what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Mayhem

Email addressmayhem at devhell.org
First Active2002-01-12
Last Active2003-09-13
elfsh-0.51b3-portable.tgz
Posted Sep 13, 2003
Authored by Mayhem | Site elfsh.devhell.org

Elf Shell v0.51b3-portable is an automated reverse engineering tool with read/write capability for the ELF format. Sophisticated output with cross references using .got, .ctors, .dtors, .symtab, .dynsym, .dynamic, .rel.* and many other with an integrated hexdump. Designed for Linux. All calls encapsulated in libelfsh.a, so the elfsh API is really reusable.

Changes: It works on Linux, NetBSD, FreeBSD, and Solaris for the INTEL and SPARC architectures. It provides ET_REL injection into ET_EXEC for both arch, and INTEL control flow graphs, as well as a lot of new improvements, as featured lastly in The Cerberus ELF interface article in phrack #61.
tags | shell
systems | linux
SHA-256 | ecffe100d0da12235cfe464726313491409739493030f3fbdb3a28696b23447f
bsd-remote-shellcode.txt
Posted Jan 25, 2003
Authored by Mayhem | Site devhell.org

Net/Free/Open/BSD x86 143 bytes shellcode which binds a shell on tcp port 31337 using setuid/setgid/socket/bind/listen/accept/dup2/exec("/bin/sh").

tags | shell, x86, tcp, shellcode
systems | bsd
SHA-256 | bf8402b782a35acb85ff1f23189281a35a0b1ce19ddcd28b4cd73329ccb099d7
elfsh-0.43b-portable.tgz
Posted Jul 6, 2002
Authored by Mayhem | Site devhell.org

Elf Shell v0.43b-portable is an automated reverse engineering tool with read/write capability for the ELF format. Sophisticated output with cross references using .got, .ctors, .dtors, .symtab, .dynsym, .dynamic, .rel.* and many other with an integrated hexdump. Designed for Linux. All calls encapsulated in libelfsh.a, so the elfsh API is really reusable. Sample output here.

Changes: Bigger testsuite, documentation improved, minor bugs and typo fixed, Improved portability - still working on Redhat, Debian, Slackware Linux, NetBSD and FreeBSD current.
tags | shell
systems | linux
SHA-256 | 9068395673dc10ca19ad2f71181d0ce313ff9da89bde2727c0db51c616b87c20
lkh-1.1-linux-2.4.18.tgz
Posted May 17, 2002
Authored by Mayhem | Site devhell.org

Linux Kernel Hooker library (LKH) version 1.1 (the subject of an article in phrack #58) provides a general purpose hooking interface with easy to use C primitives. It allows you to Hijack a kernel function, Add up to 8 callbacks for the function, Access the original parameters and modify them (retroactive changes), Add or remove a callback when you want, and more. Available for kernel versions 2.4.5, 2.4.6, 2.4.7, 2.4.8, 2.4.10, 2.4.12, 2.4.13, 2.4.14, 2.4.15, 2.4.16, 2.4.17, and 2.4.18.

tags | kernel
systems | linux
SHA-256 | 803bdaeb7ed2a10b053826d87231306f31f5fc0f0193613ae6bf7613d1ff4f7a
LKH-1.1-LINUX-2.4.10.tgz
Posted Feb 12, 2002
Authored by Mayhem | Site devhell.org

LKH is a very powerful and documented kernel function hooking library running on Linux 2.4/x86 . The code has been explained and the API described in Phrack #58 : Linux x86 kernel function hooking emulation. It Supports functions with or without frame pointer, you can enable, disable the hook, access in rw mode the original function parameters, set as permanent or singleshot hijacking, and be discrete or aggressive.

Changes: Now available for kernels 2.4.6, 2.4.7, 2.4.8, and 2.4.10.
tags | x86, kernel
systems | linux, unix
SHA-256 | 16c7ed9d936ee524ab55a4a97c5e3ce75a22f7ef153579eaf81e0fc3edbec54b
elf-runtime-fixup.txt
Posted Jan 17, 2002
Authored by Mayhem | Site devhell.org

Reversing the ELF - Stepping with GDB during PLT uses and .GOT fixup. This is a GDB tutorial about runtime process fixup using the Procedure Linkage Table section (.plt) and the Global Offset Table section (.got) by the dynamic linker ld-linux.so. ASM knowledge will be helpful. More info on ELF here.

tags | paper
systems | linux, unix
SHA-256 | d827aaba5feb045e90dea774ade60c84ce956eb244b90457391bfb60f6d84432
LKH-1.1.tgz
Posted Jan 12, 2002
Authored by Mayhem | Site devhell.org

LKH is a very powerful and documented kernel function hooking library running on Linux 2.4/x86 . The code has been explained and the API described in Phrack #58 : Linux x86 kernel function hooking emulation. It Supports functions with or without frame pointer, you can enable, disable the hook, access in rw mode the original function parameters, set as permanent or singleshot hijacking, and be discrete or aggressive.

tags | x86, kernel
systems | linux, unix
SHA-256 | e3efb0bc08482cc47cdb890c9383289d52b76dacfd5498437b9f05b73fc02d15
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close