lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: rafal.kwasny at gmail.com (^^MAg^^)
Subject: new phpBB worm affects 2.0.11

On Fri, 24 Dec 2004 17:06:30 -0500, Herman Sheremetyev
<herman@...bpage.com> wrote:
> My patched phpBB 2.0.11 running on FreeBSD 4.10 was exploited by a new
> variation of the worm this morning.  I'm attaching the 2 perl scripts it
> installs, one is an irc bot the other the worm itself.

Are you sure it's because bug in 2.0.11 ? I see there only old hilight bug

> -Herman

heh, this is soo lame

> my @adms=("ssh");                              # Nick do administrador                        #
16:22:31 [ Whois ssh (ssh@...-140-117.xdsl-dinamico.ctbcnetsuper.com.br) ]
16:22:31 :    Ircname : Se fu ???? e dai ??
16:22:31 :     Domain : "Brazil"
16:22:31 :   Channels : #staff #ssh
16:22:31 :     Server : hub3.ssh.net [SSHWorms R0xNet Server]
16:22:31 --- End of Whois ---

the person with this nick can controll all of this

> my @canais=("#ssh echo");                         # Caso haja senha ("#canal :senha")            #
> $servidor='ssh.gigachat.net' unless $servidor;  # Servidor de irc que vai ser usado            #

/server ssh.gigachat.net
/join #ssh echo
everyone's invited ;)
( also #fuck_this_worm )


greets goes to prophecy who found it at the same time :)
-- 
Greetings
^^MAg^^                                         mailto:/jid: mag@...berpl.org

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ