1 |
On Wed, 2011-03-23 at 16:56 -0500, Donnie Berkholz wrote: |
2 |
> It's called reverse shellcode. One would exploit a vulnerability in your |
3 |
> web browser, email reader, or integrated apps/libraries (primarily |
4 |
> Flash, Evince/libpoppler, or Java) that provides the ability to run |
5 |
> arbitrary code as the local user to get the shellcode onto your system |
6 |
> and run it. Reverse shellcode then connects from your computer to a |
7 |
> remote server and provides them with a login shell. |
8 |
|
9 |
Very interesting! |
10 |
|
11 |
I did a bit of looking. This appears to be far into the realm of |
12 |
grey-hat hacking. I found |
13 |
<http://linux.softpedia.com/get/System/Shells/Sishell-25119.shtml> and |
14 |
<http://projectshellcode.com/node/2>. |
15 |
|
16 |
This looks mostly like it's theoretical, proof of concept stuff, and |
17 |
some of it uses DNS as an intermediary agent. Do exploits based on on |
18 |
these techniques actually exist in the wild that you know of? |
19 |
|
20 |
Linux is unsinkable, just like the Titanic. |
21 |
|
22 |
-- |
23 |
Lindsay Haisley | "Never expect the people who caused a problem |
24 |
FMP Computer Services | to solve it." - Albert Einstein |
25 |
512-259-1190 | |
26 |
http://www.fmp.com | |