Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: Thwarting /bin/bash, an anti-overflow concept ?
From: Vlad Tsyrklevich (vladsig11.zemos.net)
Date: Sat Jan 10 2004 - 02:18:14 CST
> Ofcourse we could rename /bin/bash to /bin/whatever_we_want, and thus add
> some security by obscurity, but the next exploit is going to cat
> /etc/shells or /etc/passwd, and then the attacker knows the name of the
When you said this I thought why nobody has done this and created a beta
that reads /etc/shells to
find the first "/" and execute it (A bug being currently even if it resides
in a comment). It's 96
bytes (Pretty big) and has been tested on 2.4 and 2.6 kernels', later on I
may add checking to it
so that it doesn't get fooled by comments.
Shellcode = 96 bytes