Full Disclosure mailing list archives

Re: I know its old, but what the heck does this do... (exposing a tool...)

From: xD 0x41 <secn3t () gmail com>
Date: Wed, 26 Oct 2011 13:18:14 +1100

I use darknets to help me,
they send me the info i need.
simple answer to simple question.
look them up, they may oneday protect you, also.


On 26 October 2011 13:15, adam <adam () papsy net> wrote:

http://home.no/exploited/exploits/kmodaxx.c (almost[?] identical code,
claims to be a remote kernel root exploit)
http://www.securitylab.ru/forum/forum32/topic3728/?PAGEN_1=2 (very similar
code, claims to be an IIS exploit)
http://seclists.org/fulldisclosure/2003/Jun/456 (didn't read entire
thread, code is mentioned though)

I'm sure there's more, but this kinda reminds me of that leaked "private
exploit" on pastebin a few weeks back (you know, the one that was nice
enough to create a _local_ root account), and insisted that it was private
private private and specifically said NOT to leak it.

I am curious as to how you're so certain that it's on "many many boxes" yet
know next to nothing about it.

On Tue, Oct 25, 2011 at 8:50 PM, xD 0x41 <secn3t () gmail com> wrote:

Hello List,
Id like people to also, like this thread asks, to pls give some opinion,
other than mine.. wich, i am yet to make;

http://www.hackerthreads.org/Topic-5973

Please look at this .c code on here, if you wish, and tell me, why
A. It is still in circulation, seeminlgly, on MANY MANY boxes....
B. people still seem to try keep it private :s

This morning, a friend from webhostingtalk.com ,asked me to take a look.
I have and, i can only sofar say, once i decrypt the shellcode, ill  know
abit more..
altho , i rmember this thing, and, somany people were after it, people
were paying for it, this is first time i have seen it actually disclosed
tho,
admittedly only looked today.
If skiddies are using it to ddos things, I want to makesure i can expose
it, and kill the threats.
thankyou.
xd .// exposing bullshit as i ride!


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

I know its old, but what the heck does this do... (exposing a tool...) xD 0x41 (Oct 25)
- Re: I know its old, but what the heck does this do... (exposing a tool...) Mike Hale (Oct 25)
- Re: I know its old, but what the heck does this do... (exposing a tool...) adam (Oct 25)
  - Re: I know its old, but what the heck does this do... (exposing a tool...) xD 0x41 (Oct 25)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) Antony widmal (Oct 25)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) xD 0x41 (Oct 25)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) Antony widmal (Oct 25)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) xD 0x41 (Oct 25)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) Flavio do Carmo Junior (Oct 26)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) GloW - XD (Oct 26)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) doc mombasa (Oct 28)
    - Re: I know its old, but what the heck does this do... (exposing a tool...) Antony widmal (Oct 26)
  - Re: I know its old, but what the heck does this do... (exposing a tool...) xD 0x41 (Oct 25)
    - Message not available
    - Re: I know its old, but what the heck does this do... (exposing a tool...) xD 0x41 (Oct 25)

(Thread continues...)