DAMPCROWD #27
Comments
|
Listen @JohnnyHobo if you don't know what the fuck your doing dont mess with the binaries |
|
"It just opened a new shell" and a shit load of backdoors lol
… On Apr 14, 2017, at 6:31 PM, Tdog21 ***@***.***> wrote:
Listen johny if you don't know what the fuck your doing dont mess with the binaries
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
@Ekultek lol |
|
Hey, if you can show me where it's installing backdoors I'm all ears. All I found was it tries to open a root shell. Never take my word for anything though, if the NSA handed me enough money I'd just as soon turn around and tell you it's necessary to run all these scripts on every *nix based device you own :P |
|
What a joke! VT hash search results for D01502934C089EA1316F659B5DBC80AE891DCA11 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Dampcrowd appears to my untrained eyes to be a priv-esc attempt.
It creates a shell with setuid and guid set to 0 (root).
13: 080484fc 0 FUNC WEAK DEFAULT UND setuid14: 080484ac 0 FUNC WEAK DEFAULT UND setgidThe exploit did not work on Linux Mint Serena; it just opened up a new /bin/sh shell.
The text was updated successfully, but these errors were encountered: