption
CVE-2021-31348 ezxml 0.8.6 [ref]
Out-of-bounds read in ezxml_parse_str()
CVE-2021-31347 ezxml 0.8.6 [ref]
Out-of-bounds write in ezxml_parse_str()
CVE-2021-31229 ezxml 0.8.6 [ref]
Out-of-bounds write in ezxml_internal_dtd()
CVE-2021-30485 ezxml 0.8.6 [ref]
Null pointer dereference in ezxml_internal_dtd()
CVE-2017-5340 php 7.0.14 [ref|poc:{py:php:pld}]
Use of uninitialized memory in unserialize()
CVE-2016-7961 php pecl_http master-Git-2016-09-27 [ref]
Buffer overflow in HTTP parse_hostinfo()
CVE-2016-7398 php pecl_http master-Git-2016-09-09 [ref]
Type confusion vulnerability in merge_param()
CVE-2016-5873 php 7.0.4 [ref]
Buffer overflow in HTTP url parsing functions
$ logout
_