Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Apache 1.3.27 Remote Root 0-Day

From: "William D. Colburn (aka Schlake)" <wcolburn () nmt edu>
Date: Fri, 20 Jun 2003 12:07:04 -0600
On Fri, Jun 20, 2003 at 05:29:18PM +0100, James Greenhalgh wrote:

Well it gave me a good laugh on a Friday afternoon anyway :)  Read the
code, it doesn't send that "shellcode" to a remote server at all, it
executes it.


Dump of assembler code for function shellcode:
0x08049a20 <shellcode+0>:       xor    %ebx,%ebx
0x08049a22 <shellcode+2>:       xor    %eax,%eax
0x08049a24 <shellcode+4>:       xor    %edx,%edx
0x08049a26 <shellcode+6>:       mov    $0x18,%dl
0x08049a28 <shellcode+8>:       push   $0xa213f20
0x08049a2d <shellcode+13>:      push   $0x58315254
0x08049a32 <shellcode+18>:      push   $0x344d2065
0x08049a37 <shellcode+23>:      push   $0x68542073
0x08049a3c <shellcode+28>:      push   $0x69207461
0x08049a41 <shellcode+33>:      push   $0x68572d2d
0x08049a46 <shellcode+38>:      mov    %esp,%ecx
0x08049a48 <shellcode+40>:      mov    $0x4,%al
0x08049a4a <shellcode+42>:      int    $0x80

Um, I think you can rent it at Blockbuster, or buy it from Amazon.com.


--
William Colburn, "Sysprog" <wcolburn () nmt edu>
Computer Center, New Mexico Institute of Mining and Technology
http://www.nmt.edu/tcc/     http://www.nmt.edu/~wcolburn
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: