2
2
I have some interest if finding out a bit more about an exploit that was published that creates a root user in a linux machine; however, before I run the code, I want to make sure I understand all of it and I can't seem to find any information on the hex codes being used.
This is the link to the exploit code source: exploitdb.com/exploits/17439
It's a basic C program, but the value of one of the pointers uses code like this:
"\x6a\x26\x5a\x25\x04\xe3\xb3\x64"
"\x04\xc7\x03\x65\x48\xe6\x02\xc3"
How do I decode this to ASCII and how can I re-encode it back?
I'm thinking I could be totally off-base here and really this code should decode to assembly, but I don't really know. Either way, what can I do with this code to make sure I'n not executing arbitrary commands?
I'm completely new to C, but know enough VB.net/C#/PHP to be dangerous.
P.S. For those of you who are concerned, I'll be running this in a VM.
This is probably getting in to stack overflow territory, but could you provide a basic code example (even if pseudo-code) of how to get python to parse this? – skub – 2011-07-08T05:50:54.797
There is no further parsing. What I showed is what Python knows about it. You will need a disassembler (or a ...) from here. – Ignacio Vazquez-Abrams – 2011-07-08T05:52:26.683
Maybe you want to ask this on http://codegolf.stackexchange.com/ perhaps they can help you.
– Michael K – 2011-07-08T07:26:11.667