User talk:Abliss

From Exploitee.rs
Revision as of 22:57, 11 February 2011 by Catrane (talk | contribs) (Pad strategy.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Nice work on extending the pad! What approach are you using? I enhanced my file-crossreferencer so that in addition to knowing the valid character set of each of the six files, it understands the Intel .hex file format enough to force a colon after a definite \r\n, disallow colon if not on the line after a possible \n, disallow colon within 12 chars of a definite colon, and such. After that I've been using manual pattern searching to find standard shell script patterns in the possibilities (e.g. "| grep") and then run a manual search of the dictionary file for sequences of options that look like they could be dictionary words. A lot of brute force, but it's at least revealing the contents of the shell scripts. The tgz files would require that we figure out the pattern though.