I know this blog is turning out to be a propaganda machine for the anti-sec guys, but let me assure you there’s no such thing going on here. It’s just that their antics are generating more interest day-by-day.
Well, now they are rumored to have released (or was it leaked ??) the OpenSSH 0-day ( Open0wn.c )that helped them exploit vulnerable systems on the internet.
Thierry Zoller has disassembled the shellcode to find the that it is actually a hex-coded IRC-bot and the linux command ” rm -rf ~ /* 2> /dev/null ”
They seem to have taken their movements to new heights. If this 0-day was really released by the Anti-sec movement, then I’m sure their target were unsuspecting script-kiddies who simply download exploits from the internet and run them against vulnerable systems.
Thierry has done a good job too. Check out his analysis here
For details check out the following links:
Shellcode Disassemly + IRC code –> Thierry Zoller’s analysis