Anti-sec = Anti Script-kiddie movement ??

I know this blog is turning out to be a propaganda machine for the anti-sec guys, but let me assure you there’s no such thing going on here. It’s just that their antics are generating more interest day-by-day.

They have been in the news recently for some high-profile hacks of Astalavista and Imageshack and for declaring war on the security community (refer previous posts for more information)

Well, now they are rumored to have released (or was it leaked ??) the OpenSSH 0-day ( Open0wn.c )that helped them exploit vulnerable systems on the internet.

Thierry Zoller has disassembled the shellcode to find the that it is actually a hex-coded IRC-bot and the linux command ” rm -rf ~ /* 2> /dev/null
They seem to have taken their movements to new heights. If this 0-day was really released by the Anti-sec movement, then I’m sure their target were unsuspecting script-kiddies who simply download exploits from the internet and run them against vulnerable systems.

Thierry has done a good job too. Check out his analysis here

For details check out the following links:

Open0wn.c source –> Securiteam and Code posted by str0ke

Shellcode Disassemly + IRC code –> Thierry Zoller’s analysis

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s