[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] HOON & shellcode again!

To: vuln-dev@securityfocus.com
Subject: [Full-Disclosure] HOON & shellcode again!
From: ned <nd@felinemenace.org>
Date: Fri, 15 Aug 2003 00:58:53 -0700 (PDT)

Hey,
second installament of HOON, with calls and jmps pretty much fully 
working. anyway, there is going to be alot of sub-methods goin into HOON 
in the next few releases as it shifts to accomodate people trying to 
exploit stuff. some possibilities are unicode shellcode creation (although 
the rest of the artcles sucked - PHraCk that is...). anyway, here's a 
little demo to suck you in.

C:\HOON> python hoon.py
<-- TOKENS -->
[INSTRUCTION] [REGISTER] [REGISTER] : xorl %eax,%eax
[INSTRUCTION] [REGISTER] [REGISTER] : xorl %esp,%esp
[INSTRUCTION] [REGISTER] [REGISTER] : xorl %ebx,%ebx
<-- ENDTOKEN -->

<-- SHELLCODE -->
char sc[]="\x33\xc0\x33\xc0\x33\xc0";
<-- ENDSHELLCODE -->
\x33\xc0\x33\xc0\x33\xc0

mmmkay was the only thing on my prompt!

get it from:

http://felinemenace.org/HOON.zip
http://felinemenace.org/HOON.tar

FIX IT PLEASE!
- nd
-- 
http://felinemenace.org/~nd

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] msblast DDos counter measures (More Insight Maybe?)
Next by Date: Re:[Full-Disclosure] curious email
Prev by thread: [Full-Disclosure] [RHSA-2003:199-02] Updated unzip packages fix trojan vulnerability
Next by thread: [Full-Disclosure] CERT site not available
Index(es):
- Date
- Thread