Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index PyPI repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been...

Linux/x86 - execve /bin/sh Shellcode (fstenv eip GetPC technique) (70 bytes, xor encoded)

Exploit Title: Linux/x86 - execve /bin/sh Shellcode fstenv eip GetPC technique 70 bytes, xor encoded Exploit Author: d7x Tested on: Ubuntu x86 / shellcode with XOR decoder stub and fstenv MMX FPU spawning a /bin/sh shell uses the fstenv GetPC technique to get the memory address dynamically...

Linux/x86-64 - setreuid(0,0) + execve(/bin/csh, [/bin/csh, NULL]) + XOR Encoded Shellcode (87 bytes)

Title: Linux x86-64 setreuid 0,0 & execve"/bin/csh", "/bin/csh", NULL + XOR encoded - 87 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Mark Loiseau, entropy at phiral.net and metasm developer unsigned char shellcode =...

Linux/x86-64 - setreuid(0,0) + execve(/bin/zsh, [/bin/zsh, NULL]) + XOR Encoded Shellcode (87 bytes)

Title: Linux x86-64 setreuid 0,0 & execve"/bin/zsh", "/bin/zsh", NULL + XOR encoded - 87 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Mark Loiseau, entropy at phiral.net and metasm developer unsigned char shellcode =...

Linux/x86-64 - setreuid(0,0) + execve(/bin/ksh, [/bin/ksh, NULL]) + XOR Encoded Shellcode (87 bytes)

Title: Linux x86-64 setreuid 0,0 & execve"/bin/ksh", "/bin/ksh", NULL + XOR encoded - 87 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Mark Loiseau, entropy at phiral.net and metasm developer unsigned char shellcode =...

Linux/x86 - XOR encoded execve(/bin/sh) setuid(0) setgid(0) Shellcode (66 bytes)

;Title: Linux/x86 - 66 byte - execve/bin/sh - setuid0 - setgid0 - XOR encrypted ;Author: nullparasite ;Contact: email protected ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode, first set uid and gid to zero then call shell using execve. Also, /bin/sh defined as a XOR...

125 bind port to 6778 XOR encoded polymorphic linux shellcode .

No description provided by source. / Title : bind port to 6678 XOR encoded polymorphic linux shellcode . Name : 125 bind port to 6678 XOR encoded polymorphic linux shellcode . Date : Tue Jul 6 01:52:33 WIT 2010 Author : gunslinger yudha.gunslingeratgmail.com Web : http://devilzc0de.org blog :...

Linux/ARM - Polymorphic execve("/bin/sh", ["/bin/sh"], NULL); - XOR 88 encoded - 78 bytes

No description provided by source. / Title: Linux/ARM - Polymorphic execve/bin/sh, /bin/sh, NULL; - XOR 88 encoded - 78 bytes Date: 2010-06-28 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Database of shellcodes...

62 bytes setreuid(0,0) execve("/bin/sh",NULL,NULL) XOR Encoded Linux Shellcode

No description provided by source. / Author : gunslinger yudha.gunslingeratgmail.com Web : http://devilzc0de.org blog : http://gunslingerc0de.wordpress.com tested on : linux debian special thanks to : r0073r inj3ct0r.com, d3hydr8 darkc0de.com, ty miller projectshellcode.com, jonathan...

linux/x86 - setreuid (0,0) & execve("/bin/csh", [/bin/csh, NULL]) + XOR encoded 53 byte

Title: Linux x86 setreuid 0,0 & execve"/bin/csh", "/bin/csh", NULL + XOR encoded - 53 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Jonathan Salwan, Yuda Prawira and Rizki Wicaksono from ctypes import shell =...

linux/x86 - setreuid (0,0) & execve("/bin/zsh", ["/bin/zsh", NULL]) + XOR encoded 53 bytes

Title: Linux x86 setreuid 0,0 & execve"/bin/zsh", "/bin/zsh", NULL + XOR encoded - 53 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Jonathan Salwan, Yuda Prawira and Rizki Wicaksono from ctypes import shell =...

linux/x86- setreuid (0,0) & execve("/bin/ksh", [/bin/ksh, NULL]) + XOR encoded - 53 bytes

Title: Linux x86 setreuid 0,0 & execve"/bin/ksh", "/bin/ksh", NULL + XOR encoded - 53 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37 Thanks: Jonathan Salwan, Yuda Prawira and Rizki Wicaksono from ctypes import shell =...

linux/x86 setreuid(0,0) execve("/bin/sh",NULL,NULL) encoded 62 bytes

Exploit for linux/x86 platform in category shellcode ======================================================================== linux/x86 setreuid0,0 execve"/bin/sh",NULL,NULL XOR encoded 62 bytes ======================================================================== /...

linux/x86 send "visit inj3ct0r.com" to all konsole XOR encoded 99 bytes

Exploit for linux/x86 platform in category shellcode ======================================================================= linux/x86 send "visit inj3ct0r.com" to all konsole XOR encoded 99 bytes ======================================================================= /...

Linux/x86 Port Binding Shellcode (xor-encoded) 152 bytes

No description provided by source. / Author: Rick Email: [email protected] OS: Linux/x86 Description: Port Bind 4444 xor-encoded -------------------------------------------------------------------- section .text global start start: ;socket PFINET, SOCKSTREAM, 0 push byte 0x66 pop eax push byte...

Linux/x86 - Port Binding Shellcode xor-encoded 152 bytes

Linux/x86 Port Binding Shellcode xor-encoded 152 bytes. Shellcode exploit for linx86 platform / Author: Rick Email: [email protected] OS: Linux/x86 Description: Port Bind 4444 xor-encoded -------------------------------------------------------------------- section .text global start start:...

linux/x86 Port Binding Shellcode (xor-encoded) 152 bytes

Exploit for linux/x86 platform in category shellcode ======================================================== Linux/x86 Port Binding Shellcode xor-encoded 152 bytes ======================================================== / Author: Rick OS: Linux/x86 Description: Port Bind 4444 xor-encoded...

OSX/PPC - Bind TCP (8000/TCP) Shell + OSXPPCLongXOR Encoded Shellcode (300 bytes)

OSX/PPC - Bind TCP 8000/TCP Shell + OSXPPCLongXOR Encoded Shellcode 300 bytes. Shellcode exploit for OSXPPC platform "\x7c\xa5\x2a\x79\x40\x82\xff\xfd\x7f\xe8\x02\xa6\x3b\xff\x07\xfa" "\x38\xa5\xf8\x4a\x3c\xc0\x28\x1a\x60\xc6\x7f\x0e\x38\x85\x07\xee"...

Linux/x86-64 - setreuid(0,0) + execve(/bin/csh, [/bin/csh, NULL]) + XOR Encoded Shellcode (87 bytes)

Linux/x86-64 - setreuid0,0 + execve/bin/csh, /bin/csh, NULL + XOR Encoded Shellcode 87 bytes. Shellcode exploit for Linuxx86-64 platform Title: Linux x86-64 setreuid 0,0 & execve"/bin/csh", "/bin/csh", NULL + XOR encoded - 87 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware...

Linux/x86 - setreuid(0,0) + execve("/bin/ksh", [/bin/ksh, NULL]) + XOR Encoded Shellcode (53 bytes)

Linux/x86 - setreuid0,0 + execve"/bin/ksh", /bin/ksh, NULL + XOR Encoded Shellcode 53 bytes. Shellcode exploit for Linuxx86 platform Title: Linux x86 setreuid 0,0 & execve"/bin/ksh", "/bin/ksh", NULL + XOR encoded - 53 bytes Author: egeektronic Twitter: @egeektronic Tested on: Slackware 13.37...