[framework-hackers] New Linux/x86 payload: chmod(file, mode)
Kris Katterjohn
katterjohn at gmail.com
Mon Mar 3 15:19:05 CST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey everyone,
I've attached a new payload for Linux/x86: it runs chmod() on the
specified file with the specified mode.
It defaults to chmod("/etc/shadow", 0666):
msf > info linux/x86/chmod
~ Name: Linux Chmod
~ Version: 1
~ Platform: Linux
~ Arch: x86
Needs Admin: No
~ Total size: 69
Provided by:
~ Kris Katterjohn <katterjohn at gmail.com>
Basic options:
Name Current Setting Required Description
- ---- --------------- -------- -----------
FILE /etc/shadow yes Filename to chmod
MODE 0666 yes File mode (octal)
Description:
~ Runs chmod on specified file with specified mode
The generated payload is typically between 30-40 bytes depending on the
filename length. Here it is with the default settings:
kjak at Meryl$ ./msfpayload linux/x86/chmod X >mychmod
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/chmod
~ Length: 36
Options:
Thanks,
Kris Katterjohn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBR8xrRf9K37xXYl36AQK0Tg//SWBTNJt8FH0DyUwHMf1WJjXU6j+bBvd6
bOGUrPw1QPwvLW4hGN33cjwJGPPhESsVK1IakphUhZ+c2m9heWShqAhl/n/HWKJM
+RK98+iscQpEsktHj3/alYVfaO6yrT+1dRo8IVn+j0+A37jNQnUIgyzwCqaxSwRy
dB5O3QkAsBTMGGNsNeC3tgWbb5sM/5Lte5t1J79Rn7wNiBTIL+YJ5pu/2PxXgfj/
shyJI7JAmXq3esbe2Yliy7dq7Xz8+YUJp8s3pFEH0hNnfUwZ/EQNuAAweHMlkLRE
hzGnKwmKwGsItM48ugw1uNhgyQKDDFtKqEhk9+Ar4KDkB/GggA2U0uYx7fH607dq
/1UFaUgjs/PSZaFfcVVj2W+hTxkIhk4DLiD5J0v9MxdwTO14QpjP9khc4pssCS7n
y+nTLp85ubOTerZkyHownoXEzqB+fCWnSxxGCQfzwy1kAFNvTjvQw1Dkyrpma/hj
Wk0LS11SQNj4N7YXofiHM4gOo1+4AR1S4KR/ZhZTgemhvgPbT2JW8YCIb1v789am
xOJK8TbHMeJDaSimVzIeKn0nDbb8l/xwua8rM+sKAsGOhPKDSN/o0e529++ICOYj
M0oKSgle2SlPbcqTMjb2IcVPl98lq0mFe9d3PeuXCu+TFprOo1ErqNxXm938nDkG
ElZFltK9itU=
=6dhS
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: chmod.rb
Type: application/x-ruby
Size: 1164 bytes
Desc: not available
Url : http://spool.metasploit.com/pipermail/framework-hackers/attachments/20080303/2eaeb3e0/attachment.bin
More information about the Framework-Hackers
mailing list