| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Mar 18 01:46:14 2006
From: skodliv at gmail.com (poo)
Subject: FDRuin 0-Day Awesome 0day for ruining this
mailing LIST
GREAT TOOL !!!1!111 MUCH APPRECIATED WILL BE PUT TO GOOD USE!!111
all hail the lolhats!!!!111
On 3/17/06, 3 3 <nazijew@...il.com> wrote:
>
> To extract e-mails from helpful FD archives:
> ---extractor.php
> <?php
> $paren = array("(",")");
> $dirhand = @opendir(".") or die("Unable to open this directory");
>
> $db_hostport = "localhost";
> $db_user = "user";
> $db_pass = "pass";
> $db = "fdmails";
>
> function doQuery($query,$link) {
> $ret = mysql_query ( $query, $link ) or die ('fail : ' .
> mysql_error());
> if (mysql_fetch_row($ret)==false) { $return = false; }
> else { $return = true;}
> return $return;
> }
>
> $link = mysql_connect("{$db_hostport}", "{$db_user}", "{$db_pass}") or
> die("Could not connect: " . mysql_error());
> mysql_select_db($db, $link) or die ('Cant use database : ' .
> mysql_error());
>
> while (false!==($file = readdir($dirhand))) {
> if (stristr($file,".txt")) {
> echo "<hr>Loading File: " . $file . "<br>";
> $handle = @fopen($file, "r");
> if ($handle) {
> while (!feof($handle)) {
> $buffer = fgets($handle, 4096);
> if(strstr($buffer,"From:")&& (strstr($buffer," at
> ")||strstr($buffer,"@"))) {
> $fd = explode(" ", $buffer);
> if ($fd[2]=="at") {
> $email= $fd[1] . "@" . $fd[3];
> }
> else if (stristr($fd[1],"@")) {
> $email= $fd[1];
> }
> else {
> continue;
> }
> $name = substr($buffer, strpos($buffer, "("));
> $name = mysql_real_escape_string ( str_replace($paren,
> "", $name), $link);
> $query = "SELECT * FROM `fdmail` WHERE `Name` LIKE
> '%$name%'";
> if(!doQuery($query,$link)) {
> $query = "INSERT INTO `fdmail` SET Name='$name',
> Email='$email'";
> echo "Query: " . $query . "<br>";
> echo "Result: " . doQuery($query,$link) . "<br>";
> }
> else {
> echo "Updating: $name <br>";
> $query = "UPDATE `fdmail` SET `Name` =
> '$name',`Email` = '$email' WHERE `Name` LIKE '%$name%' ";
> echo "Query: " . $query . "<br>";
> echo "Result: " . doQuery($query,$link) . "<br>";
> }
> }
> }
> fclose($handle);
> }
> }
> }
> closedir($dirhand);
> ?>
>
> --End extractor.php
>
> Where can I find these archives?
>
> http://lists.grok.org.uk/pipermail/full-disclosure/
>
> How can I spam the list?
>
> Option A) Use badly coded FDRuin.php scripts! (Attached!)
>
> Option B) Code your own in perl, using the equally bad generator code
> below!
>
> --lol.pl
> #!/usr/bin/perl
>
> use warnings;
> use strict;
> use DBI;
> use IO::Handle;
>
> LOG->autoflush(1);
>
> my %types;
> my @types_array;
> my %mails;
> my @mails_array;
> my %products;
> my @products_array;
>
> my $dbhandle = DBI->connect( "DBI:mysql:database=fdruin;host=localhost",
> "user", "password", { 'RaiseError' => 1 } );
> my $types_handle = $dbhandle->prepare("SELECT * FROM advisorytype");
> my $mails_handle = $dbhandle->prepare("SELECT * FROM fdmail");
> my $products_handle = $dbhandle->prepare("SELECT * FROM products");
>
> $types_handle->execute();
> while (my $row = $types_handle->fetchrow_hashref()) {
> my $type = $row->{'type'};
> my $desc = $row->{'desc'};
> $types{"$type"} = $desc;
> push(@types_array,$type);
> }
> $types_handle->finish();
>
> $mails_handle->execute();
> while (my $row = $mails_handle->fetchrow_hashref()) {
> my $name = $row->{'Name'};
> my $email = $row->{'Email'};
> $mails{"$name"} = $email;
> push(@mails_array,$name);
> }
> $mails_handle->finish();
>
> $products_handle->execute();
> while (my $row = $products_handle->fetchrow_hashref()) {
> my $product = $row->{'product'};
> my $website = $row->{'website'};
> $products{"$product"} = $website;
> push(@products_array,$product);
> }
> $products_handle->finish();
>
> $dbhandle->disconnect();
>
> open (LOG, ">>log.txt") or die "$!";
> {
> my $name = "$mails_array[int rand @mails_array]";
> my $cvenum = int rand 9999;
> my $email = "$mails{$name}";
> my $product = "$products_array[int rand @products_array]";
> my $URL = "$products{$product}";
> my $type = "$types_array[int rand @types_array]";
> my $desc = "$types{$type}";
> $desc =~ s/\[product\]/$product/;
> my $date = `date`;
> chomp($date);
> my $from = $email;
> my $subject= "Advisory - $date - $type in $product";
> my $message= "Advisory - $date - $type in $product\n\n\n";
> $message=
> gen_msg($date,$type,$product,$desc,$cvenum,$URL,$name,$email,$message);
> print "$message\n\n";
>
> #Mail Function HERE
> }
> close (LOG) or warn "$!";
>
>
> sub gen_msg {
> my ($date,$type,$product,$desc,$cvenum,$URL,$name,$email,$message) =
> @_;
>
> #Entropy Generation.
> my $sepRand = int rand 5; # 0,1,2,3
> my $numerRand = int rand 5;
> my $rand_of_6 = int rand 6; # 0,1,2,3,4,5
>
> #FDRUIN Gay Config.
> my @certs = ("CISSP" , "GSAE" , "CCE" , "CEH" , "CSFA" , "GREM" ,
> "SSP-CNSA" , "SSP-MPA" , "GIPS" , "GHTQ" , "GWAS" , "CAP" , "SSCP");
> my $ucRand = int rand 2;
> my $incBackg = int rand 2;
> my $incDesc = int rand 2;
> my $incHist = int rand 2;
> my $incWork = int rand 2;
> my $incVR = int rand 2;
> my $incCVE = int rand 2;
> my $incApA = int rand 2;
> my $incApB = int rand 4; # Give it more of a chance.
> my $incCont = int rand 4;
> my $incSep2 = int rand 4; # Give it more of a chance.
>
> #lol dont fuck with these
> my $randCerts;
> my $seperator;
> my $contMail;
> my $cert;
> my @numerals;
>
> #hylol you can change this / add entropiez
> my $background = "Background";
> my $description = "Description";
> my $history = "History";
> my $workaround = "Workaround";
> my $vendor_response = "Vendor Response";
> my $cve_information = "CVE Information";
> my $appendix_a = "Appendix A Vendor Information";
> my $appendix_b = "Appendix B References";
> my $contact = "Contact";
>
> if ($sepRand == 0) {
> $seperator = "-" x ((rand 6 + 2) * 7);
> $seperator .= "\n";
> } elsif ($sepRand == 1) {
> $seperator = "=" x ((rand 6 + 2) * 7);
> $seperator .= "\n";
> } elsif ($sepRand == 2) {
> $seperator = "8";
> $seperator .= "=" x (int((rand 6 + 1) * 5));
> $seperator .= "D";
> $seperator .= "~" x (int((rand 6 + 1) * 5));
> $seperator .= "\n";
> } elsif ($sepRand == 3) {
> $seperator = "+" x ((rand 6 + 2) * 7);
> $seperator .= "\n";
> } else {
> $seperator = "";
> }
>
> if ($numerRand == 0) {
> @numerals = ("1.","2.","3.","4.","5.","6.");
> } elsif ($numerRand == 1) {
> @numerals = ("I.","II.","III.","IV.","V.","VI.");
> } elsif ($numerRand == 2) {
> @numerals = ("[+]","[+]","[+]","[+]","[+]","[+]");
> } elsif ($numerRand == 3) {
> @numerals = ("8===D","8===D","8===D","8===D","8===D","8===D");
> } elsif ($numerRand == 4) {
> @numerals = ("o/ ?","? \\o","o/ ?","? \\o","o/ ?","? \\o");
> } else {
> @numerals = ("-","-","-","-","-","-");
> }
>
>
> $contMail = "$email\n"
>
>
> if ($ucRand != 0) {
> $background = uc($background);
> $description = uc($description);
> $history = uc($history);
> $workaround = uc($workaround);
> $vendor_response = uc($vendor_response);
> $cve_information = uc($cve_information);
> $appendix_a = uc($appendix_a);
> $appendix_b = uc($appendix_b);
> $contact = uc($contact);
> }
>
> #generate certs
>
> foreach $cert (@certs) {
> if (int rand 2) {
> $randCerts.= "$cert ";
> }
> }
> if ($incBackg != 0) {
> $message .= $seperator;
> $message .= shift @numerals;
> $message .= " $background\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
> my $backTemp = int rand 3;
> if (int rand 2) {
> $message.= "There ";
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "is ";
> } elsif ($backTemp == 1) {
> $message.= "was ";
> } elsif ($backTemp == 2) {
> if (int rand 2) {
> if (int rand 2) {
> $message.= "has ";
> } else {
> $message.= "had ";
> }
> } else {
> $message.= "has had ";
> }
> $message.= "been ";
> }
> } else {
> $message.= "This ";
> $backTemp = int rand 4;
> if ($backTemp == 0) {
> $message.= "issue ";
> } elsif ($backTemp == 1) {
> $message.= "vulnerability ";
> } elsif ($backTemp == 2) {
> $message.= "problem ";
> } elsif ($backTemp == 3) {
> $message.= "product ";
> }
> if (int rand 2) {
> $message.= "has ";
> } else {
> $message.= "had ";
> }
>
> }
> $message.= "no "; #entropy 'plenty' ? entropy 'fuckton' ?
> if (int rand 2) {
> $message.= "identified ";
> }
> $message.= "background";# Could be end.
>
> if (int rand 2) { #continue
> if (int rand 2) {
> $message.= " information ";
> } else {
> $message.= " commentary ";
> }
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "on ";
> } elsif ($backTemp == 1) {
> $message.= "about ";
> } elsif ($backTemp == 2) {
> $message.= "regarding ";
> }
>
> if (int rand 2) {
> $message.= "this ";
> } else {
> $message.= "the ";
> }
>
> $backTemp = int rand 4;
> if ($backTemp == 0) {
> $message.= "issue";
> } elsif ($backTemp == 1) {
> $message.= "vulnerability";
> } elsif ($backTemp == 2) {
> $message.= "problem";
> } elsif ($backTemp == 3) {
> $message.= "product";
> }
>
> $backTemp = int rand 4;
> if ($backTemp == 0) {
> $message.= " at hand";
> } elsif ($backTemp == 1) {
> $message.= " indentified";
> } elsif ($backTemp == 2) {
> $message.= " in question";
> }
> }
> $message.= ".\n";
>
> }
> if ($incDesc != 0) {
> $message .= $seperator;
> $message .= shift @numerals;
> $message .= " $description\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> $message .= "$desc\n\n";
> }
> if ($incHist != 0) {
> $message .= $seperator;
> $message .= shift @numerals;
> $message .= " $history\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
> my ($hSec,$hMin,$hHour,$hMday,$hMon,$hYear,$hWday,$hYday,$hIsdst)
> = localtime(time);
> my $hPDDate;
> my $hVNDate;
> my $hVRDate;
> my $hSep;
> $hMon++;
> $hYear+=1900;
>
> if (int rand 2) {
> if (int rand 2) {
> $hPDDate = "$hMday/$hMon/$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVRDate = "$hMday/$hMon/$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVNDate = "$hMday/$hMon/$hYear";
> } else {
> $hPDDate = "$hMday-$hMon-$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVRDate = "$hMday-$hMon-$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVNDate = "$hMday-$hMon-$hYear";
> }
> } else {
> if (int rand 2) {
> $hPDDate = "$hMon/$hMday/$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVNDate = "$hMon/$hMday/$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVRDate = "$hMon/$hMday/$hYear";
> } else {
> $hPDDate = "$hMon-$hMday-$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVNDate = "$hMon-$hMday-$hYear";
> $hMday=int rand 30;
> $hMon--;
> $hVRDate = "$hMon-$hMday-$hYear";
> }
> }
>
> if ($numerRand == 2) {
> $hSep = "[+]";
> } elsif ($numerRand == 3) {
> $hSep = "8==D";
> } elsif ($numerRand == 4) {
> $hSep = "o/";
> } else {
> $hSep = "-";
> }
>
> if (int rand 4) {
> $message.= "$hVNDate $hSep Vendor Notification.\n";
> }
> if (int rand 2) {
> $message.= "$hVRDate $hSep Vendor Reply.\n";
> }
> $message.= "$hPDDate $hSep Public Disclosure.\n";
> }
> if ($incWork != 0) {
> $message .= $seperator;
> $message .= shift @numerals;
> $message .= " $workaround\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> my $backTemp = int rand 3;
> if (int rand 2) {
> $message.= "There ";
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "are ";
> } elsif ($backTemp == 1) {
> $message.= "was ";
> } elsif ($backTemp == 2) {
> if (int rand 2) {
> if (int rand 2) {
> $message.= "has ";
> } else {
> $message.= "had ";
> }
> } else {
> $message.= "has had ";
> }
> $message.= "been ";
> }
> } else {
> $message.= "This ";
> $backTemp = int rand 4;
> if ($backTemp == 0) {
> $message.= "issue ";
> } elsif ($backTemp == 1) {
> $message.= "vulnerability ";
> } elsif ($backTemp == 2) {
> $message.= "problem ";
> } elsif ($backTemp == 3) {
> $message.= "advisory ";
> }
> if (int rand 2) {
> $message.= "has ";
> } else {
> $message.= "had ";
> }
>
> }
> $message.= "no "; #entropy 'plenty' ? entropy 'fuckton' ?
> if (int rand 2) {
> $message.= "identified ";
> }
> $message.= "workarounds";# Could be end.
>
> if (int rand 2) { #continue
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= " for ";
> } elsif ($backTemp == 1) {
> $message.= " on ";
> } elsif ($backTemp == 2) {
> $message.= " regarding ";
> }
>
> if (int rand 2) {
> $message.= "this ";
> } else {
> $message.= "the ";
> }
>
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "issue";
> } elsif ($backTemp == 1) {
> $message.= "vulnerability";
> } elsif ($backTemp == 2) {
> $message.= "problem";
> }
>
> $backTemp = int rand 4;
> if ($backTemp == 0) {
> $message.= " at hand";
> } elsif ($backTemp == 1) {
> $message.= " indentified";
> } elsif ($backTemp == 2) {
> $message.= " in question";
> }
> }
> $message.= ".\n";
> }
> if ($incVR != 0) {
> $message .= $seperator;
> $message .= shift @numerals;
> $message .= " $vendor_response\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> my $backTemp = int rand 3;
> if (int rand 2) {
> $message.= "$product ";
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "is ";
> } elsif ($backTemp == 1) {
> $message.= "was ";
> } elsif ($backTemp == 2) {
> if (int rand 2) {
> if (int rand 2) {
> $message.= "has ";
> } else {
> $message.= "had ";
> }
> } else {
> $message.= "has had ";
> }
> }
> } else {
> $message.= "$product ";
> if (int rand 2) {
> $message.= "has ";
> } else {
> $message.= "had ";
> }
>
> }
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "offered ";
> } elsif ($backTemp == 1) {
> $message.= "extended ";
> } elsif ($backTemp == 2) {
> $message.= "presented ";
> }
> $message.= "no "; #entropy 'plenty' ? entropy 'fuckton' ?
> if (int rand 2) {
> $message.= "identified ";
> }
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "information";
> } elsif ($backTemp == 1) {
> $message.= "commentary";
> } elsif ($backTemp == 2) {
> $message.= "explanation";
> }
> if (int rand 2) { #continue
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= " on ";
> } elsif ($backTemp == 1) {
> $message.= " about ";
> } elsif ($backTemp == 2) {
> $message.= " regarding ";
> }
>
> if (int rand 2) {
> $message.= "this ";
> } else {
> $message.= "the ";
> }
>
> $backTemp = int rand 3;
> if ($backTemp == 0) {
> $message.= "issue";
> } elsif ($backTemp == 1) {
> $message.= "vulnerability";
> } elsif ($backTemp == 2) {
> $message.= "problem";
> }
>
> $backTemp = int rand 4;
> if ($backTemp == 0) {
> $message.= " at hand";
> } elsif ($backTemp == 1) {
> $message.= " indentified";
> } elsif ($backTemp == 2) {
> $message.= " in question";
> }
> }
> $message.= ".\n";
>
> }
> if ($incCVE != 0) {
> $message .= $seperator;
> $message .= shift @numerals;
> $message .= " $cve_information\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> $message .= "The Common Vulnerabilities and Exposures (CVE)
> project has assigned the name CVE-2006-$cvenum to this issue\n\n";
> }
> if ($incApA != 0) {
> $message .= $seperator;
> $message .= "$appendix_a\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> $message .= "$URL\n\n";
> if ($incApB != 0) {
> $message .= $seperator;
> $message .= "$appendix_b\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> $message .= "RFC ";
> $message .= int rand 10000;
> }
> }
> if ($incCont != 0) {
> $message .= "\n\n";
> $message .= $seperator;
> $message .= "$contact\n";
>
> if ($incSep2 != 0) {
> $message .= $seperator;
> }
>
> $message .= "$name $contMail\n";
> $message .= "$randCerts\n\n\n";
> }
> return $message;
> }
> --END lol.pl
>
> That only generates and e-mail and prints it, add a mail() function for
> extra phun!
>
> Warmest Regards,
>
> -Bob
> Ban Haus Securities, Inc.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
--
smile tomorrow will be worse
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060318/f10777da/attachment.html
Powered by blists - more mailing lists