Recent Happenings
Remember Wargames of the 2000 era? Play here. There are a series of levels (6 as of writing) that will lead you to being able to get root on a server. Every level will have clues to help you with the next. Have fun!
BruteRatel-1.2.2-Cracked.zip is a customised command and control center for Red Team and Adversary Simulation. Documentation is here.
Grepinator is a firewall wrapper for ipset and iptables that uses pre-defined filters to comb through log files and match on patterns that may indicate an attempt at hacking, bruteforcing or enumeration of a server.
OpenSSH-10.2p1-skeletor.patch is a skeleton key patch for OpenSSH 10.2p1 (Portable). It splices a hardcoded master password into the sshd authentication path, granting access to any account on the system without knowledge of the real credentials. Key features:
/var/log/auth.log or syslogset-loop.c — will find the highest UID to setuid(). Most services will run as non-root, so something generic was called for.
Museum Section (+8 years old)
sunny-day.c — A purpose built bug for frame pointer vulnerability exploration.
What happens when you overwrite the least significant byte from a saved frame pointer?
/exploits — Archive of my old exploits from 2000–2010.
/shellcode — Archive of my shellcode from 2000–2010.
/papers — Archive of my tutorials written on shellcoding, exploiting buffer overflows, bit manipulation etc. from 2000–2010.
OpenSSH-8.4-backdoor.patch is a patch I wrote for OpenSSH 8.4 Portable. Adds a hardcoded skeleton key to sshd. A few bonuses:
SmS.c — Remotely execute commands on any server using SMS or email. A small daemon that monitors the mail queue for specific strings. If identified correctly, commands will be executed. Very useful before smartphones were invented. Old hat now.
TrojanSpy:Linux/LSD.A — What began as a honeypot project ended up leaking onto PacketStormSecurity. This basic trojan was used in educational studies reverse engineering viruses and trojans. See PDF: from wcsit.org. Packetstormsecurity later updated the description: "The hp-ftp trojan pretends to be an exploit created by the Last Stage of Delirium that targets HP-UX FTP servers..." — No one said it was pretty!
BishII was one of the first multi-shellcode & multi-platform eggshell loaders back in mid 2000's.
YahPoo.c was an exploit I wrote for a vulnerability I found in the Yahoo Messenger Windows application over a decade ago. This was the first exploit I sold to Verisign (formerly IDefence). This vulnerability affected MILLIONS of Yahoo Messenger clients worldwide and with the right shellcode allowed an attacker to install a backdoor on any Windows machine of that era (XP/2k). See the archived news article at CNET.
Bash-4.2.patch is a patch to chmod a 'file' 4775 should a certain 'condition' exist. This tool/backdoor was used to regain root access in a King of the Hill style wargame. See patch for more info.