| -::DATE |
-::DESCRIPTION |
-::HITS |
|
|
|
|
-::AUTHOR |
| 2007-04-02 |
linux/x86 raw-socket ICMP/checksum shell 235 byte |
27809 |
R |
|
D
|
|
mu-b
|
| 2007-03-09 |
linux/x86 /sbin/iptables -F 40 bytes |
22252 |
R |
|
D
|
|
Kris Katterjohn
|
| 2007-03-09 |
linux/x86 kill all processes 11 bytes |
41221 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-20 |
linux/x86 execve read shellcode - 92 bytes |
12705 |
R |
|
D
|
|
0ut0fbound
|
| 2006-11-17 |
linux/x86 /sbin/ipchains -F 40 bytes |
9612 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-17 |
linux/x86 set system time to 0 and exit 12 bytes |
8302 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-17 |
linux/x86 add root user r00t with no password to
/etc/passwd 69 bytes |
25389 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-17 |
linux/x86 chmod 0666 /etc/shadow 36 bytes |
10497 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-17 |
linux/x86 forkbomb 7 bytes |
7089 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-17 |
linux/x86 execve(rm -rf /) shellcode 45 bytes |
6613 |
R |
|
D
|
|
Kris Katterjohn
|
| 2006-11-16 |
linux/x86 setuid(0) + execve(/bin/sh) 28 bytes |
5593 |
R |
|
D
|
|
Revenge
|
| 2006-11-16 |
linux/x86 execve(/bin/sh) 22 bytes |
5450 |
R |
|
D
|
|
Revenge
|
| 2006-10-22 |
linux/x86 HTTP/1.x GET, Downloads and execve() 111 bytes+ |
7000 |
R |
|
D
|
|
izik
|
| 2006-08-02 |
linux/x86 executes command after setreuid (9 + 40 bytes + cmd) |
10497 |
R |
|
D
|
|
bunker
|
| 2006-07-20 |
linux/x86 stdin re-open and /bin/sh exec shellcode |
9044 |
R |
|
D
|
|
Marco Ivaldi
|
| 2006-07-20 |
linux/x86 re-use of /bin/sh string in .rodata shellcode 16 bytes |
7117 |
R |
|
D
|
|
Marco Ivaldi
|
| 2006-07-20 |
linux/x86 setuid(0) and /bin/sh execve() shellcode 30 bytes |
6499 |
R |
|
D
|
|
Marco Ivaldi
|
| 2006-07-20 |
linux/x86 setuid/portbind shellcode 96 bytes |
5903 |
R |
|
D
|
|
Marco Ivaldi
|
| 2006-07-04 |
linux/x86 portbind (define your own port) 84 bytes |
6549 |
R |
|
D
|
|
oveRet
|
| 2006-05-14 |
linux/x86 execve() Diassembly Obfuscation Shellcode 32 bytes |
7726 |
R |
|
D
|
|
BaCkSpAcE
|
| 2006-05-08 |
linux/x86 SET_PORT() portbind 100 bytes |
7108 |
R |
|
D
|
|
Benjamin Orozco
|
| 2006-05-08 |
linux/x86 SET_IP() Connectback Shellcode 82 bytes |
7172 |
R |
|
D
|
|
Benjamin Orozco
|
| 2006-05-01 |
linux/x86 execve(/bin/sh) 24 bytes |
8530 |
R |
|
D
|
|
hophet
|
| 2006-04-18 |
linux/x86 xor-encoded Connect Back Shellcode 371 bytes |
6028 |
R |
|
D
|
|
xort
|
| 2006-04-17 |
linux/x86 execve(/bin/sh) + ZIP Header 28 bytes |
5600 |
R |
|
D
|
|
izik
|
| 2006-04-17 |
linux/x86 execve(/bin/sh) + RTF Header 30 bytes |
4475 |
R |
|
D
|
|
izik
|
| 2006-04-17 |
linux/x86 execve(/bin/sh) + RIFF Header 28 bytes |
4414 |
R |
|
D
|
|
izik
|
| 2006-04-17 |
linux/x86 execve(/bin/sh) + Bitmap Header 27 bytes |
4717 |
R |
|
D
|
|
izik
|
| 2006-04-16 |
linux/x86 SWAP restore shellcode 109 bytes |
4434 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-16 |
linux/x86 SWAP store shellcode 99 bytes |
4412 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-06 |
linux/x86 Password Authentication portbind Shellcode 166 bytes |
7613 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-06 |
linux/x86 portbind (port 64713) 86 bytes |
5303 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-03 |
linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 25 bytes |
5756 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-03 |
linux/x86 execve("/bin/sh", ["/bin/sh", NULL]) 23 bytes |
4923 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-03 |
linux/x86 setuid(0) + execve("/bin/sh", ["/bin/sh", NULL]) 31 bytes |
4904 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-03 |
linux/x86 setuid(0),setgid(0) execve(/bin/sh, [/bin/sh, NULL]) 37 bytes |
4701 |
R |
|
D
|
|
Gotfault Security
|
| 2006-04-03 |
linux/x86 setreuid(0,0) execve("/bin/sh", ["/bin/sh", NULL]) 33 bytes |
4427 |
R |
|
D
|
|
Gotfault Security
|
| 2006-03-12 |
linux/x86 HTTP/1.x GET, Downloads and JMP - 68 bytes+ |
6585 |
R |
|
D
|
|
izik
|
| 2006-02-07 |
linux/x86 TCP Proxy Shellcode 236 bytes |
8240 |
R |
|
D
|
|
phar
|
| 2006-01-26 |
linux/x86 execve /bin/sh anti-ids 40 bytes |
6631 |
R |
|
D
|
|
NicatiN
|
| 2006-01-25 |
linux/x86 execve /bin/sh xored for Intel x86 CPUID 41 bytes |
5812 |
R |
|
D
|
|
izik
|
| 2006-01-25 |
linux/x86 execve /bin/sh (encoded by +1) 39 bytes |
5492 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 Adduser without Password to /etc/passwd 59 bytes |
9157 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 anti-debug trick (INT 3h trap) + execve /bin/sh 39 bytes |
4953 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 Bind /bin/sh to 31337/tcp 80 bytes |
5947 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 Bind /bin/sh to 31337/tcp + fork() 98 bytes |
5233 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 24/7 open cd-rom loop (follows /dev/cdrom symlink) 39 bytes |
4922 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 eject cd-rom (follows /dev/cdrom symlink) + exit() 40 bytes |
4973 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 eject/close cd-rom loop (follows /dev/cdrom symlink) 45 bytes |
4812 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 chmod(/etc/shadow, 0666) + exit() 32 bytes |
5369 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 connect-back shellcode 127.0.0.1:31337/tcp 74 bytes |
5428 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 normal exit w/ random (so to speak) return value 5 bytes |
4519 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 getppid() + execve(/proc/pid/exe) 51 bytes |
4429 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 quick (yet conditional, eax != 0 and edx == 0) exit 4 bytes |
4596 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 reboot() - 20 bytes |
6398 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 setreuid(0, 0) + execve(/bin/sh) 31 bytes |
4814 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 execve(/bin/sh) / PUSH - 23 bytes |
4705 |
R |
|
D
|
|
izik
|
| 2006-01-21 |
linux/x86 cat /dev/urandom > /dev/console, just for kicks - 63 bytes |
4849 |
R |
|
D
|
|
izik
|
| 2005-12-28 |
linux/x86 Connect Back shellcode 90 bytes |
7368 |
R |
|
D
|
|
xort
|
| 2005-12-28 |
linux/x86 socket-proxy shellcode 372 bytes |
5790 |
R |
|
D
|
|
xort
|
| 2005-11-09 |
linux/x86 dup2(0,0); dup2(0,1); dup2(0,2); 15 bytes |
5510 |
R |
|
D
|
|
Charles Stevenson
|
| 2005-11-09 |
linux/x86 if(read(fd,buf,512)<=2) _exit(1) else buf(); 29 bytes |
5054 |
R |
|
D
|
|
Charles Stevenson
|
| 2005-11-09 |
linux/x86 _exit(1); 7 bytes |
5477 |
R |
|
D
|
|
Charles Stevenson
|
| 2005-11-09 |
linux/x86 read(0,buf,2541); chmod(buf,4755); 23 bytes |
4987 |
R |
|
D
|
|
Charles Stevenson
|
| 2005-11-09 |
linux/x86 write(0,"Hello core!\n",12); (w/optional 7 byte exit) 36 bytes |
5651 |
R |
|
D
|
|
Charles Stevenson
|
| 2005-11-04 |
linux/x86 snoop /dev/dsp shellcode 172 bytes |
9283 |
R |
|
D
|
|
phar
|
| 2005-09-15 |
linux/x86 /bin/sh Standard Opcode Array Payload 21 Bytes |
7205 |
R |
|
D
|
|
c0ntex
|
| 2005-09-09 |
linux/x86 examples of long-term payloads hide-wait-change (.s) |
6292 |
R |
|
D
|
|
xort
|
| 2005-09-08 |
linux/x86 examples of long-term payloads hide-wait-change 187 bytes+ |
5764 |
R |
|
D
|
|
xort
|
| 2005-09-04 |
linux/x86 /bin/sh sysenter Opcode Array Payload 23 Bytes |
5431 |
R |
|
D
|
|
BaCkSpAcE
|
| 2005-08-25 |
linux/x86 /bin/sh sysenter Opcode Array Payload 27 Bytes |
5514 |
R |
|
D
|
|
amnesia
|
| 2005-08-19 |
linux/x86 /bin/sh sysenter Opcode Array Payload 45 bytes |
6385 |
R |
|
D
|
|
c0ntex
|
| 2005-07-11 |
linux/x86 chroot & standart 66 bytes |
6823 |
R |
|
D
|
|
Okti
|
| 2005-06-19 |
linux/x86 upload & exec 189 bytes |
8138 |
R |
|
D
|
|
cybertronic
|
| 2004-12-26 |
linux/x86 setreuid/execve 31 bytes |
6668 |
R |
|
D
|
|
oc192
|
| 2004-12-22 |
linux/x86 alpha-numeric shellcode 64 bytes |
6896 |
R |
|
D
|
|
xort
|
| 2004-12-22 |
linux/x86 alpha-numeric using IMUL Method shellcode 88 bytes |
6309 |
R |
|
D
|
|
xort
|
| 2004-12-22 |
linux/x86 Radically Self Modifying Code 70 bytes |
6474 |
R |
|
D
|
|
xort
|
| 2004-12-22 |
linux/x86 Magic Byte Self Modifying Code 76 bytes |
6518 |
R |
|
D
|
|
xort
|
| 2004-11-15 |
linux/x86 execve code 23 bytes |
5235 |
R |
|
D
|
|
marcetam
|
| 2004-11-15 |
linux/x86 execve("/bin/ash",0,0); 21 bytes |
5206 |
R |
|
D
|
|
zasta
|
| 2004-09-26 |
linux/x86 execve /bin/sh alphanumeric 392 bytes |
5377 |
R |
|
D
|
|
RaiSe
|
| 2004-09-26 |
linux/x86 execve /bin/sh IA32 0xff-less 45 bytes |
4685 |
R |
|
D
|
|
anathema
|
| 2004-09-26 |
linux/x86 symlink /bin/sh xoring 56 bytes |
5230 |
R |
|
D
|
|
dev0id
|
| 2004-09-26 |
linux/x86 portbind port 5074 toupper 226 bytes |
4814 |
R |
|
D
|
|
Tora
|
| 2004-09-26 |
linux/x86 add user t00r ENCRYPT 116 bytes |
5477 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-26 |
linux/x86 chmod 666 shadow ENCRYPT 75 bytes |
5431 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-26 |
linux/x86 symlink . /bin/sh 32 bytes |
4848 |
R |
|
D
|
|
dev0id
|
| 2004-09-26 |
linux/x86 kill snort 151 bytes |
5038 |
R |
|
D
|
|
nob0dy
|
| 2004-09-26 |
linux/x86 shared memory exec 50 bytes |
4617 |
R |
|
D
|
|
sloth
|
| 2004-09-26 |
linux/x86 iptables -F 45 bytes |
5211 |
R |
|
D
|
|
UnboundeD
|
| 2004-09-26 |
linux/x86 iptables -F 58 bytes |
5358 |
R |
|
D
|
|
dev0id
|
| 2004-09-26 |
linux/x86 Reverse telnet 134 bytes |
6156 |
R |
|
D
|
|
hts
|
| 2004-09-26 |
linux/x86 connect 120 bytes |
5127 |
R |
|
D
|
|
lamagra
|
| 2004-09-26 |
linux/x86 chmod 666 /etc/shadow 41 bytes |
5451 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-26 |
linux/x86 cp /bin/sh /tmp/katy ; chmod 4555 katy 126 bytes |
5320 |
R |
|
D
|
|
RaiSe
|
| 2004-09-26 |
linux/x86 eject /dev/cdrom 64 bytes |
5009 |
R |
|
D
|
|
lamagra
|
| 2004-09-26 |
linux/x86 xterm -ut -display [IP]:0 132 bytes |
5331 |
R |
|
D
|
|
RaiSe
|
| 2004-09-26 |
linux/x86 ipchains -F 49 bytes |
4712 |
R |
|
D
|
|
Sp4rK
|
| 2004-09-26 |
linux/x86 chmod 666 /etc/shadow 82 bytes |
5725 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 execve /bin/sh 29 bytes |
5642 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 execve /bin/sh 24 bytes |
5616 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 execve /bin/sh 38 bytes |
5404 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 execve /bin/sh 30 bytes |
5058 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 execve /bin/sh setreuid(12,12) 50 bytes |
6052 |
R |
|
D
|
|
n/a
|
| 2004-09-12 |
linux/x86 portbind port 5074 92 bytes |
5262 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 portbind port 5074 + fork() 130 bytes |
5226 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 add user t00r 82 bytes |
6064 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 add user 104 bytes |
5106 |
R |
|
D
|
|
Matt Conover
|
| 2004-09-12 |
linux/x86 break chroot 34 bytes |
5614 |
R |
|
D
|
|
dev0id
|
| 2004-09-12 |
linux/x86 break chroot 46 bytes |
5543 |
R |
|
D
|
|
dev0id
|
| 2004-09-12 |
linux/x86 break chroot execve /bin/sh 80 bytes |
4890 |
R |
|
D
|
|
preedator
|
| 2004-09-12 |
linux/x86 execve /bin/sh encrypted 58 bytes |
5154 |
R |
|
D
|
|
Matias Sedalo
|
| 2004-09-12 |
linux/x86 execve /bin/sh xor encrypted 55 bytes |
6157 |
R |
|
D
|
|
n/a
|
| 2004-09-12 |
linux/x86 execve /bin/sh tolower() evasion 41 bytes |
5998 |
R |
|
D
|
|
n/a
|
| 2001-05-07 |
execve of /bin/sh after setreuid(0,0) |
5857 |
R |
|
D
|
|
Marco Ivaldi
|
| 2001-01-13 |
linux chroot()/execve() code |
5562 |
R |
|
D
|
|
preedator
|
| 2000-08-08 |
linux/x86 execve /bin/sh toupper() evasion 55 bytes |
6156 |
R |
|
D
|
|
n/a
|
| 2000-08-07 |
linux/x86 add user 70 bytes |
7702 |
R |
|
D
|
|
n/a
|
| 2000-08-07 |
linux/x86 break chroot setuid(0) + /bin/sh 132 bytes |
7980 |
R |
|
D
|
|
n/a
|
