[ElectronicSouls] - Offset Bruteforcing

[es () hush com]

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

For centuries, skilled blackhats have written their exploits in such
a fashion that they are not usuable by normal scriptkids, where offsets
are not automatically calculated, and must be bruteforced.  When we
were given some code written by plaguez[0dd], antiNSA[0dd], and from
Solar_Designer[0dd], we came across the problem of not being able to
get root on any machines.

We devised the following technique for automating exploitation with
code in this style, hope it helps you out.

# cat  ESobf.c
/* (C) vux [ElectronicSouls]
 *
 * PROPERTY OF THE ELECTRONICSOULS CREW !
 * DO NOT DISTRIBUTE !
 *
 * simple offset brute forcer - easy guessing the offset needed to run any
   exploit succefully.
 * it's not tested but it should work! if you find any error in the code,
   please let me know!
 *
 */

#include <stdio.h>
#define PATH "/path/to/exploit -o [ofst]" // change it to the exploits's
                                          // path with the offsets's param

int main() {
 int var;
 for (var = -2000;var < 2000;var = var +1); {
 printf("\tbrute forcing : \n");
 printf("trying offset : %d\n", var);
 system("ulimit -c 0; %s "PATH"", var);
 return 0;
}
}

#

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"Do you want some wine with your cheese?"

-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3noIgMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltOZgAnRhwI3pToNKC
M4GyyiFDUm2lNX/cAJwOLyUuc2xfHQO4z9lMNEvAVyqvIw==
=bZWq
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html