http://home.no/exploited/exploits/kmodaxx.c (almost[?] identical code, claims to be a remote kernel root exploit) http://www.securitylab.ru/forum/forum32/topic3728/?PAGEN_1=2 (very similar code, claims to be an IIS exploit) http://seclists.org/fulldisclosure/2003/Jun/456 (didn't read entire thread, code is mentioned though)
I'm sure there's more, but this kinda reminds me of that leaked "private exploit" on pastebin a few weeks back (you know, the one that was nice enough to create a _local_ root account), and insisted that it was private private private and specifically said NOT to leak it. I am curious as to how you're so certain that it's on "many many boxes" yet know next to nothing about it. On Tue, Oct 25, 2011 at 8:50 PM, xD 0x41 <sec...@gmail.com> wrote: > Hello List, > Id like people to also, like this thread asks, to pls give some opinion, > other than mine.. wich, i am yet to make; > > http://www.hackerthreads.org/Topic-5973 > > Please look at this .c code on here, if you wish, and tell me, why > A. It is still in circulation, seeminlgly, on MANY MANY boxes.... > B. people still seem to try keep it private :s > > This morning, a friend from webhostingtalk.com ,asked me to take a look. > I have and, i can only sofar say, once i decrypt the shellcode, ill know > abit more.. > altho , i rmember this thing, and, somany people were after it, people were > paying for it, this is first time i have seen it actually disclosed tho, > admittedly only looked today. > If skiddies are using it to ddos things, I want to makesure i can expose > it, and kill the threats. > thankyou. > xd .// exposing bullshit as i ride! > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/