Full Disclosure mailing list archives
Re(2): An April Fools' Day Android Payload
From: アドリアンヘンドリック <unixfreaxjp22 () gmail com>
Date: Tue, 3 Apr 2012 03:42:31 +0900
Just for the curiosity of "April fool", actually I did a double check the $payload in x86 ASM code. 00000000 add al,0xa0 00000002 sub byte[edi],ah 00000004 add bh,bl 00000006 or al,0xa0 00000008 add ah,byte[ecx+0xdf002753] 0000000e add dword[edi],esp 00000010 add bh,bl 00000012 rol byte[esi+0x2f],0x64 00000016 popad 00000017 je 0x7a 00000019 das 0000001a fs: popad . 0000001c je 0x7f 0000001e das 0000001f arpl word[edi+0x6d],bp 00000022 cs: popad . 00000024 outs dx,byte[esi] 00000025 fs: jb 0x97 00000028 imul esp,dword[esi+ebp*1+0x62],0x73776f72 00000030 gs: jb 0x62 00000033 ins byte[es:edi],dx 00000034 imul esp,dword[edx+0x0],0x61642f00 0000003b je 0x9e 0000003d das 0000003e popad 0000003f jo 0xb1 00000041 add al,al 00000043 inc esi ---- ZeroDay Japan http://0day.jp Hendrik ADRIAN /アドリアン・ヘンドリック On Mon, Apr 2, 2012 at 7:59 PM, Dan Rosenberg <dan.j.rosenberg () gmail com> wrote:
Hendrik, Well, they know about it now. ;-) I figured it was appropriate for April Fools' Day in keeping with the spirit of mischief. I wouldn't worry too much about seeing exploitation of what amounts to a local DoS vulnerability that requires a compromised browser session to exploit. It would be sort of silly to go through the effort to own someone's phone with the end goal of being a minor inconvenience to them. And sorry about the bad formatting on the original post, seems my text editor, email client, and this mailing list just didn't get along this time. Clean version at: http://vulnfactory.org/exploits/aprilfools.S Regards, Dan On 04/02/2012 04:42 AM, ZeroDay.JP wrote:Mr. Rosenberg, I understand the PoC you coded and its affect to APT. But for the April's fool connection, I just don't get it :-) Does Google know it yet? regards, --- ZeroDay Japan http://0day.jp Hendrik ADRIAN /アドリアン・ヘンドリック _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re(2): An April Fools' Day Android Payload アドリアンヘンドリック (Apr 02)
- Re: Re(2): An April Fools' Day Android Payload Andrew Farmer (Apr 02)