lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 26 Oct 2011 13:24:23 +1100
From: xD 0x41 <secn3t@...il.com>
To: adam <adam@...sy.net>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: I know its old,
 but what the heck does this do... (exposing a tool...)

Ok... i see now, it is being disguised, from along time ago...
strange why it is being used, unless people have started to rename things
maybe... to suit old things, wich dont work :s
it is possible...
I will see what it is doing and done sofar in the darknet i have setup in a
sec and, that will be it.
ok.. cheers.


On 26 October 2011 13:15, adam <adam@...sy.net> wrote:

> http://home.no/exploited/exploits/kmodaxx.c (almost[?] identical code,
> claims to be a remote kernel root exploit)
> http://www.securitylab.ru/forum/forum32/topic3728/?PAGEN_1=2 (very similar
> code, claims to be an IIS exploit)
> http://seclists.org/fulldisclosure/2003/Jun/456 (didn't read entire
> thread, code is mentioned though)
>
> I'm sure there's more, but this kinda reminds me of that leaked "private
> exploit" on pastebin a few weeks back (you know, the one that was nice
> enough to create a _local_ root account), and insisted that it was private
> private private and specifically said NOT to leak it.
>
> I am curious as to how you're so certain that it's on "many many boxes" yet
> know next to nothing about it.
>
> On Tue, Oct 25, 2011 at 8:50 PM, xD 0x41 <secn3t@...il.com> wrote:
>
>> Hello List,
>> Id like people to also, like this thread asks, to pls give some opinion,
>> other than mine.. wich, i am yet to make;
>>
>> http://www.hackerthreads.org/Topic-5973
>>
>> Please look at this .c code on here, if you wish, and tell me, why
>> A. It is still in circulation, seeminlgly, on MANY MANY boxes....
>> B. people still seem to try keep it private :s
>>
>> This morning, a friend from webhostingtalk.com ,asked me to take a look.
>> I have and, i can only sofar say, once i decrypt the shellcode, ill  know
>> abit more..
>> altho , i rmember this thing, and, somany people were after it, people
>> were paying for it, this is first time i have seen it actually disclosed
>> tho,
>> admittedly only looked today.
>> If skiddies are using it to ddos things, I want to makesure i can expose
>> it, and kill the threats.
>> thankyou.
>> xd .// exposing bullshit as i ride!
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ