A forum for reverse engineering, OS internals and malware analysis 

EXP/Linux.Small.AU (Linux Kernel 2.6.27 x86/x64 expl)

Forum for analysis and discussion about malware.

EXP/Linux.Small.AU (Linux Kernel 2.6.27 x86/x64 expl)

 #19112  by Xylitol
 Mon Apr 29, 2013 9:41 am
Desc: http://seclists.org/fulldisclosure/2010/Sep/268
http://www.exploit-db.com/exploits/15024/
Found on a compromised server also with these files
Image
https://www.virustotal.com/en/file/0493 ... 367228407/
Attachments
infected
(10.72 KiB) Downloaded 80 times

Re: EXP/Linux.Small.AU (Linux Kernel 2.6.27 x86/x64 expl)

 #24925  by unixfreaxjp
 Tue Jan 13, 2015 9:47 am
Hi @Xylit0l,

Glad that you open this thread. Those chinese ELF moronz is using these too.
Image
Some PoC got from reversing this before I checked into KM...
x32: https://www.virustotal.com/en/file/11cd ... /analysis/ < has comment
x64: https://www.virustotal.com/en/file/11cd ... /analysis/
It's a completely copy-paste, the pricks are just compiling it as per it is..
Attachments
7z/infected
(10.21 KiB) Downloaded 45 times
 Return to “Malware”