[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)

To: adam <adam@xxxxxxxxx>
Subject: Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
From: xD 0x41 <secn3t@xxxxxxxxx>
Date: Wed, 26 Oct 2011 13:24:23 +1100

Ok... i see now, it is being disguised, from along time ago...
strange why it is being used, unless people have started to rename things
maybe... to suit old things, wich dont work :s
it is possible...
I will see what it is doing and done sofar in the darknet i have setup in a
sec and, that will be it.
ok.. cheers.


On 26 October 2011 13:15, adam <adam@xxxxxxxxx> wrote:

> http://home.no/exploited/exploits/kmodaxx.c (almost[?] identical code,
> claims to be a remote kernel root exploit)
> http://www.securitylab.ru/forum/forum32/topic3728/?PAGEN_1=2 (very similar
> code, claims to be an IIS exploit)
> http://seclists.org/fulldisclosure/2003/Jun/456 (didn't read entire
> thread, code is mentioned though)
>
> I'm sure there's more, but this kinda reminds me of that leaked "private
> exploit" on pastebin a few weeks back (you know, the one that was nice
> enough to create a _local_ root account), and insisted that it was private
> private private and specifically said NOT to leak it.
>
> I am curious as to how you're so certain that it's on "many many boxes" yet
> know next to nothing about it.
>
> On Tue, Oct 25, 2011 at 8:50 PM, xD 0x41 <secn3t@xxxxxxxxx> wrote:
>
>> Hello List,
>> Id like people to also, like this thread asks, to pls give some opinion,
>> other than mine.. wich, i am yet to make;
>>
>> http://www.hackerthreads.org/Topic-5973
>>
>> Please look at this .c code on here, if you wish, and tell me, why
>> A. It is still in circulation, seeminlgly, on MANY MANY boxes....
>> B. people still seem to try keep it private :s
>>
>> This morning, a friend from webhostingtalk.com ,asked me to take a look.
>> I have and, i can only sofar say, once i decrypt the shellcode, ill  know
>> abit more..
>> altho , i rmember this thing, and, somany people were after it, people
>> were paying for it, this is first time i have seen it actually disclosed
>> tho,
>> admittedly only looked today.
>> If skiddies are using it to ddos things, I want to makesure i can expose
>> it, and kill the threats.
>> thankyou.
>> xd .// exposing bullshit as i ride!
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
  - From: xD 0x41
- Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
  - From: adam

Prev by Date: Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
Next by Date: Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
Previous by thread: Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
Next by thread: Re: [Full-disclosure] I know its old, but what the heck does this do... (exposing a tool...)
Index(es):
- Date
- Thread