RE: burneye, how i can defeat it?
From: really blurred vision (really_blurred_vision_at_hotmail.com)
Date: 12/02/03
- Previous message: Brett Moore: "RE: [PenTest] Re: Win32 Shellcode question."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'VunlDev'" <vuln-dev@securityfocus.com> Date: Tue, 2 Dec 2003 15:19:05 +1100
It appears that someone has found a way to:
http://lists.debian.org/debian-security-announce/debian-security-announce-20
03/msg00212.html
.. Forensics revealed a burneye encrypted exploit. Robert van der Meulen
managed to decrypt the binary which revealed a kernel exploit...
I guess it depends to what level the binary had been burneyed to....
Food for thought anyway...
Blurred.
-----Original Message-----
From: gr00vy [mailto:groovy2600@yahoo.com.ar]
Sent: Sunday, 16 November 2003 6:26 AM
To: VunlDev
Subject: burneye, how i can defeat it?
hi list, im writting because i have a problem with a binary, it is
encrypted with teso burneye, get it at teso's home.
i would apreciate if you *point me to a some kind of text explaining how
to debug this kind of problems.
I have been trying whit pice but it is for kernels bellow .17 -(i can't
download it :S ).
thanks for the possyble replys
TEEE burneye - TESO ELF Encryption Engine
-------BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)
mQGiBD+MWD0RBAD0zsMD23euntPmXJScQ6aqId4s6SGHw5FdcgSdxM2rRo1/HJ10
yZhApRGKCbnM/RW8P1+pIKlKBvSIp9wmeIgikz4KGmzGIfuhaHwzVOTEBmY3PBqn
Q73LLC+tsUPRDDuEQY5OmtbiukRmCBWFezAzFOmD3RhbgjtkGXP3nCfKbwCgnMDh
/cBR9cMJDJSBnt+s3odafjMD/io6JbwCL7s3EUjU/QtNI3Zwflm/biPjMu0++wIb
IEtfTLKiAKWGpnoIVjPe8bH6uQgbp4n8G1fFkkvlmvXc2Yz012MFLJyyJLRLg4L1
ZG72ExhGz54D3GV9t5VqG9IsNfDSYrH/GC6zE6N2jRFL/e6K/sg82zZqBGRpkmdM
48xyBACuNgIWtPpaMdM+WeC7nh6+j5E5eT+x1RinDHGH95y4gpKBhBr/Yc4nQvh5
e07wHHO4iWuTrnCbxEaKFOk1iTY3b1eZXZvcdJPiyq2nfp7OoRs69JZ40HQSA+aF
O60rlEh8UgnD3fDD9/JzxW3iAdDPk8BLuoAC1Qdt1qpbhv0UkrQ1Z3IwMHZ5ICha
ZW5DcmFja2luZy5jb20uYXIpIDxncm9vdnkyNjAwQHlhaG9vLmNvbS5hcj6IWQQT
EQIAGQUCP4xYPQQLBwMCAxUCAwMWAgECHgECF4AACgkQTKxJeVJCmvAmrwCfZSL3
bx1vyW4pTNwyez0fdOJmQ+EAoIOUDo0aO9LdfpruyrTzvkQaOlnSuQENBD+MWD4Q
BADcytQOgY+pPtQdgKTn53VIEOzyagqNdfd3ei0K+TIEl9x9rdOwYWn5bf8m6QIn
EgWi9+cvvXIl7+ziHUOCyx/BmB3bNQ9TSIlrpx+S42BJvTAJEb0hTDn6FkeupBea
edxCyt25hJjb0NoMhn32kDiWIEGqh16Tt+h0W6MbFVDilwADBQQAmY+DT5cx6u9Y
urffLDVq2/FHUncJQ5jIZy+ThqRWG+DBg46UzGqSIZzXhyB49k1EBgTPA8d8rJML
fLnre1ccRvzo++VR6iIEAX5ur2mosM2SCePbJ4yTugkFPGt7dfgnQnWhNMO8GMYo
x0HyN+VM72VmqEKG+k7c5cVZ8GvEH4uIRgQYEQIABgUCP4xYPgAKCRBMrEl5UkKa
8ILrAJoCQOtCNlNOdbImuMTLu8hN9GHgiACgkQZQTHy1ielq23Vyl0A5Vy98bkQ=
=LiOi
-----END PGP PUBLIC KEY BLOCK-----
- Previous message: Brett Moore: "RE: [PenTest] Re: Win32 Shellcode question."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
